Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2201	6.1	警告 Network	Joomla!	Joomla!	Joomla!におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-25901	2026-05-29 11:18	2026-05-26	Show	GitHub Exploit DB Packet Storm

2202	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-2601	2026-05-29 11:18	2026-05-27	Show	GitHub Exploit DB Packet Storm

2203	7.5	重要 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-2614	2026-05-29 11:17	2026-05-11	Show	GitHub Exploit DB Packet Storm

2204	7.7	重要 Network	マイクロソフト	Azure Stack HCI	Azure Stack HCI の情報漏えいの脆弱性	CWE-20 不適切な入力確認	CVE-2026-26147	2026-05-29 11:17	2026-05-22	Show	GitHub Exploit DB Packet Storm

2205	8.8	重要 Network	NervesHub	NervesHub	NervesHubにおける複数の脆弱性	CWE-285 CWE-668	CVE-2026-28806	2026-05-29 11:17	2026-03-10	Show	GitHub Exploit DB Packet Storm

2206	7.5	重要 Network	Gleam-wisp	Wisp	Gleam-wispのWispにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-28807	2026-05-29 11:17	2026-03-10	Show	GitHub Exploit DB Packet Storm

2207	6.1	警告 Network	Joomla!	Joomla!	Joomla!におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-30894	2026-05-29 11:17	2026-05-26	Show	GitHub Exploit DB Packet Storm

2208	6.1	警告 Network	Joomla!	Joomla!	Joomla!におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-30895	2026-05-29 11:17	2026-05-26	Show	GitHub Exploit DB Packet Storm

2209	9.8	緊急 Network	マイクロソフト	Microsoft Entra ID	Microsoft Azure Active Directory B2C Elevation of Privilege Vulnerability	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-33843	2026-05-29 11:17	2026-05-22	Show	GitHub Exploit DB Packet Storm

2210	4.3	警告 Network	Joomla!	Joomla!	Joomla!におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-35220	2026-05-29 11:17	2026-05-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311531	-	hp	openview_network_node_manager	Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-2709	2024-11-21 10:17	2010-08-6	Show	GitHub Exploit DB Packet Storm

311532	-	avscripts	av_arcade	SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task.	CWE-89 SQL Injection	CVE-2010-2933	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311533	-	barcodewiz	barcode_activex_control	Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-2932	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311534	-	topazsystems	sigplus_pro_activex_control	Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-2931	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311535	-	zabbix	zabbix	Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary we…	CWE-79 Cross-site Scripting	CVE-2010-2790	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311536	-	barnowl	barnowl	BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and …	CWE-20 Improper Input Validation	CVE-2010-2725	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311537	-	raphael_assenat	libmikmod	loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of name##env relative to name##tick and name##node, which allows remote attackers to trigger a buffer ov…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-2971	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311538	-	moinmo	moinmoin	Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.p…	CWE-79 Cross-site Scripting	CVE-2010-2970	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311539	-	moinmo	moinmoin	Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related t…	CWE-79 Cross-site Scripting	CVE-2010-2969	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

311540	-	windriver	vxworks	The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-2968	2024-11-21 10:17	2010-08-5	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed