Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1701 7 重要
Local 		Vim Vim Vimにおける複数の脆弱性 CWE-78
CWE-88
CVE-2026-46483 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
1702 7.3 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおける複数の脆弱性 CWE-94
CWE-95
CVE-2026-46586 2026-05-21 10:50 2026-05-19 Show GitHub Exploit DB Packet Storm
1703 5 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-6333 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
1704 6.5 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-6340 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
1705 9.8 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-7301 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
1706 9.1 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおけるパストラバーサルの脆弱性 CWE-35
パストラバーサル 		CVE-2026-7302 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
1707 9.8 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-7304 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
1708 5.5 警告
Local 		Open Source Geospatial Foundation GDAL Open Source Geospatial FoundationのGDALにおける複数の脆弱性 CWE-119
CWE-122
CWE-125
CVE-2026-8212 2026-05-21 10:49 2026-05-9 Show GitHub Exploit DB Packet Storm
1709 5.5 警告
Local 		Open Source Geospatial Foundation GDAL Open Source Geospatial FoundationのGDALにおける複数の脆弱性 CWE-119
CWE-122
CWE-125
CVE-2026-8213 2026-05-21 10:49 2026-05-9 Show GitHub Exploit DB Packet Storm
1710 7.5 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性 CWE-472
不変と仮定される Web パラメータの外部制御 		CVE-2026-8510 2026-05-21 10:49 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311211 - microsoft office Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary c… CWE-94
Code Injection 		CVE-2006-1318 2024-11-21 09:08 2014-09-19 Show GitHub Exploit DB Packet Storm
311212 5.4 MEDIUM
Network 		markjaquith subscribe_to_comments A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manip… - CVE-2006-10001 2024-11-21 09:07 2023-03-6 Show GitHub Exploit DB Packet Storm
311213 9.8 CRITICAL
Network 		simplemachines simple_machine_forum Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements. CWE-89
SQL Injection 		CVE-2005-4891 2024-11-21 09:05 2020-01-16 Show GitHub Exploit DB Packet Storm
311214 9.8 CRITICAL
Network 		sillycycle xlockmore xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window. CWE-306
Missing Authentication for Critical Function 		CVE-2006-0062 2024-11-21 09:05 2019-11-6 Show GitHub Exploit DB Packet Storm
311215 9.8 CRITICAL
Network 		sillycycle xlockmore xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session. CWE-306
Missing Authentication for Critical Function 		CVE-2006-0061 2024-11-21 09:05 2019-11-6 Show GitHub Exploit DB Packet Storm
311216 7.8 HIGH
Local 		sudo_project
debian
redhat 		sudo
shadow
debian_linux
enterprise_linux 		There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to … CWE-20
 Improper Input Validation  		CVE-2005-4890 2024-11-21 09:05 2019-11-5 Show GitHub Exploit DB Packet Storm
311217 5.9 MEDIUM
Network 		google chrome SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists … CWE-326
Inadequate Encryption Strength 		CVE-2005-4900 2024-11-21 09:05 2016-10-15 Show GitHub Exploit DB Packet Storm
311218 - csilvers gperftools Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large siz… CWE-189
Numeric Errors 		CVE-2005-4895 2024-11-21 09:05 2012-07-26 Show GitHub Exploit DB Packet Storm
311219 9.8 CRITICAL
Network 		gnu glibc The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buf… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2005-3590 2024-11-21 09:02 2019-04-11 Show GitHub Exploit DB Packet Storm
311220 9.8 CRITICAL
Network 		twiki twiki TWiki allows arbitrary shell command execution via the Include function CWE-74
Injection 		CVE-2005-3056 2024-11-21 09:01 2019-11-1 Show GitHub Exploit DB Packet Storm