Security assessment and information provision

This site provides information on security and offers web audit tools.

Annoucement Show List

NVD Vulnerability Information NVD Vulnerability Search Top

Update Date":May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date
1	6.3	MEDIUM Network	-	-	A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has b… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-10127	2026-05-31 02:16	2026-05-31
2	8.8	HIGH Network	-	-	A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched remotely. The exploit has b… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-10126	2026-05-31 02:16	2026-05-31
3	-		-	-	Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters (such as VT, FF and others) into segments, but applies the break function to the entire string, not just … New	CWE-405 CWE-407 Asymmetric Resource Consumption (Amplification) Inefficient Algorithmic Complexity	CVE-2026-8594	2026-05-31 01:17	2026-05-31
4	8.8	HIGH Network	-	-	A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack can be initi… New	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-10125	2026-05-31 01:17	2026-05-31
5	8.8	HIGH Network	-	-	A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been pu… New	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-10124	2026-05-31 01:17	2026-05-31
6	8.8	HIGH Network	-	-	A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/blocked_domain_list/permitted_domain_list results in stack-based buffer overflow… New	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-10123	2026-05-31 01:17	2026-05-31
7	8.8	HIGH Network	-	-	A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_name leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has be… New	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-10122	2026-05-31 01:17	2026-05-31
8	8.8	HIGH Network	-	-	A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keyword_list/keyword causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit… New	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-10121	2026-05-31 01:17	2026-05-31
9	7.5	HIGH Network	-	-	WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow conditi… New	CWE-120 Classic Buffer Overflow	CVE-2018-25426	2026-05-31 01:17	2026-05-31
10	8.2	HIGH Network	-	-	Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extract… New	CWE-89 SQL Injection	CVE-2018-25425	2026-05-31 01:17	2026-05-31

JVN Vulnerability Information JVN Vulnerability Search Top

Update Date:May 31, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date
1	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年05月26日） New	-	-	2026-05-29 15:44	2026-05-27
2	-	-	Casbin	Casdoor	Casdoorにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-6815	2026-05-29 15:44	2026-05-27
3	9.8	緊急 Network	nx	Nx Console	nxのNx Consoleにおける埋め込まれた悪意のあるコードに関する脆弱性 New	CWE-506 埋め込まれた悪意のあるコード	CVE-2026-48027	2026-05-29 11:20	2026-05-27
4	9.8	緊急 Network	Jenkins プロジェクト	GitBucket	GitBucketにおける重要な機能に対する認証の欠如に関する脆弱性 New	CWE-306 重要な機能に対する認証の欠如解説	CVE-2018-25332	2026-05-29 11:20	2026-05-17
5	7.5	重要 Network	HACS (Home Assistant Community Store)	HACS (Home Assistant Community Store)	HACS (Home Assistant Community Store)におけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2021-47942	2026-05-29 11:20	2026-05-16
6	7.3	重要 Local	Airbus	TETRA Connectivity Server	AirbusのTETRA Connectivity Serverにおける不適切なデフォルトパーミッションに関する脆弱性 New	CWE-276 不適切なデフォルトパーミッション	CVE-2025-7024	2026-05-29 11:20	2026-04-3
7	7.5	重要 Network	マイクロソフト	Microsoft Global Secure Access (GSA)	Microsoft グローバルセキュアアクセス (GSA) の情報漏えいの脆弱性 New	CWE-269 不適切な権限管理	CVE-2026-23663	2026-05-29 11:20	2026-05-22
8	8.8	重要 Network	マイクロソフト	Azure Privileged Identity Management (PIM)	Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-35430	2026-05-29 11:20	2026-05-22
9	8.8	重要 Network	マイクロソフト	Azure Virtual Network Gateway	Azure Virtual Network Gateway Remote Code Execution Vulnerability New	CWE-20 CWE-noinfo	CVE-2026-40411	2026-05-29 11:20	2026-05-22
10	9.8	緊急 Network	マイクロソフト	Azure Orbital Spatio	Azure Orbital Spatio のリモートでコードが実行される脆弱性 New	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-40412	2026-05-29 11:20	2026-05-22

Version update history excerpt Go To Version Update History

Support Expiration Date Go to Support Expiration Information

Target Period : 2026-03-31 〜 2026-08-30

No	Name	Normal Support	Security Support	Extended Support
1	Ruby 3.2	2026-03-31
2	MySQL 8	2026-04-19
3	Django4.2 LTS	2023-12-31		2026-04-30
4	Red Hat OpenJDK 8 for Windows		2026-05-31
5	Red Hat OpenJDK 8		2026-05-31
6	Java 8 (LTS)		2026-05-31
7	MariaDB 10.6	2026-06-30
8	SQL Server 2016 Service Pack 2	2021-07-13		2026-07-14

Excerpts from security information sites updated in the past two days Go to the Provide Information Site

2026-5-31 JST

media_news

No	Name	URL	Excerpt Of Changes	Tag
1	Ars Technica	https://arstechnica.com/	310,Grifters, cynics, and true believers: The family tree of vaccine opponents,A new book looks into the long history of people who have opposed vaccines.,Diana Gitig,–,5/30/2026,\|,114,Environmentalis ...	English News Foreign Country Blog Site Information Gathering
2	Mashable	https://mashable.com/	Mashable Selects,Gifts for Moms, Dads, and Grads,Say More,The 6 best open earbuds stay put, sound great, and keep us aware of the world,Meta plans to make an AI pendant and more smart glasses soon,Tha ...	English News Foreign Country Blog
3	ScanNetSecurity	https://scan.netsecurity.ne.jp/	2026.05.31（日）,添付ファイル分離メールサーバに第三者からサイバー攻撃、メールアドレスと添付ファイルが漏えいした可能性,エレコム製無線 LAN ルータおよび無線アクセスポイントに複数の脆弱性,取り組むのは「セキュリティの本質的課題」解決～米内貴志が東京大学に通いながら株式会社Flatt Securityの仕事をする理由,PR,法人向けレンタルサーバ「CPI」に DDoS 攻撃,カー用 ...	Japanese News Information Provision

2026-5-30 JST

media_news

No	Image	Name	URL	Excerpt Of Changes	Tag
1		cnet	https://www.cnet.com/	Operating Systems,I Turned Off Phone Notifications for a Week. I'm Not Going Back,I expected missing notifications would cause FOMO. Instead, I realized how much of my focus was hijacked by digital cl ...	English News Foreign Country Blog
2		scmagazine	https://www.scmagazine.com/	AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets,May 29, 2026,Researchers say Russian-speaking group GreyVibe uses AI tools to scale cyberattacks on Ukraine.,How ...	English News Foreign Country Information Provision

blog

No	Image	Name	URL	Excerpt Of Changes	Tag
1		Security hole memo	http://www.st.ryukoku.ac.jp/~kjm/security/memo/	Last modified: Fri May 29 18:05:53 2026,■,2026.05.29,》,「AIはメディア統制国家に好意的」中国の影響、日本にも　37カ国研究が示す”ロンダリング”の広がり,(新聞紙学的, 5/22),》,「AI使用量で勤務評価、競争過熱」アマゾンで”水増し”報道、メタは社内ランキング閉鎖,(新聞紙学的, 5/15),》,「AI使えば速い」は錯覚予測55.7秒 ...	Japanese Celebrated Person Celebrated Person Blog Blog Information Provision Information Provision