Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 4:07 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
133331 5.3 警告
Network 		lazy-init project lazy-init RUST 用 lazy-init crate における境界外読み取りに関する脆弱性 CWE-125
CWE-noinfo
CVE-2021-25901 2021-10-7 18:11 2021-01-17 Show GitHub Exploit DB Packet Storm
133332 9.8 緊急
Network 		Servo smallvec RUST 用 smallvec crate における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-25900 2021-10-7 18:11 2021-01-8 Show GitHub Exploit DB Packet Storm
133333 7.5 重要
Network 		node-red-contrib-huemagic project node-red-contrib-huemagic node-red-contrib-huemagic におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-25864 2021-10-7 18:11 2021-01-17 Show GitHub Exploit DB Packet Storm
133334 6.1 警告
Network 		Revive Adserver Revive Adserver Revive Adserver におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2021-22873 2021-10-7 18:11 2021-01-19 Show GitHub Exploit DB Packet Storm
133335 6.1 警告
Network 		Revive Adserver Revive Adserver Revive Adserver におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-22872 2021-10-7 18:11 2021-01-19 Show GitHub Exploit DB Packet Storm
133336 4.8 警告
Network 		QDocs Smart Hospital QDOCS Smart Hospital Management System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-36011 2021-10-7 18:11 2020-12-18 Show GitHub Exploit DB Packet Storm
133337 4.8 警告
Network 		Textpattern Textpattern CMS Textpattern におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35854 2021-10-7 18:11 2020-12-30 Show GitHub Exploit DB Packet Storm
133338 4.8 警告
Network 		4homepages 4images 4images Image Gallery Management System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35853 2021-10-7 18:11 2020-12-30 Show GitHub Exploit DB Packet Storm
133339 4.8 警告
Network 		Bakeshop Inventory System project Bakeshop Inventory System Bakeshop Online Ordering System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35309 2021-10-7 18:11 2020-11-26 Show GitHub Exploit DB Packet Storm
133340 9.9 緊急
Network 		HTCondor project HTCondor HTCondor におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-25311 2021-10-7 18:11 2021-01-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
321 7.8 HIGH
Local 		- - Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally. New CWE-284
Improper Access Control 		CVE-2026-42829 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
322 7.8 HIGH
Local 		- - Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. New CWE-126
 Buffer Over-read 		CVE-2026-42828 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
323 - - - Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Imp… New CWE-125
Out-of-bounds Read 		CVE-2026-42771 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
324 - - - Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which present… New CWE-325
 Missing Required Cryptographic Step 		CVE-2026-42770 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
325 - - - Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation inef… New CWE-295
Improper Certificate Validation  		CVE-2026-42769 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
326 - - - Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/… New CWE-514
CVE-2026-42768 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
327 - - - Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference ca… New CWE-476
 NULL Pointer Dereference 		CVE-2026-42767 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
328 - - - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application … New CWE-476
 NULL Pointer Dereference 		CVE-2026-42766 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
329 - - - Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a … New CWE-476
 NULL Pointer Dereference 		CVE-2026-42765 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
330 - - - Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer … New CWE-476
 NULL Pointer Dereference 		CVE-2026-42764 2026-06-10 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm