NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月1日4:12

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
1	6.3	MEDIUM ネットワーク	-	-	A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp… New	CWE-119 CWE-122 バッファエラーヒープオーバーフロー	CVE-2026-10194	2026-06-1 02:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

2	6.3	MEDIUM ネットワーク	-	-	A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the c… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10193	2026-06-1 02:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

3	8.8	HIGH ネットワーク	-	-	A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based bu… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10192	2026-06-1 02:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

4	8.8	HIGH ネットワーク	-	-	A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin/httpd. This manipulation of the argument wifiMacFilterSet.macList.mac causes s… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10191	2026-06-1 01:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

5	6.5	MEDIUM ネットワーク	-	-	A vulnerability was found in Tenda W12 3.0.0.7(4763). This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the arg… New	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-10190	2026-06-1 01:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

6	8.8	HIGH ネットワーク	-	-	A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based … New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10189	2026-06-1 01:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

7	8.8	HIGH ネットワーク	-	-	A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overfl… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10188	2026-06-1 00:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

8	9.8	CRITICAL ネットワーク	-	-	A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Perfo… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10187	2026-06-1 00:16	2026-06-1	表示	GitHub Exploit DB Packet Storm

9	7.3	HIGH ネットワーク	-	-	A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulati… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10186	2026-05-31 23:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

10	7.3	HIGH ネットワーク	-	-	A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argum… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10185	2026-05-31 23:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

11	7.3	HIGH ネットワーク	-	-	A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of th… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10184	2026-05-31 23:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

12	8.8	HIGH ネットワーク	-	-	A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-base… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10183	2026-05-31 23:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

13	6.3	MEDIUM ネットワーク	-	-	A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee … New	CWE-74 CWE-77 インジェクションコマンドインジェクション	CVE-2026-10182	2026-05-31 23:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

14	8.1	HIGH ネットワーク	-	-	OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable… New	CWE-89 SQLインジェクション	CVE-2026-49490	2026-05-31 22:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

15	8.5	HIGH ネットワーク	-	-	OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can in… New	CWE-89 SQLインジェクション	CVE-2026-49489	2026-05-31 22:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

16	8.8	HIGH ネットワーク	-	-	A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results … New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10181	2026-05-31 22:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

17	6.3	MEDIUM ネットワーク	-	-	A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection.… New	CWE-74 CWE-77 インジェクションコマンドインジェクション	CVE-2026-10180	2026-05-31 21:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

18	8.8	HIGH ネットワーク	-	-	A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10179	2026-05-31 20:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

19	7.3	HIGH ネットワーク	-	-	A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID res… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10178	2026-05-31 20:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

20	6.3	MEDIUM ネットワーク	-	-	A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file api_docs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads … New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-10177	2026-05-31 20:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

21	6.3	MEDIUM ネットワーク	-	-	A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injec… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10176	2026-05-31 19:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

22	6.3	MEDIUM ネットワーク	-	-	A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editor_coder.run of the file auth.py of the component Architect Mode. Performing a manipul… New	CWE-74 CWE-94 インジェクションコード・インジェクション	CVE-2026-10175	2026-05-31 18:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

23	6.3	MEDIUM ネットワーク	-	-	A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-comm… New	CWE-693 保護メカニズムの不具合	CVE-2026-10174	2026-05-31 18:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

24	4.3	MEDIUM ネットワーク	-	-	A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. Th… New	CWE-79 CWE-94 クロスサイト・スクリプティング（XSS）コード・インジェクション	CVE-2026-10173	2026-05-31 17:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

25	6.3	MEDIUM ネットワーク	-	-	A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php… New	CWE-284 CWE-434 不適切なアクセス制御危険なタイプのファイルの無制限アップロード	CVE-2026-10172	2026-05-31 17:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

26	4.7	MEDIUM ネットワーク	-	-	A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to … New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10171	2026-05-31 16:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

27	6.3	MEDIUM ネットワーク	-	-	A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone_0.php. This manipulation of the argument phone ca… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10170	2026-05-31 16:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

28	3.7	LOW ネットワーク	-	-	A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax_forgot_pa… New	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2026-10169	2026-05-31 14:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

29	6.3	MEDIUM ネットワーク	-	-	A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file appl… New	CWE-99 リソースの挿入	CVE-2026-10168	2026-05-31 14:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

30	7.3	HIGH ネットワーク	-	-	A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function sign_auth_cookie of the file appl… New	CWE-287 不適切な認証	CVE-2026-10167	2026-05-31 14:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

31	5.3	MEDIUM ネットワーク	-	-	The Advanced Custom Fields (ACF®) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.8.1. This is due to the plugin not properly verifying that a user … New	CWE-862 認証の欠如	CVE-2026-8382	2026-05-31 13:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

32	6.3	MEDIUM ネットワーク	-	-	A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of t… New	CWE-74 CWE-77 インジェクションコマンドインジェクション	CVE-2026-10166	2026-05-31 13:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

33	8.8	HIGH ネットワーク	-	-	A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manip… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10165	2026-05-31 13:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

34	8.8	HIGH ネットワーク	-	-	A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument Sh… New	CWE-119 CWE-120 バッファエラー古典的バッファオーバーフロー	CVE-2026-10164	2026-05-31 13:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

35	8.8	HIGH ネットワーク	-	-	A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of t… New	CWE-119 CWE-120 バッファエラー古典的バッファオーバーフロー	CVE-2026-10163	2026-05-31 13:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

36	8.8	HIGH ネットワーク	-	-	A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10162	2026-05-31 12:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

37	8.8	HIGH ネットワーク	-	-	A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status_stat… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10161	2026-05-31 12:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

38	8.8	HIGH ネットワーク	-	-	A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10160	2026-05-31 12:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

39	8.8	HIGH ネットワーク	-	-	A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10159	2026-05-31 11:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

40	8.8	HIGH ネットワーク	-	-	A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server_name results in stack-b… New	CWE-119 CWE-121 バッファエラースタックオーバーフロー	CVE-2026-10158	2026-05-31 11:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

41	7.3	HIGH ネットワーク	-	-	A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation le… New	CWE-287 不適切な認証	CVE-2026-10157	2026-05-31 11:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

42	4.3	MEDIUM ネットワーク	-	-	A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulatio… New	CWE-400 CWE-404 リソースの枯渇リソースの不適切なシャットダウンおよびリリース	CVE-2026-10156	2026-05-31 09:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

43	4.7	MEDIUM ネットワーク	-	-	A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accou… New	CWE-74 CWE-89 インジェクション SQLインジェクション	CVE-2026-10155	2026-05-31 09:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

44	4.3	MEDIUM ネットワーク	-	-	A vulnerability has been found in Dolibarr ERP CRM 23.0.0/23.0.1/23.0.2. The affected element is an unknown function of the file htdocs/user/messaging.php. Such manipulation of the argument ID leads … New	CWE-285 CWE-639 不適切な認可ユーザ制御の鍵による認証回避	CVE-2026-10154	2026-05-31 09:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

45	4.3	MEDIUM ネットワーク	-	-	A flaw has been found in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is the function Search of the file org/springframework/cache/support/AbstractCacheManager.java. Th… New	CWE-79 CWE-94 クロスサイト・スクリプティング（XSS）コード・インジェクション	CVE-2026-10153	2026-05-31 07:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

46	6.3	MEDIUM ネットワーク	-	-	A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.ja… New	CWE-266 CWE-284 不適切な権限設定不適切なアクセス制御	CVE-2026-10152	2026-05-31 05:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

47	7.3	HIGH ネットワーク	-	-	Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc. Update	CWE-122 ヒープオーバーフロー	CVE-2025-70103	2026-05-31 05:16	2026-05-28	表示	GitHub Exploit DB Packet Storm

48	6.3	MEDIUM ネットワーク	-	-	A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the … New	CWE-74 CWE-77 インジェクションコマンドインジェクション	CVE-2026-10127	2026-05-31 02:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

49	8.8	HIGH ネットワーク	-	-	A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the… New	CWE-119 CWE-120 バッファエラー古典的バッファオーバーフロー	CVE-2026-10126	2026-05-31 02:16	2026-05-31	表示	GitHub Exploit DB Packet Storm

50	-	-	-	-	Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters (such… New	CWE-405 CWE-407 非対称のリソース消費に関する脆弱性アルゴリズムの複雑性	CVE-2026-8594	2026-05-31 01:17	2026-05-31	表示	GitHub Exploit DB Packet Storm