NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月12日4:20

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
651	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47942	2026-06-10 23:57	2026-06-10	表示	GitHub Exploit DB Packet Storm

652	6.1	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Redirect (Open Redirect) vulnerability that could lead to account takeover. An attacker could constr… New	CWE-601 オープンリダイレクト	CVE-2026-47991	2026-06-10 23:56	2026-06-10	表示	GitHub Exploit DB Packet Storm

653	7.5	HIGH ネットワーク	crux	protocol\	Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large serv… Update	CWE-409 高圧縮データの不適切な処理 (データ増幅)	CVE-2026-10725	2026-06-10 23:56	2026-06-6	表示	GitHub Exploit DB Packet Storm

654	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47993	2026-06-10 23:56	2026-06-10	表示	GitHub Exploit DB Packet Storm

655	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48250	2026-06-10 23:55	2026-06-10	表示	GitHub Exploit DB Packet Storm

656	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48251	2026-06-10 23:54	2026-06-10	表示	GitHub Exploit DB Packet Storm

657	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47943	2026-06-10 23:52	2026-06-10	表示	GitHub Exploit DB Packet Storm

658	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48256	2026-06-10 23:50	2026-06-10	表示	GitHub Exploit DB Packet Storm

659	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48258	2026-06-10 23:50	2026-06-10	表示	GitHub Exploit DB Packet Storm

660	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48264	2026-06-10 23:50	2026-06-10	表示	GitHub Exploit DB Packet Storm

661	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48265	2026-06-10 23:49	2026-06-10	表示	GitHub Exploit DB Packet Storm

662	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48266	2026-06-10 23:49	2026-06-10	表示	GitHub Exploit DB Packet Storm

663	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48268	2026-06-10 23:49	2026-06-10	表示	GitHub Exploit DB Packet Storm

664	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48271	2026-06-10 23:48	2026-06-10	表示	GitHub Exploit DB Packet Storm

665	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48280	2026-06-10 23:48	2026-06-10	表示	GitHub Exploit DB Packet Storm

666	3.5	LOW ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged atta… New	CWE-20 不適切な入力確認	CVE-2026-48288	2026-06-10 23:48	2026-06-10	表示	GitHub Exploit DB Packet Storm

667	3.5	LOW ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged atta… New	CWE-20 不適切な入力確認	CVE-2026-48289	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

668	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48297	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

669	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48299	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

670	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48300	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

671	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48301	2026-06-10 23:46	2026-06-10	表示	GitHub Exploit DB Packet Storm

672	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48304	2026-06-10 23:45	2026-06-10	表示	GitHub Exploit DB Packet Storm

673	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47974	2026-06-10 23:33	2026-06-10	表示	GitHub Exploit DB Packet Storm

674	7.3	HIGH ネットワーク	-	-	Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted New	CWE-295 不正な証明書検証	CVE-2026-9758	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

675	-	-	-	-	Jenkins 2.483 through 2.567 (both inclusive), LTS 2.492.1 through 2.555.2 (both inclusive) does not escape the user-provided description of a generic offline cause that could be set through the `POST… New	-	CVE-2026-53441	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

676	8.8	HIGH ネットワーク	-	-	Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate() that allows any user with a valid CA-signed certificate to impersonate other users by pres… New	CWE-347 デジタル署名の不適切な検証	CVE-2026-52754	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

677	8.8	HIGH ネットワーク	-	-	Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a maliciou… New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-52751	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

678	7.8	HIGH ローカル	-	-	Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands und… New	CWE-88 引数の挿入または変更	CVE-2026-52750	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

679	7.7	HIGH ネットワーク	-	-	Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the… New	CWE-22 パス・トラバーサル	CVE-2026-49957	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

680	8.8	HIGH ネットワーク	-	-	Ghidra 11.0 before 12.1 contains a SQL injection vulnerability in the changePassword() method of PostgresFunctionDatabase that fails to escape double quotes in usernames interpolated into ALTER ROLE … New	CWE-89 SQLインジェクション	CVE-2026-49498	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

681	3.3	LOW ローカル	-	-	Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnu_debuglink sections before constructing file paths. Attacke… New	CWE-22 パス・トラバーサル	CVE-2026-49497	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

682	5.4	MEDIUM ネットワーク	-	-	Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP user… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47106	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

683	7.8	HIGH ローカル	-	-	LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trust_remote_c… New	CWE-94 コード・インジェクション	CVE-2026-46432	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

684	-	-	-	-	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu… New	CWE-20 不適切な入力確認	CVE-2026-0415	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

685	-	-	-	-	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu… New	CWE-94 コード・インジェクション	CVE-2026-0414	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

686	7.5	HIGH ネットワーク	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attack… New	CWE-835 無限ループ	CVE-2025-71330	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

687	7.5	HIGH ネットワーク	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-… New	CWE-835 無限ループ	CVE-2025-71329	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

688	7.5	HIGH ネットワーク	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-… New	CWE-835 無限ループ	CVE-2025-71319	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

689	2.9	LOW ローカル	-	-	Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability s… New	CWE-758 未定義、未指定、または実装定義の動作への依存	CVE-2024-58350	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

690	6.1	MEDIUM ネットワーク	apache	answer	Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization … Update	CWE-359 認可されていないアクターへの個人情報の漏えい	CVE-2026-25699	2026-06-10 22:38	2026-06-9	表示	GitHub Exploit DB Packet Storm

691	6.5	MEDIUM ネットワーク	apache	answer	Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation durin… Update	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-33582	2026-06-10 22:37	2026-06-9	表示	GitHub Exploit DB Packet Storm

692	6.5	MEDIUM ネットワーク	apache	answer	Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied image URLs, a… Update	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-34031	2026-06-10 22:28	2026-06-9	表示	GitHub Exploit DB Packet Storm

693	6.5	MEDIUM ネットワーク	apache	answer	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access rest… Update	CWE-200 情報漏えい	CVE-2026-34905	2026-06-10 22:28	2026-06-9	表示	GitHub Exploit DB Packet Storm

694	6.1	MEDIUM ネットワーク	apache	answer	Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. AI-generated response content was rendered in the browser without pr… Update	CWE-87 代替 XSS 構文の不適切な無効化	CVE-2026-25688	2026-06-10 22:12	2026-06-9	表示	GitHub Exploit DB Packet Storm

695	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47989	2026-06-10 22:08	2026-06-10	表示	GitHub Exploit DB Packet Storm

696	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47987	2026-06-10 22:08	2026-06-10	表示	GitHub Exploit DB Packet Storm

697	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47986	2026-06-10 22:08	2026-06-10	表示	GitHub Exploit DB Packet Storm

698	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47985	2026-06-10 22:08	2026-06-10	表示	GitHub Exploit DB Packet Storm

699	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47983	2026-06-10 22:08	2026-06-10	表示	GitHub Exploit DB Packet Storm

700	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47982	2026-06-10 22:08	2026-06-10	表示	GitHub Exploit DB Packet Storm