Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251681 4.9 警告 アップル
FreeBSD
NetBSD		 - NetBSD などの製品で使用されるカーネルの smb_subr.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2010-2530 2012-03-27 18:42 2010-09-29 Show GitHub Exploit DB Packet Storm
251682 10 危険 Linux - Linux kernel の pppol2tp_xmit 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2495 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
251683 4.3 警告 Roundup - Roundup の cgi/client.py におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2491 2012-03-27 18:42 2010-09-24 Show GitHub Exploit DB Packet Storm
251684 7.2 危険 Linux - Linux kernel の ethtool_get_rxnfc 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-2478 2012-03-27 18:42 2010-09-29 Show GitHub Exploit DB Packet Storm
251685 4.3 警告 Python Paste - Paste の paste.httpexceptions 実装におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2477 2012-03-27 18:42 2010-06-24 Show GitHub Exploit DB Packet Storm
251686 4.3 警告 Synology Inc. - Synology Disk Station におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2453 2012-03-27 18:42 2010-09-29 Show GitHub Exploit DB Packet Storm
251687 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Territory Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-2418 2012-03-27 18:42 2010-10-13 Show GitHub Exploit DB Packet Storm
251688 4 警告 オラクル - Oracle Supply Chain Products Suite の Agile PLM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-2417 2012-03-27 18:42 2010-10-13 Show GitHub Exploit DB Packet Storm
251689 4.3 警告 オラクル - Oracle E-Business Suite の Oracle E-Business Intelligence コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-2416 2012-03-27 18:42 2010-10-13 Show GitHub Exploit DB Packet Storm
251690 2.6 注意 オラクル - Oracle Sun Products Suite の Sun Convergence および Sun Java Communications Suite コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-2414 2012-03-27 18:42 2010-10-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4271 9.8 CRITICAL
Network 		openclaw openclaw A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component blueb… CWE-287
Improper Authentication 		CVE-2026-8305 2026-05-16 12:06 2026-05-12 Show GitHub Exploit DB Packet Storm
4272 9.8 CRITICAL
Network 		libexpat_project libexpat `xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this… CWE-331
 Insufficient Entropy 		CVE-2026-7210 2026-05-16 12:05 2026-05-12 Show GitHub Exploit DB Packet Storm
4273 8.1 HIGH
Network 		bitwarden server Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management … CWE-303
 Incorrect Implementation of Authentication Algorithm 		CVE-2026-43640 2026-05-16 12:04 2026-05-12 Show GitHub Exploit DB Packet Storm
4274 9.1 CRITICAL
Network 		bitwarden server Bitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability that allows a provider service user to add an arbitrary organization to their provider via `POST /providers/{provide… CWE-862
 Missing Authorization 		CVE-2026-43639 2026-05-16 12:04 2026-05-12 Show GitHub Exploit DB Packet Storm
4275 5.4 MEDIUM
Network 		bitwarden server Bitwarden Server prior to v2026.4.1 contains a missing authorization vulnerability that allows any authenticated user to write ciphers into an arbitrary organization via `POST /ciphers/import-organiz… CWE-862
 Missing Authorization 		CVE-2026-43638 2026-05-16 11:55 2026-05-12 Show GitHub Exploit DB Packet Storm
4276 5.6 MEDIUM
Network 		dell elastic_cloud_storage
objectscale 		Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthentica… CWE-302
 Authentication Bypass by Assumed-Immutable Data 		CVE-2025-43992 2026-05-16 11:52 2026-05-11 Show GitHub Exploit DB Packet Storm
4277 8.8 HIGH
Network 		google chrome Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) CWE-416
 Use After Free 		CVE-2026-8581 2026-05-16 11:48 2026-05-15 Show GitHub Exploit DB Packet Storm
4278 3.5 LOW
Network 		- - The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.9, OCI ownership validation skips label-match check when upstream OCI registry return… CWE-636
 Not Failing Securely ('Failing Open') 		CVE-2026-45781 2026-05-16 11:16 2026-05-15 Show GitHub Exploit DB Packet Storm
4279 5.5 MEDIUM
Local 		microsoft word Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. CWE-284
NVD-CWE-noinfo
Improper Access Control 		CVE-2026-41101 2026-05-16 11:09 2026-05-13 Show GitHub Exploit DB Packet Storm
4280 5.5 MEDIUM
Local 		microsoft powerpoint Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally. CWE-284
Improper Access Control 		CVE-2026-41102 2026-05-16 11:08 2026-05-13 Show GitHub Exploit DB Packet Storm