Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243701 9.3 危険 Autonomy - IBM 製品などに使用される Autonomy KeyView の rtfsr.dll における整数符号化エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0134 2012-06-26 16:19 2010-08-17 Show GitHub Exploit DB Packet Storm
243702 2.1 注意 becauseinter
FreeBSD		 - FreeBSD 上の Bournal における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-0119 2012-06-26 16:19 2010-02-24 Show GitHub Exploit DB Packet Storm
243703 3.3 注意 becauseinter - Bournal における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-0118 2012-06-26 16:19 2010-02-24 Show GitHub Exploit DB Packet Storm
243704 9.3 危険 energizer - Energizer DUO USB の UsbCharger.dll におけるプログラムを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0103 2012-06-26 16:19 2010-03-10 Show GitHub Exploit DB Packet Storm
243705 7.5 危険 GNU Project - GNU C Library の nis/nss_nis/nis-pwd.c における NIS アカウントの暗号化されたパスワードを取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-0015 2012-06-26 16:19 2010-01-14 Show GitHub Exploit DB Packet Storm
243706 3.7 注意 Fedora Project - SSSD における制限されたアクセスを回避される脆弱性 CWE-287
不適切な認証 		CVE-2010-0014 2012-06-26 16:19 2010-01-14 Show GitHub Exploit DB Packet Storm
243707 4.3 警告 Apache Software Foundation - Apache CouchDB における重要情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-0009 2012-06-26 16:19 2010-04-5 Show GitHub Exploit DB Packet Storm
243708 2.1 注意 GNU Project - Bash の /etc/profile.d/60alias.sh スクリプトにおける存在するファイルを非表示にされる脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0002 2012-06-26 16:19 2010-01-14 Show GitHub Exploit DB Packet Storm
243709 4.3 警告 aj square - AJ Auction Pro OOPD の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4989 2012-06-26 16:19 2010-08-25 Show GitHub Exploit DB Packet Storm
243710 7.5 危険 TYPO3 Association
christian ehmann		 - TYPO3 の event_registr 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4968 2012-06-26 16:19 2010-07-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
911 - - - The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden network devices or publish r… New CWE-287
Improper Authentication 		CVE-2026-49186 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
912 - - - The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse. New CWE-200
Information Exposure 		CVE-2026-49187 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
913 - - - The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands. New CWE-489
Exposure of Data Element to Wrong Session  		CVE-2026-49188 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
914 - - - Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations. New CWE-269
 Improper Privilege Management 		CVE-2026-49189 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
915 - - - The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions. New CWE-78
OS Command  		CVE-2026-49190 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
916 - - - The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages. New CWE-287
Improper Authentication 		CVE-2026-49191 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
917 - - - The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping. New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-49192 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
918 - - - Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet. New CWE-200
Information Exposure 		CVE-2026-49193 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
919 - - - The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface. New CWE-287
Improper Authentication 		CVE-2026-49194 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
920 - - - Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft. New CWE-287
Improper Authentication 		CVE-2026-49202 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm