Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
6041 5.4 警告
Network 		Weblate Weblate Weblateにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-41519 2026-05-13 10:25 2026-05-7 Show GitHub Exploit DB Packet Storm
6042 7.1 重要
Network 		monetr monetr monetrにおける複数の脆弱性 CWE-209
CWE-770
CWE-918
CWE-918
CVE-2026-41644 2026-05-13 10:25 2026-05-7 Show GitHub Exploit DB Packet Storm
6043 8.1 重要
Network 		Weblate Weblate Weblateにおける複数の脆弱性 CWE-20
CWE-918
CVE-2026-41654 2026-05-13 10:24 2026-05-7 Show GitHub Exploit DB Packet Storm
6044 6.1 警告
Network 		LangGenius Dify LangGeniusのDifyにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42138 2026-05-13 10:24 2026-05-4 Show GitHub Exploit DB Packet Storm
6045 7.5 重要
Network 		Prometheus Prometheus Prometheusにおける複数の脆弱性 CWE-200
CWE-312
CVE-2026-42151 2026-05-13 10:24 2026-05-4 Show GitHub Exploit DB Packet Storm
6046 7.5 重要
Network 		Prometheus Prometheus Prometheusにおける複数の脆弱性 CWE-400
CWE-789
CVE-2026-42154 2026-05-13 10:24 2026-05-4 Show GitHub Exploit DB Packet Storm
6047 8.8 重要
Network 		gitpython project gitpython gitpython projectのgitpythonにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-42215 2026-05-13 10:24 2026-05-7 Show GitHub Exploit DB Packet Storm
6048 7.5 重要
Network 		osrg GoBGP osrgのGoBGPにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-42285 2026-05-13 10:24 2026-05-7 Show GitHub Exploit DB Packet Storm
6049 9.6 緊急
Network 		argoproj argo cd Argo Project AuthorsのArgo CDにおける複数の脆弱性 CWE-200
CWE-212
CVE-2026-42880 2026-05-13 10:24 2026-05-7 Show GitHub Exploit DB Packet Storm
6050 7.5 重要
Network 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-43099 2026-05-13 10:24 2026-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
371 7.8 HIGH
Local 		imagemagick imagemagick ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger acc… New CWE-125
Out-of-bounds Read 		CVE-2026-56370 2026-06-27 06:50 2026-06-24 Show GitHub Exploit DB Packet Storm
372 7.5 HIGH
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, a Denial of Service (DoS) vu… New CWE-400
CWE-1333
 Uncontrolled Resource Consumption
 Inefficient Regular Expression Complexity 		CVE-2026-54268 2026-06-27 06:36 2026-06-23 Show GitHub Exploit DB Packet Storm
373 9.8 CRITICAL
Network 		langflow langflow IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Stream… New CWE-287
NVD-CWE-noinfo
Improper Authentication 		CVE-2026-7664 2026-06-27 06:29 2026-06-23 Show GitHub Exploit DB Packet Storm
374 6.1 MEDIUM
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary J… New CWE-79
Cross-site Scripting 		CVE-2026-8059 2026-06-27 06:27 2026-06-23 Show GitHub Exploit DB Packet Storm
375 7.5 HIGH
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys … New CWE-316
 Cleartext Storage of Sensitive Information in Memory 		CVE-2026-8636 2026-06-27 06:20 2026-06-23 Show GitHub Exploit DB Packet Storm
376 5.3 MEDIUM
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, … New CWE-425
 Direct Request ('Forced Browsing') 		CVE-2026-9610 2026-06-27 06:19 2026-06-23 Show GitHub Exploit DB Packet Storm
377 8.5 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist through DNS rebinding. The outbound fetch flow vali… New CWE-367
CWE-918
 Time-of-check Time-of-use (TOCTOU) Race Condition
Server-Side Request Forgery (SSRF)  		CVE-2026-54353 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm
378 8.2 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution paramete… New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-54351 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm
379 10.0 CRITICAL
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB… New CWE-89
CWE-943
SQL Injection
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-54350 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm
380 - - - Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires (Time-of-Check). However, the… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-52885 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm