Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4181	8.8	重要 Network	AGiXT	AGiXT	AGiXTにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-39981	2026-05-15 10:54	2026-04-9	Show	GitHub Exploit DB Packet Storm

4182	7.5	重要 Network	Succinct	SP1	SuccinctのSP1における複数の脆弱性	CWE-345 CWE-354	CVE-2026-40323	2026-05-15 10:54	2026-04-18	Show	GitHub Exploit DB Packet Storm

4183	8.8	重要 Network	Electric	Sync-service	ElectricのSync-serviceにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-40906	2026-05-15 10:54	2026-04-21	Show	GitHub Exploit DB Packet Storm

4184	6.5	警告 Network	Apache Software Foundation	Apache-airflow-providers-elasticsearch	Apache Software FoundationのApache-airflow-providers-elasticsearchにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-41018	2026-05-15 10:54	2026-05-11	Show	GitHub Exploit DB Packet Storm

4185	6.5	警告 Network	BETTER-AUTH.	Better Auth OAuth Provider	BETTER-AUTH.のBetter Auth OAuth Providerにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41427	2026-05-15 10:54	2026-04-24	Show	GitHub Exploit DB Packet Storm

4186	8.6	重要 Network	Inngest	Inngest	Inngestにおける複数の脆弱性	CWE-200 CWE-497	CVE-2026-42047	2026-05-15 10:54	2026-05-7	Show	GitHub Exploit DB Packet Storm

4187	8.5	重要 Network	Open edX	Open edx Enterprise Service	Open edXのOpen edx Enterprise Serviceにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42860	2026-05-15 10:54	2026-05-11	Show	GitHub Exploit DB Packet Storm

4188	6.5	警告 Network	Apache Software Foundation	Apache-airflow-providers-opensearch	Apache Software FoundationのApache-airflow-providers-opensearchにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-43826	2026-05-15 10:54	2026-05-11	Show	GitHub Exploit DB Packet Storm

4189	6.8	警告 Network	Bpple (bx33661)	Wireshark MCP	Bpple (bx33661)のWireshark MCPにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-43901	2026-05-15 10:54	2026-05-11	Show	GitHub Exploit DB Packet Storm

4190	7.2	重要 Network	アルバネットワークス株式会社	SD-WAN ArubaOS	アルバネットワークス株式会社のArubaOS等の複数製品におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-44872	2026-05-15 10:54	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2081	9.1	CRITICAL Network	-	-	Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after aut…	CWE-384 Session Fixation	CVE-2009-10007	2026-06-10 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

2082	9.1	CRITICAL Network	apache	http_server	A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. User…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2026-42535	2026-06-10 01:00	2026-06-9	Show	GitHub Exploit DB Packet Storm

2083	7.5	HIGH Network	apache	http_server	Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are re…	CWE-122 Heap-based Buffer Overflow	CVE-2026-42536	2026-06-10 00:55	2026-06-9	Show	GitHub Exploit DB Packet Storm

2084	4.3	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HT…	CWE-20 CWE-451 Improper Input Validation User Interface (UI) Misrepresentation of Critical Information	CVE-2026-11286	2026-06-10 00:42	2026-06-5	Show	GitHub Exploit DB Packet Storm

2085	4.3	MEDIUM Network	google	chrome	Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Lo…	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-11285	2026-06-10 00:37	2026-06-5	Show	GitHub Exploit DB Packet Storm

2086	6.5	MEDIUM Network	google	chrome	Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: L…	CWE-1300 CWE-203 Improper Protection of Physical Side Channels Information Exposure Through Discrepancy	CVE-2026-11284	2026-06-10 00:27	2026-06-5	Show	GitHub Exploit DB Packet Storm

2087	9.6	CRITICAL Network	google	chrome	Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi…	CWE-693 Protection Mechanism Failure	CVE-2026-11282	2026-06-10 00:26	2026-06-5	Show	GitHub Exploit DB Packet Storm

2088	-		-	-	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attac…	CWE-328 Use of Weak Hash	CVE-2026-48488	2026-06-10 00:25	2026-06-9	Show	GitHub Exploit DB Packet Storm

2089	5.5	MEDIUM Local	-	-	fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service mode …	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-45581	2026-06-10 00:25	2026-06-9	Show	GitHub Exploit DB Packet Storm

2090	8.3	HIGH Network	-	-	OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TEST_CONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST …	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-46481	2026-06-10 00:25	2026-06-9	Show	GitHub Exploit DB Packet Storm