Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1181 7 重要
Local 		VMware VMware Fusion VMwareのVMware FusionにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-41702 2026-05-20 13:31 2026-05-15 Show GitHub Exploit DB Packet Storm
1182 4.3 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-42006 2026-05-20 13:31 2026-05-12 Show GitHub Exploit DB Packet Storm
1183 4.3 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42051 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
1184 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42069 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
1185 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける複数の脆弱性 CWE-862
CWE-863
CVE-2026-42137 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
1186 7.8 重要
Local 		Nullsoft Nullsoft Scriptable Install System NullsoftのNullsoft Scriptable Install Systemにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2026-42171 2026-05-20 13:30 2026-04-24 Show GitHub Exploit DB Packet Storm
1187 4.3 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42174 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
1188 7.5 重要
Network 		OpenBao OpenBao OpenBaoにおける保存または転送前の重要な情報の削除に関する脆弱性 CWE-212
保存または転送前の重要な情報の不適切な削除 		CVE-2026-42186 2026-05-20 13:30 2026-05-14 Show GitHub Exploit DB Packet Storm
1189 7.5 重要
Network 		Ruby-lang.org Net::IMAP Ruby-lang.orgのNet::IMAPにおけるアルゴリズムの複雑さに関する脆弱性 CWE-407
アルゴリズムの複雑性 		CVE-2026-42245 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
1190 7.4 重要
Network 		Ruby-lang.org Net::IMAP Ruby-lang.orgのNet::IMAPにおける複数の脆弱性 CWE-392
CWE-393
CWE-636
CWE-754
CWE-841
CVE-2026-42246 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311211 7.3 HIGH
Network 		- - Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network. CWE-302
 Authentication Bypass by Assumed-Immutable Data 		CVE-2024-49056 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311212 - - - Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. - CVE-2024-21976 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311213 - - - Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. - CVE-2024-21958 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311214 - - - Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. - CVE-2024-21957 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311215 - - - Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. - CVE-2024-21946 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311216 - - - Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. - CVE-2024-21945 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311217 - - - Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary … - CVE-2024-21939 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311218 - - - Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation… - CVE-2024-21938 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311219 - - - Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. - CVE-2024-21937 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm
311220 - - - A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an unknown part of the file /dede/uploads/dede/friendlink_add.php. The manipulation of the argument logoimg l… CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-11138 2024-11-14 02:01 2024-11-13 Show GitHub Exploit DB Packet Storm