Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243661 10 危険 FFmpeg - FFmpeg における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-4634 2012-06-26 16:19 2010-02-9 Show GitHub Exploit DB Packet Storm
243662 10 危険 FFmpeg - FFmpeg の vorbis_dec.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-4633 2012-06-26 16:19 2010-02-9 Show GitHub Exploit DB Packet Storm
243663 5.8 警告 FFmpeg - FFmpeg の oggparsevorbis.c における重要なメモリコンテンツを取得される脆弱性 CWE-189
数値処理の問題 		CVE-2009-4632 2012-06-26 16:19 2010-02-9 Show GitHub Exploit DB Packet Storm
243664 9.3 危険 FFmpeg - FFmpeg の VP3 デコーダにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-4631 2012-06-26 16:19 2010-02-9 Show GitHub Exploit DB Packet Storm
243665 5 警告 dan brown - Moa Gallery の sources/_template_parser.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4627 2012-06-26 16:19 2010-01-18 Show GitHub Exploit DB Packet Storm
243666 7.5 危険 dan brown - Moa Gallery における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4614 2012-06-26 16:19 2010-01-18 Show GitHub Exploit DB Packet Storm
243667 7.5 危険 fernando soares
Joomla!		 - Joomla! 用 Fernando Soares Mamboleto コンポーネントの mamboleto.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4604 2012-06-26 16:19 2010-01-12 Show GitHub Exploit DB Packet Storm
243668 7.5 危険 corephp
Joomla!		 - Joomla! の jphoto コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4598 2012-06-26 16:19 2010-01-12 Show GitHub Exploit DB Packet Storm
243669 9.3 危険 awingsoft - AwingSoft Awakening Web3D Player などの WindsPlayerIE.View.1 ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4588 2012-06-26 16:19 2010-01-7 Show GitHub Exploit DB Packet Storm
243670 5 警告 Cherokee Project - Cherokee Web Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-4587 2012-06-26 16:19 2010-01-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
641 3.7 LOW
Network 		erlang erlang\/otp Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP re… Update CWE-295
CWE-672
Improper Certificate Validation 
 Operation on a Resource after Expiration or Release 		CVE-2026-42791 2026-06-3 04:18 2026-05-27 Show GitHub Exploit DB Packet Storm
642 7.8 HIGH
Local 		google android In performPreInstallChecks of InstallRepository.kt, there is a possible way to bypass MDM policy due to a logic error in the code. This could lead to local escalation of privilege with no additional … New CWE-693
 Protection Mechanism Failure 		CVE-2025-48652 2026-06-3 03:59 2026-06-2 Show GitHub Exploit DB Packet Storm
643 5.5 MEDIUM
Local 		google android In isSameApp of NotificationManagerService.java, there is a possible persistent dos due to resource exhaustion. This could lead to local denial of service with no additional execution privileges need… New CWE-400
 Uncontrolled Resource Consumption 		CVE-2025-48648 2026-06-3 03:59 2026-06-2 Show GitHub Exploit DB Packet Storm
644 3.3 LOW
Local 		google android In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclos… New NVD-CWE-noinfo
CVE-2025-48616 2026-06-3 03:58 2026-06-2 Show GitHub Exploit DB Packet Storm
645 7.8 HIGH
Local 		google android In multiple functions of PipTaskOrganizer.java, there is a possible way to launch an activity from the background due to a confused deputy. This could lead to local escalation of privilege with no ad… New CWE-441
Confused Deputy 		CVE-2025-48570 2026-06-3 03:58 2026-06-2 Show GitHub Exploit DB Packet Storm
646 7.8 HIGH
Local 		google android In multiple locations, there is a possible background activity launch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges neede… New NVD-CWE-noinfo
CVE-2025-32348 2026-06-3 03:50 2026-06-2 Show GitHub Exploit DB Packet Storm
647 6.5 MEDIUM
Network 		apache airflow A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg… New CWE-59
Link Following 		CVE-2026-40861 2026-06-3 03:49 2026-06-1 Show GitHub Exploit DB Packet Storm
648 7.2 HIGH
Network 		apache airflow A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the `is_safe_url` check, enabling redirection from a trusted Airflow domain to an attacker-… New CWE-601
Open Redirect 		CVE-2026-40961 2026-06-3 03:49 2026-06-1 Show GitHub Exploit DB Packet Storm
649 4.3 MEDIUM
Network 		apache airflow The partitioned_dag_runs endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerat… New CWE-862
 Missing Authorization 		CVE-2026-41014 2026-06-3 03:49 2026-06-1 Show GitHub Exploit DB Packet Storm
650 7.5 HIGH
Network 		apache airflow A bug in Apache Airflow's bulk Task Instances API (`PATCH/DELETE /api/v2/dags/{dag_id}/dagRuns/{dag_run_id}/taskInstances`) evaluated authorization against the `dag_id` resolved from the URL path whi… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-41084 2026-06-3 03:49 2026-06-1 Show GitHub Exploit DB Packet Storm