Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5181	7.5	重要 Network	Apache Software Foundation	Apache Neethi	Apache Software FoundationのApache Neethiにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-42402	2026-05-7 12:01	2026-05-1	Show	GitHub Exploit DB Packet Storm

5182	7.5	重要 Network	Apache Software Foundation	Apache Neethi	Apache Software FoundationのApache Neethiにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-42403	2026-05-7 12:01	2026-05-1	Show	GitHub Exploit DB Packet Storm

5183	7.2	重要 Network	Apache Software Foundation	Apache Neethi	Apache Software FoundationのApache Neethiにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42404	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

5184	7.1	重要 Local	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)における境界外読み取りに関する脆弱性	CWE-125 CWE-125	CVE-2026-42476	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

5185	7.1	重要 Local	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-42477	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

5186	7.5	重要 Network	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)における複数の脆弱性	CWE-125 CWE-476	CVE-2026-42478	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

5187	5.5	警告 Local	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)における境界外読み取りに関する脆弱性	CWE-125 CWE-125	CVE-2026-42479	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

5188	9.8	緊急 Network	hashcat	hashcat	hashcatにおける複数の脆弱性	CWE-121 CWE-787	CVE-2026-42482	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

5189	9.8	緊急 Network	hashcat	hashcat	hashcatにおける複数の脆弱性	CWE-122 CWE-787	CVE-2026-42483	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

5190	9.8	緊急 Network	hashcat	hashcat	hashcatにおける境界外書き込みに関する脆弱性	CWE-787 CWE-787	CVE-2026-42484	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
91	5.9	MEDIUM Network	-	-	Administrator Cross Site Scripting (XSS) in WP Emmet <= 0.3.4 versions. New	CWE-79 Cross-site Scripting	CVE-2025-15658	2026-06-16 01:16	2026-06-16	Show	GitHub Exploit DB Packet Storm

92	5.3	MEDIUM Network	axios	axios	Axios is a promise based HTTP client for the browser and Node.js. From 1.15.2 to before 1.16.0, nested objects created by utils.merge() (e.g., config.proxy) are still constructed as plain {} with Obj… Update	CWE-113 CWE-1321 HTTP Response Splitting Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-44489	2026-06-16 01:13	2026-06-12	Show	GitHub Exploit DB Packet Storm

93	7.5	HIGH Network	vllm	vllm	vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processi… Update	CWE-400 Uncontrolled Resource Consumption	CVE-2026-5497	2026-06-16 01:11	2026-06-11	Show	GitHub Exploit DB Packet Storm

94	9.8	CRITICAL Network	splunk	splunk	In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through … Update	CWE-306 Missing Authentication for Critical Function	CVE-2026-20253	2026-06-16 00:22	2026-06-11	Show	GitHub Exploit DB Packet Storm

95	10.0	CRITICAL Network	adobe	coldfusion	ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati… Update	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-47928	2026-06-16 00:20	2026-06-10	Show	GitHub Exploit DB Packet Storm

96	9.1	CRITICAL Network	adobe	coldfusion	ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privi… Update	CWE-863 Incorrect Authorization	CVE-2026-47929	2026-06-16 00:18	2026-06-10	Show	GitHub Exploit DB Packet Storm

97	8.1	HIGH Network	adobe	coldfusion	ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage thi… Update	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-47930	2026-06-16 00:18	2026-06-10	Show	GitHub Exploit DB Packet Storm

98	9.9	CRITICAL Network	adobe	coldfusion	ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati… Update	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-47931	2026-06-16 00:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

99	9.6	CRITICAL Network	adobe	coldfusion	ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature… Update	CWE-22 Path Traversal	CVE-2026-47932	2026-06-16 00:12	2026-06-10	Show	GitHub Exploit DB Packet Storm

100	5.4	MEDIUM Network	adobe	coldfusion	ColdFusion versions 2023.19, 2025.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vu… Update	CWE-79 Cross-site Scripting	CVE-2026-47933	2026-06-16 00:11	2026-06-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed