Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4241 7.3 重要
Network 		yeti-platform yeti yeti-platformのyetiにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2024-46507 2026-05-11 11:13 2026-05-8 Show GitHub Exploit DB Packet Storm
4242 7.5 重要
Network 		yeti-platform yeti yeti-platformのyetiにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2024-46508 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
4243 9.8 緊急
Network 		Frappe ERPNext FrappeのERPNextにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-38431 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
4244 6.1 警告
Network 		Frappe ERPNext FrappeのERPNextにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-38432 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
4245 9.1 緊急
Network 		CHORNY Apache::Session CHORNYのApache::Sessionにおける有効期限後または解放後のリソースの操作に関する脆弱性 CWE-672
有効期限後または解放後のリソースの操作 		CVE-2013-10075 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
4246 9.8 緊急
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける複数の脆弱性 CWE-502
CWE-918
CVE-2026-34084 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
4247 5.4 警告
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-35453 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
4248 9.1 緊急
Network 		Zcash Foundation Zebra-script
Zebrad 		Zcash FoundationのZebra-script等の複数製品における呼び出し元による仕様の不適切な準拠に関する脆弱性 CWE-573
呼び出し元による仕様の不適切な準拠 		CVE-2026-41583 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
4249 6.5 警告
Network 		Zcash Foundation zebra-rpc
Zebrad 		Zcash Foundationのzebra-rpc等の複数製品における複数の脆弱性 CWE-248
CWE-617
CVE-2026-41585 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
4250 9.1 緊急
Network 		Zcash Foundation Zebra-script
Zebrad 		Zcash FoundationのZebra-script等の複数製品におけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-44497 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
991 - - - An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. CWE-20
 Improper Input Validation  		CVE-2026-9211 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm
992 - - - Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu… CWE-20
 Improper Input Validation  		CVE-2026-9210 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm
993 7.5 HIGH
Network 		securly securly Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes). CWE-407
 Inefficient Algorithmic Complexity 		CVE-2026-8889 2026-06-11 04:16 2026-06-4 Show GitHub Exploit DB Packet Storm
994 - - - tarfile.data_filter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. T… CWE-22
Path Traversal 		CVE-2026-7774 2026-06-11 04:16 2026-06-5 Show GitHub Exploit DB Packet Storm
995 - - - Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests. CWE-787
 Out-of-bounds Write 		CVE-2026-3088 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm
996 7.5 HIGH
Network 		- - Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindIndex parameter of the formIPMacBindDel function. This vulnerability allows attacker… CWE-120
Classic Buffer Overflow 		CVE-2026-36800 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm
997 7.5 HIGH
Network 		- - Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the wl_radio parameter of the formWifiRadioSet function. This vulnerability al… CWE-121
Stack-based Buffer Overflow 		CVE-2026-36792 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm
998 7.5 HIGH
Network 		- - Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows att… CWE-121
Stack-based Buffer Overflow 		CVE-2026-36784 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm
999 7.5 HIGH
Network 		- - Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain multiple stack overflows in the fromVirtualSer function via the puVar2, puVar1, __s2, __s1_00, and… CWE-121
Stack-based Buffer Overflow 		CVE-2026-36779 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1000 9.1 CRITICAL
Network 		- - An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token. CWE-287
Improper Authentication 		CVE-2026-36727 2026-06-11 04:16 2026-06-10 Show GitHub Exploit DB Packet Storm