Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
133291	9.8	緊急 Network	async-git	async-git	Node.js 用の async-git パッケージにおける OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2021-3190	2021-10-5 17:22	2021-01-21	Show	GitHub Exploit DB Packet Storm

133292	7.5	重要 Network	Debian OpenLDAP Foundation アップル	Debian GNU/Linux Apple Mac OS X OpenLDAP macOS Big Sur	OpenLDAP における整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2020-36228	2021-10-5 17:22	2020-12-16	Show	GitHub Exploit DB Packet Storm

133293	7.5	重要 Network	Debian OpenLDAP Foundation アップル	Debian GNU/Linux Apple Mac OS X OpenLDAP macOS Big Sur	OpenLDAP における無限ループに関する脆弱性	CWE-835 無限ループ	CVE-2020-36227	2021-10-5 17:22	2020-12-20	Show	GitHub Exploit DB Packet Storm

133294	7.5	重要 Network	Debian OpenLDAP Foundation アップル	Debian GNU/Linux Apple Mac OS X OpenLDAP macOS Big Sur	OpenLDAP における脆弱性	CWE-noinfo 情報不足	CVE-2020-36226	2021-10-5 17:22	2020-12-1	Show	GitHub Exploit DB Packet Storm

133295	7.8	重要 Local	FastStone Soft	FastStone Image Viewer	FastStone Image Viewer における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2020-35845	2021-10-5 17:22	2020-12-30	Show	GitHub Exploit DB Packet Storm

133296	7.8	重要 Local	FastStone Soft	FastStone Image Viewer	FastStone Image Viewer における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2020-35844	2021-10-5 17:21	2020-12-30	Show	GitHub Exploit DB Packet Storm

133297	5.5	警告 Local	FastStone Soft	FastStone Image Viewer	FastStone Image Viewer における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2020-35843	2021-10-5 17:21	2020-12-30	Show	GitHub Exploit DB Packet Storm

133298	6.1	警告 Network	MISP project	Malware Information Sharing Platform (MISP)	MISP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-24085	2021-10-5 17:21	2020-07-14	Show	GitHub Exploit DB Packet Storm

133299	7.5	重要 Network	1C Company	1C:Enterprise	1C:Enterprise における認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2021-3131	2021-10-5 17:07	2021-01-13	Show	GitHub Exploit DB Packet Storm

133300	8.1	重要 Network	Open-iSCSI	tcmu-runner	Open-iSCSI tcmu-runner におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2021-3139	2021-10-5 16:57	2021-01-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
321	7.8	HIGH Local	-	-	Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally. New	CWE-284 Improper Access Control	CVE-2026-42829	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

322	7.8	HIGH Local	-	-	Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. New	CWE-126 Buffer Over-read	CVE-2026-42828	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

323	-		-	-	Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Imp… New	CWE-125 Out-of-bounds Read	CVE-2026-42771	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

324	-		-	-	Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which present… New	CWE-325 Missing Required Cryptographic Step	CVE-2026-42770	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

325	-		-	-	Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation inef… New	CWE-295 Improper Certificate Validation	CVE-2026-42769	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

326	-		-	-	Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/… New	CWE-514	CVE-2026-42768	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

327	-		-	-	Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference ca… New	CWE-476 NULL Pointer Dereference	CVE-2026-42767	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

328	-		-	-	Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application … New	CWE-476 NULL Pointer Dereference	CVE-2026-42766	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

329	-		-	-	Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a … New	CWE-476 NULL Pointer Dereference	CVE-2026-42765	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

330	-		-	-	Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer … New	CWE-476 NULL Pointer Dereference	CVE-2026-42764	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed