Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1681 - - 日立 Hitachi Infrastructure Analytics Advisor
Hitachi Ops Center Analyzer
Hitachi Ops Center Analyzer viewpoint 		Hitachi Infrastructure Analytics Advisor,Hitachi Ops Center AnalyzerおよびHitachi Ops Center Analyzer viewpointにおける脆弱性 - CVE-2026-3314 2026-05-27 13:53 2026-05-26 Show GitHub Exploit DB Packet Storm
1682 - - LMSYS Org SGLang SGLangにおける複数の脆弱性 - CVE-2026-5760
CVE-2026-7301
CVE-2026-7302
CVE-2026-7304 		2026-05-27 12:17 2026-05-26 Show GitHub Exploit DB Packet Storm
1683 - - dnsmasq dnsmasq dnsmasqにおける複数の脆弱性 - CVE-2026-2291
CVE-2026-4890
CVE-2026-4891
CVE-2026-4892
CVE-2026-4893
CVE-2026-5172 		2026-05-27 12:17 2026-05-26 Show GitHub Exploit DB Packet Storm
1684 - - Linux Linux Kernel Linuxカーネルにおける複数の脆弱性 - CVE-2026-31431
CVE-2026-43284
CVE-2026-43500 		2026-05-26 14:07 2026-05-25 Show GitHub Exploit DB Packet Storm
1685 6.8 警告
Adjacent 		日本電気 Aterm CM51FD
Aterm MR51FN 		NEC AtermシリーズにおけるOSコマンドインジェクションの脆弱性(NV26-003) CWE-78
OSコマンド・インジェクション 		CVE-2026-8652 2026-05-25 15:43 2026-05-25 Show GitHub Exploit DB Packet Storm
1686 - - (複数のベンダ) (複数の製品) CISA ICS Advisory / ICS Medical Advisory(2026年05月21日) - - 2026-05-25 15:37 2026-05-22 Show GitHub Exploit DB Packet Storm
1687 3.8
Adjacent 		日本電気 Aterm WX11000T12
Aterm WX4200D5
Aterm 19000T12BE
Aterm WX7800T8
Aterm WX5400HP
Aterm WX3000HP2
Aterm WX1800HP
Aterm GX621A1
Aterm … 		NEC Atermシリーズにおけるクロスサイトスクリプティングの脆弱性(NV26-002) CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-6059 2026-05-25 15:29 2026-05-25 Show GitHub Exploit DB Packet Storm
1688 - - 日立 Hitachi Virtual Storage Platform 日立ディスクアレイシステムにおけるSVP 脆弱性対策について (2026年3月分) - CVE-2026-23667
CVE-2026-23668
CVE-2026-23669
CVE-2026-23671
CVE-2026-23672
CVE-2026-23673
CVE-2026-23674
CVE-2026-24282
CVE-2026-24285
CVE-2026-24287
CVE-2026-24288
C… 		2026-05-25 11:30 2026-05-20 Show GitHub Exploit DB Packet Storm
1689 5.5 警告
Local 		Amazon.com, Inc. AWS API MCP Server Amazon.com, Inc.のAWS API MCP Serverにおける代替パスの保護に関する脆弱性 CWE-424
代替パスの不適切な保護 		CVE-2026-4270 2026-05-25 10:26 2026-03-16 Show GitHub Exploit DB Packet Storm
1690 6.5 警告
Network 		ベリタス Veritas InfoScale Operations Manager ベリタスのVeritas InfoScale Operations ManagerにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-44923 2026-05-25 10:26 2026-05-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319401 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmi_get_variable We can get EFI variables without fetching the attribute, so we must allow for that in g… CWE-476
 NULL Pointer Dereference 		CVE-2023-52893 2024-09-12 01:24 2024-08-21 Show GitHub Exploit DB Packet Storm
319402 4.3 MEDIUM
Network 		ngothang wp_multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack CWE-352
 Origin Validation Error 		CVE-2024-6852 2024-09-12 01:23 2024-09-8 Show GitHub Exploit DB Packet Storm
319403 4.3 MEDIUM
Network 		ngothang wp_multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating welcome popups, which could allow attackers to make logged admins perform such action via a CSRF attack CWE-352
 Origin Validation Error 		CVE-2024-6853 2024-09-12 01:22 2024-09-8 Show GitHub Exploit DB Packet Storm
319404 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix GEM handle creation UAF Userspace can guess the handle value and try to race GEM object creation with handle clos… CWE-416
 Use After Free 		CVE-2022-48899 2024-09-12 01:22 2024-08-21 Show GitHub Exploit DB Packet Storm
319405 4.3 MEDIUM
Network 		ngothang wp_multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit popups, which could allow attackers to make logged admins perform such action via a CSRF attack CWE-352
 Origin Validation Error 		CVE-2024-6855 2024-09-12 01:21 2024-09-8 Show GitHub Exploit DB Packet Storm
319406 4.3 MEDIUM
Network 		ngothang wp_multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack CWE-352
 Origin Validation Error 		CVE-2024-6856 2024-09-12 01:20 2024-09-8 Show GitHub Exploit DB Packet Storm
319407 5.4 MEDIUM
Network 		ngothang wp_multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could… CWE-79
Cross-site Scripting 		CVE-2024-6859 2024-09-12 01:19 2024-09-8 Show GitHub Exploit DB Packet Storm
319408 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer There are 3 possible interrupt sources are handle… CWE-362
Race Condition 		CVE-2022-48898 2024-09-12 01:19 2024-08-21 Show GitHub Exploit DB Packet Storm
319409 9.8 CRITICAL
Network 		themetechmount truebooker The TrueBooker WordPress plugin before 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a … CWE-89
SQL Injection 		CVE-2024-6924 2024-09-12 01:15 2024-09-8 Show GitHub Exploit DB Packet Storm
319410 4.3 MEDIUM
Network 		themetechmount truebooker The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. CWE-352
 Origin Validation Error 		CVE-2024-6925 2024-09-12 01:12 2024-09-8 Show GitHub Exploit DB Packet Storm