Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1291	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2026-23470	2026-05-28 14:43	2026-04-3	Show	GitHub Exploit DB Packet Storm

1292	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける無限ループに関する脆弱性	CWE-835 無限ループ	CVE-2026-23472	2026-05-28 14:43	2026-04-3	Show	GitHub Exploit DB Packet Storm

1293	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-23474	2026-05-28 14:43	2026-04-3	Show	GitHub Exploit DB Packet Storm

1294	8.1	重要 Network	NVIDIA	NVIDIA DGX OS	NVIDIAのNVIDIA DGX OSにおけるハードコードされた暗号鍵の使用に関する脆弱性	CWE-321 ハードコードされた暗号鍵の使用	CVE-2026-24218	2026-05-28 14:43	2026-05-20	Show	GitHub Exploit DB Packet Storm

1295	7.5	重要 Network	Fleet Device Management	fleet	Fleet Device Managementのfleetにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-24899	2026-05-28 14:43	2026-05-14	Show	GitHub Exploit DB Packet Storm

1296	9.6	緊急 Network	lfprojects	mlflow	lfprojectsのmlflowにおける同一生成元ポリシー違反に関する脆弱性	CWE-346 同一生成元ポリシー違反	CVE-2026-2611	2026-05-28 14:43	2026-05-19	Show	GitHub Exploit DB Packet Storm

1297	5.4	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-28735	2026-05-28 14:43	2026-05-22	Show	GitHub Exploit DB Packet Storm

1298	6.5	警告 Network	OpenPLC Project	OpenPLC_v3 ファームウェア	OpenPLC ProjectのOpenPLC_v3 ファームウェアにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-31156	2026-05-28 14:42	2026-05-13	Show	GitHub Exploit DB Packet Storm

1299	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2026-31390	2026-05-28 14:42	2026-04-3	Show	GitHub Exploit DB Packet Storm

1300	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-Other その他	CVE-2026-31391	2026-05-28 14:42	2026-04-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311041	-		punbb	punbb	Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail.	CWE-79 Cross-site Scripting	CVE-2009-4894	2024-11-21 10:10	2010-06-15	Show	GitHub Exploit DB Packet Storm

311042	-		unrealircd	unrealircd	Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when allow::options::noident is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via un…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-4893	2024-11-21 10:10	2010-06-15	Show	GitHub Exploit DB Packet Storm

311043	6.5	MEDIUM Network	apache	juddi	The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.	CWE-116 Improper Encoding or Escaping of Output	CVE-2009-4267	2024-11-21 10:09	2018-02-20	Show	GitHub Exploit DB Packet Storm

311044	-		redhat	network_satellite_server spacewalk-java	Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 an…	CWE-352 Origin Validation Error	CVE-2009-4139	2024-11-21 10:09	2011-07-27	Show	GitHub Exploit DB Packet Storm

311045	-		apache	derby	The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, whic…	CWE-310 Cryptographic Issues	CVE-2009-4269	2024-11-21 10:09	2010-08-17	Show	GitHub Exploit DB Packet Storm

311046	7.5	HIGH Network	jruby	jruby-openssl	The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation.	CWE-295 Improper Certificate Validation	CVE-2009-4123	2024-11-21 10:08	2023-12-13	Show	GitHub Exploit DB Packet Storm

311047	7.8	HIGH Local	gnome ytnef_project	evolution ytnef	Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to…	-	CVE-2009-3721	2024-11-21 10:08	2021-05-27	Show	GitHub Exploit DB Packet Storm

311048	6.8	MEDIUM Physics	linux redhat	linux_kernel enterprise_linux	Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of…	CWE-120 Classic Buffer Overflow	CVE-2009-4067	2024-11-21 10:08	2020-02-12	Show	GitHub Exploit DB Packet Storm

311049	6.1	MEDIUM Network	python-markdown2_project	python-markdown2	python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues.	CWE-79 Cross-site Scripting	CVE-2009-3724	2024-11-21 10:08	2020-01-16	Show	GitHub Exploit DB Packet Storm

311050	8.1	HIGH Network	dtc-xen_project	dtc-xen	dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS con…	CWE-362 Race Condition	CVE-2009-4011	2024-11-21 10:08	2019-11-9	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed