Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1131	6.8	警告 Physics	マイクロソフト	Microsoft Windows 11 24h2 Microsoft Windows 11 25h2 Microsoft Windows Server 2025 Microsoft Windows 11 26h1	Windows BitLocker Security Feature Bypass Vulnerability	CWE-77 コマンドインジェクション	CVE-2026-45585	2026-05-22 10:52	2026-05-20	Show	GitHub Exploit DB Packet Storm

1132	5.5	警告 Local	GNU Project レッドハット	Red Hat OpenShift Container Platform Red Hat Enterprise Linux nano	GNU Project等の複数ベンダの製品における書式文字列に関する脆弱性	CWE-134 書式文字列の問題	CVE-2026-6843	2026-05-22 10:52	2026-04-22	Show	GitHub Exploit DB Packet Storm

1133	5.5	警告 Local	GNU Project レッドハット	Red Hat Hardened Images Red Hat OpenShift Container Platform Red Hat Enterprise Linux GNU Binutils	GNU Project等の複数ベンダの製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-6844	2026-05-22 10:52	2026-04-22	Show	GitHub Exploit DB Packet Storm

1134	5	警告 Local	GNU Project レッドハット	Red Hat Hardened Images Red Hat OpenShift Container Platform Red Hat Enterprise Linux GNU Binutils	GNU Project等の複数ベンダの製品におけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-6845	2026-05-22 10:52	2026-04-22	Show	GitHub Exploit DB Packet Storm

1135	7.8	重要 Local	GNU Project レッドハット	Red Hat Hardened Images Red Hat OpenShift Container Platform Red Hat Enterprise Linux GNU Binutils	GNU Project等の複数ベンダの製品におけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-6846	2026-05-22 10:52	2026-04-22	Show	GitHub Exploit DB Packet Storm

1136	8.1	重要 Network	レッドハット	Quay	レッドハットのQuayにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-6848	2026-05-22 10:52	2026-04-22	Show	GitHub Exploit DB Packet Storm

1137	7.1	重要 Local	レッドハット	Red Hat Enterprise Linux AI InstructLab	レッドハットのRed Hat Enterprise Linux AI等の複数製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-6855	2026-05-22 10:52	2026-04-22	Show	GitHub Exploit DB Packet Storm

1138	6.5	警告 Adjacent	Mozilla Foundation	Mozilla Firefox	Mozilla FoundationのMozilla Firefoxにおける複数の脆弱性	CWE-200 CWE-306	CVE-2026-8706	2026-05-22 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

1139	3.1	低 Network	EMQX	emqx	EMQXのemqxにおける競合状態に関する脆弱性	CWE-362 競合状態	CVE-2026-8741	2026-05-22 10:52	2026-05-17	Show	GitHub Exploit DB Packet Storm

1140	9.1	緊急 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における過度に許容されるクロスドメインホワイトリストに関する脆弱性	CWE-942 過度に許容されるクロスドメインホワイトリスト	CVE-2026-8948	2026-05-22 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
310931	-		mozilla	firefox thunderbird seamonkey	The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly restrict the set of values contained in the object returned by the getC…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2002-2437	2024-11-21 08:43	2011-12-8	Show	GitHub Exploit DB Packet Storm

310932	-		mozilla	firefox thunderbird seamonkey	The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote…	CWE-200 Information Exposure	CVE-2002-2436	2024-11-21 08:43	2011-12-8	Show	GitHub Exploit DB Packet Storm

310933	-		microsoft	internet_explorer ie	The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive in…	CWE-200 Information Exposure	CVE-2002-2435	2024-11-21 08:43	2011-12-8	Show	GitHub Exploit DB Packet Storm

310934	7.5	HIGH Network	balasys siemens suse f5 hpe stormshield	dheater scalance_w1750d_firmware linux_enterprise_server big-iq_centralized_management traffix_signaling_delivery_controller big-ip_service_proxy big-ip_access_policy_manager big…	The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exp…	CWE-400 Uncontrolled Resource Consumption	CVE-2002-20001	2024-11-21 08:42	2021-11-12	Show	GitHub Exploit DB Packet Storm

310935	-		gehealthcare	entegra_p\&r	GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics p…	CWE-255 Credentials Management	CVE-2001-1594	2024-11-21 08:38	2015-08-4	Show	GitHub Exploit DB Packet Storm

310936	-		gnu	a2ps	The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink atta…	CWE-59 Link Following	CVE-2001-1593	2024-11-21 08:38	2014-04-6	Show	GitHub Exploit DB Packet Storm

310937	7.5	HIGH Network	openssl	openssl	crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection…	CWE-310 Cryptographic Issues	CVE-2000-1254	2024-11-21 08:34	2016-05-5	Show	GitHub Exploit DB Packet Storm

310938	-		apache	jserv	The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensiti…	CWE-16 Configuration	CVE-2000-1247	2024-11-21 08:34	2011-10-5	Show	GitHub Exploit DB Packet Storm

310939	9.8	CRITICAL Network	gnu	glibc	manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dan…	CWE-252 Unchecked Return Value	CVE-1999-0199	2024-11-21 08:28	2020-10-6	Show	GitHub Exploit DB Packet Storm

310940	3.3	LOW Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM…	NVD-CWE-noinfo	CVE-2024-46794	2024-11-21 05:56	2024-09-18	Show	GitHub Exploit DB Packet Storm