NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月11日5:13

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
251	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47950	2026-06-10 23:58	2026-06-10	表示	GitHub Exploit DB Packet Storm

252	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47951	2026-06-10 23:57	2026-06-10	表示	GitHub Exploit DB Packet Storm

253	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47990	2026-06-10 23:57	2026-06-10	表示	GitHub Exploit DB Packet Storm

254	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47942	2026-06-10 23:57	2026-06-10	表示	GitHub Exploit DB Packet Storm

255	6.1	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Redirect (Open Redirect) vulnerability that could lead to account takeover. An attacker could constr… New	CWE-601 オープンリダイレクト	CVE-2026-47991	2026-06-10 23:56	2026-06-10	表示	GitHub Exploit DB Packet Storm

256	7.5	HIGH ネットワーク	crux	protocol\	Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large serv… Update	CWE-409 高圧縮データの不適切な処理 (データ増幅)	CVE-2026-10725	2026-06-10 23:56	2026-06-6	表示	GitHub Exploit DB Packet Storm

257	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47993	2026-06-10 23:56	2026-06-10	表示	GitHub Exploit DB Packet Storm

258	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48250	2026-06-10 23:55	2026-06-10	表示	GitHub Exploit DB Packet Storm

259	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48251	2026-06-10 23:54	2026-06-10	表示	GitHub Exploit DB Packet Storm

260	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47943	2026-06-10 23:52	2026-06-10	表示	GitHub Exploit DB Packet Storm

261	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48256	2026-06-10 23:50	2026-06-10	表示	GitHub Exploit DB Packet Storm

262	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48258	2026-06-10 23:50	2026-06-10	表示	GitHub Exploit DB Packet Storm

263	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48264	2026-06-10 23:50	2026-06-10	表示	GitHub Exploit DB Packet Storm

264	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48265	2026-06-10 23:49	2026-06-10	表示	GitHub Exploit DB Packet Storm

265	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48266	2026-06-10 23:49	2026-06-10	表示	GitHub Exploit DB Packet Storm

266	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48268	2026-06-10 23:49	2026-06-10	表示	GitHub Exploit DB Packet Storm

267	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48271	2026-06-10 23:48	2026-06-10	表示	GitHub Exploit DB Packet Storm

268	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48280	2026-06-10 23:48	2026-06-10	表示	GitHub Exploit DB Packet Storm

269	3.5	LOW ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged atta… New	CWE-20 不適切な入力確認	CVE-2026-48288	2026-06-10 23:48	2026-06-10	表示	GitHub Exploit DB Packet Storm

270	3.5	LOW ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged atta… New	CWE-20 不適切な入力確認	CVE-2026-48289	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

271	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48297	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

272	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48299	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

273	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48300	2026-06-10 23:47	2026-06-10	表示	GitHub Exploit DB Packet Storm

274	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48301	2026-06-10 23:46	2026-06-10	表示	GitHub Exploit DB Packet Storm

275	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48304	2026-06-10 23:45	2026-06-10	表示	GitHub Exploit DB Packet Storm

276	5.4	MEDIUM ネットワーク	adobe	experience_manager	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47974	2026-06-10 23:33	2026-06-10	表示	GitHub Exploit DB Packet Storm

277	7.3	HIGH ネットワーク	-	-	Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted New	CWE-295 不正な証明書検証	CVE-2026-9758	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

278	-	-	-	-	Jenkins 2.483 through 2.567 (both inclusive), LTS 2.492.1 through 2.555.2 (both inclusive) does not escape the user-provided description of a generic offline cause that could be set through the `POST… New	-	CVE-2026-53441	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

279	8.8	HIGH ネットワーク	-	-	Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate() that allows any user with a valid CA-signed certificate to impersonate other users by pres… New	CWE-347 デジタル署名の不適切な検証	CVE-2026-52754	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

280	8.8	HIGH ネットワーク	-	-	Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a maliciou… New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-52751	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

281	7.8	HIGH ローカル	-	-	Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands und… New	CWE-88 引数の挿入または変更	CVE-2026-52750	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

282	7.7	HIGH ネットワーク	-	-	Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the… New	CWE-22 パス・トラバーサル	CVE-2026-49957	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

283	8.8	HIGH ネットワーク	-	-	Ghidra 11.0 before 12.1 contains a SQL injection vulnerability in the changePassword() method of PostgresFunctionDatabase that fails to escape double quotes in usernames interpolated into ALTER ROLE … New	CWE-89 SQLインジェクション	CVE-2026-49498	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

284	3.3	LOW ローカル	-	-	Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnu_debuglink sections before constructing file paths. Attacke… New	CWE-22 パス・トラバーサル	CVE-2026-49497	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

285	5.4	MEDIUM ネットワーク	-	-	Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP user… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-47106	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

286	7.7	HIGH ネットワーク	-	-	OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/… New	CWE-79 CWE-862 クロスサイト・スクリプティング（XSS）認証の欠如	CVE-2026-46518	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

287	7.8	HIGH ローカル	-	-	LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trust_remote_c… New	CWE-94 コード・インジェクション	CVE-2026-46432	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

288	-	-	-	-	An improper implementation of TLS certificate validation vulnerability found in ReadyCloud client app which can allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting prod… New	CWE-325 暗号化処理の不備	CVE-2026-0420	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

289	-	-	-	-	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu… New	CWE-20 不適切な入力確認	CVE-2026-0415	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

290	-	-	-	-	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu… New	CWE-94 コード・インジェクション	CVE-2026-0414	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

291	-	-	-	-	Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router soft… New	CWE-121 スタックオーバーフロー	CVE-2026-0413	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

292	-	-	-	-	An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affe… New	CWE-200 情報漏えい	CVE-2026-0411	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

293	7.5	HIGH ネットワーク	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attack… New	CWE-835 無限ループ	CVE-2025-71330	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

294	7.5	HIGH ネットワーク	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-… New	CWE-835 無限ループ	CVE-2025-71329	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

295	7.5	HIGH ネットワーク	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-… New	CWE-835 無限ループ	CVE-2025-71319	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

296	2.9	LOW ローカル	-	-	Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability s… New	CWE-758 未定義、未指定、または実装定義の動作への依存	CVE-2024-58350	2026-06-10 23:16	2026-06-10	表示	GitHub Exploit DB Packet Storm

297	6.1	MEDIUM ネットワーク	apache	answer	Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization … New	CWE-359 認可されていないアクターへの個人情報の漏えい	CVE-2026-25699	2026-06-10 22:38	2026-06-9	表示	GitHub Exploit DB Packet Storm

298	6.5	MEDIUM ネットワーク	apache	answer	Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation durin… New	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-33582	2026-06-10 22:37	2026-06-9	表示	GitHub Exploit DB Packet Storm

299	6.5	MEDIUM ネットワーク	apache	answer	Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied image URLs, a… New	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-34031	2026-06-10 22:28	2026-06-9	表示	GitHub Exploit DB Packet Storm

300	6.5	MEDIUM ネットワーク	apache	answer	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access rest… New	CWE-200 情報漏えい	CVE-2026-34905	2026-06-10 22:28	2026-06-9	表示	GitHub Exploit DB Packet Storm