Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201 7.8 重要
Local 		Synology Inc. Active Backup for Business Recovery Media Creator Synology Inc.のActive Backup for Business Recovery Media Creatorにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 New CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2022-49036 2026-06-11 16:14 2026-06-3 Show GitHub Exploit DB Packet Storm
202 5.5 警告
Local 		cilium eBPF ciliumのeBPFにおける複数の脆弱性 New CWE-189
CWE-190
CVE-2026-10722 2026-06-11 16:14 2026-06-3 Show GitHub Exploit DB Packet Storm
203 7.5 重要
Network 		CRUX Protocol::HTTP2 CRUXのProtocol::HTTP2における高圧縮データの処理 (データ増幅)に関する脆弱性 New CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-10725 2026-06-11 16:14 2026-06-6 Show GitHub Exploit DB Packet Storm
204 6.1 警告
Network 		HCL Technologies Limited Digital Experience Compose
digital experience 		HCL Technologies Limitedのdigital experience等の複数製品におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-21825 2026-06-11 16:14 2026-06-5 Show GitHub Exploit DB Packet Storm
205 6.1 警告
Network 		HCL Technologies Limited Digital Experience Compose
digital experience 		HCL Technologies Limitedのdigital experience等の複数製品におけるオープンリダイレクトの脆弱性 New CWE-601
オープンリダイレクト 		CVE-2026-21826 2026-06-11 16:14 2026-06-5 Show GitHub Exploit DB Packet Storm
206 8.8 重要
Network 		HCL Technologies Limited Digital Experience Compose
digital experience 		HCL Technologies Limitedのdigital experience等の複数製品におけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-21837 2026-06-11 16:14 2026-06-5 Show GitHub Exploit DB Packet Storm
207 5.3 警告
Local 		LMSYS Org SGLang LMSYS OrgのSGLangにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 New CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2026-10775 2026-06-11 16:14 2026-06-3 Show GitHub Exploit DB Packet Storm
208 2.5
Local 		Gradio project Gradio Gradio projectのGradioにおける複数の脆弱性 New CWE-327
CWE-328
CVE-2026-10783 2026-06-11 16:14 2026-06-4 Show GitHub Exploit DB Packet Storm
209 4.7 警告
Local 		snowflake streamlit Snowflake Inc.のStreamlitにおける複数の脆弱性 New CWE-327
CWE-328
CVE-2026-10804 2026-06-11 16:14 2026-06-4 Show GitHub Exploit DB Packet Storm
210 7 重要
Local 		Milvus Milvus Milvusにおける複数の脆弱性 New CWE-327
CWE-328
CVE-2026-10814 2026-06-11 16:14 2026-06-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
310401 - solventus com_jgen SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. CWE-89
SQL Injection 		CVE-2010-3422 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310402 - productcart productcart Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ProductCart 3, 4.1 SP1, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the redirectUr… CWE-79
Cross-site Scripting 		CVE-2010-3421 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310403 - webassist powerstore Cross-site scripting (XSS) vulnerability in Products_Results.php in PowerStore 3.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_WADAProducts parameter. CWE-79
Cross-site Scripting 		CVE-2010-3420 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310404 - haudenschilt family_connections_cms Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the current_user_id parameter … CWE-94
Code Injection 		CVE-2010-3419 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310405 - netartmedia car_portal Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) car_id parameter to index.php … CWE-79
Cross-site Scripting 		CVE-2010-3418 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310406 - google chrome Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors. CWE-200
Information Exposure 		CVE-2010-3417 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310407 9.8 CRITICAL
Network 		google chrome Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified othe… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3416 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310408 - google chrome Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via u… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3415 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310409 - google chrome Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3414 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm
310410 - google chrome Unspecified vulnerability in the pop-up blocking functionality in Google Chrome before 6.0.472.59 allows remote attackers to cause a denial of service (application crash) via unknown vectors. NVD-CWE-noinfo
CVE-2010-3413 2024-11-21 10:18 2010-09-17 Show GitHub Exploit DB Packet Storm