Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254151	7.8	危険	シスコシステムズ	-	Cisco Wireless LAN Controller の管理用 Web インターフェースにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1164	2011-06-9 10:26	2009-07-27	Show	GitHub Exploit DB Packet Storm

254152	7.8	危険	シスコシステムズ	-	Cisco Physical Access Gateway におけるメモリリークの脆弱性	CWE-399 リソース管理の問題	CVE-2009-1163	2011-06-9 10:25	2009-06-24	Show	GitHub Exploit DB Packet Storm

254153	6.8	警告	Apache Software Foundation	-	Apache Archiva における権限を取得される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4408	2011-06-9 10:23	2010-12-15	Show	GitHub Exploit DB Packet Storm

254154	7.2	危険	Apache Software Foundation	-	Apache mod_fcgid の apr_status_t fcgid_header_bucket_read 関数における脆弱性	CWE-189 数値処理の問題	CVE-2010-3872	2011-06-9 10:22	2010-06-8	Show	GitHub Exploit DB Packet Storm

254155	4.3	警告	Apache Software Foundation	-	Apache Struts における複数のクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6682	2011-06-9 10:21	2009-04-9	Show	GitHub Exploit DB Packet Storm

254156	4.3	警告	Apache Software Foundation	-	Apache Struts におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2025	2011-06-9 10:20	2009-04-9	Show	GitHub Exploit DB Packet Storm

254157	4.3	警告	Stichting NLnet Labs	-	Unbound DNS リゾルバにサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1922	2011-06-8 11:55	2011-05-26	Show	GitHub Exploit DB Packet Storm

254158	7.8	危険	ERLANG	-	Erlang/OTP SSH ライブラリで生成される乱数が推測可能な問題	CWE-310 暗号の問題	CVE-2011-0766	2011-06-8 11:54	2011-05-26	Show	GitHub Exploit DB Packet Storm

254159	10	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2010-3415	2011-06-8 11:52	2010-09-14	Show	GitHub Exploit DB Packet Storm

254160	10	危険	Google	-	Mac OS X 上で稼働する Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2010-3414	2011-06-8 11:52	2010-09-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3881	5.0	MEDIUM Network	-	-	An authorization bypass (CWE-639) in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-7573	2026-05-7 23:56	2026-05-6	Show	GitHub Exploit DB Packet Storm

3882	-		-	-	An authenticated (non-super) administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator …	CWE-79 Cross-site Scripting	CVE-2026-23926	2026-05-7 23:56	2026-05-6	Show	GitHub Exploit DB Packet Storm

3883	-		-	-	A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle datab…	CWE-522 Insufficiently Protected Credentials	CVE-2026-23927	2026-05-7 23:56	2026-05-6	Show	GitHub Exploit DB Packet Storm

3884	-		-	-	The Item history widget (in Zabbix 7.0+) or the Plain text widget (in Zabbix 6.0) can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized acti…	CWE-79 Cross-site Scripting	CVE-2026-23928	2026-05-7 23:56	2026-05-6	Show	GitHub Exploit DB Packet Storm

3885	5.2	MEDIUM Local	-	-	There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traver…	CWE-269 Improper Privilege Management	CVE-2026-40001	2026-05-7 23:56	2026-05-6	Show	GitHub Exploit DB Packet Storm

3886	6.3	MEDIUM Local	-	-	A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hard…	CWE-1241 Use of Predictable Algorithm in Random Number Generator	CVE-2026-6420	2026-05-7 23:56	2026-05-6	Show	GitHub Exploit DB Packet Storm

3887	6.8	MEDIUM Network	-	-	Velociraptor versions prior to 0.76.4 contain a cross organization authorization bypass in the HTTP API. A user with only the reader role in the root organization (the lowest authenticated role, hold…	CWE-863 Incorrect Authorization	CVE-2026-6863	2026-05-7 23:56	2026-05-7	Show	GitHub Exploit DB Packet Storm

3888	6.8	MEDIUM Network	-	-	Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint (/modules/sso/index.php/oidc/introspect) always returns {"active": true} for every re…	CWE-287 Improper Authentication	CVE-2026-41671	2026-05-7 23:54	2026-05-7	Show	GitHub Exploit DB Packet Storm

3889	-		-	-	A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the w…	CWE-88 Argument Injection	CVE-2026-7865	2026-05-7 23:53	2026-05-6	Show	GitHub Exploit DB Packet Storm

3890	9.1	CRITICAL Network	-	-	Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_…	CWE-340 Generation of Predictable Numbers or Identifiers	CVE-2026-5081	2026-05-7 23:52	2026-05-6	Show	GitHub Exploit DB Packet Storm