Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
261 5.7 警告
Adjacent 		nuxt nuxt/webpack-builder
nuxt/rspack-builder 		Nuxtのnuxt/rspack-builder等の複数製品における危険なメソッドや機能の公開に関する脆弱性 CWE-749
危険なメソッドや機能の公開 		CVE-2026-49993 2026-06-16 13:39 2026-06-12 Show GitHub Exploit DB Packet Storm
262 9.8 緊急
Network 		jmespath project jmespath JMESPathにおける複数の脆弱性 CWE-116
CWE-20
CWE-94
CVE-2026-54133 2026-06-16 13:39 2026-06-12 Show GitHub Exploit DB Packet Storm
263 5.5 警告
Local 		- アップルのmacOSにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2025-24165 2026-06-16 13:39 2026-06-11 Show GitHub Exploit DB Packet Storm
264 5.5 警告
Local 		- アップルのmacOSにおけるUNIX Symbolic Link のフォローに関する脆弱性 CWE-61
UNIX Symbolic Link のフォロー 		CVE-2025-43278 2026-06-16 13:39 2026-06-11 Show GitHub Exploit DB Packet Storm
265 5.5 警告
Local 		- アップルのmacOSにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2025-46313 2026-06-16 13:39 2026-06-11 Show GitHub Exploit DB Packet Storm
266 7.2 重要
Network 		QNAP Systems QuTS hero QNAP SystemsのQuTS heroにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2025-62850 2026-06-16 13:39 2026-06-10 Show GitHub Exploit DB Packet Storm
267 7.2 重要
Network 		QNAP Systems QuTS hero
QNAP QTS 		QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-66273 2026-06-16 13:39 2026-06-10 Show GitHub Exploit DB Packet Storm
268 7.2 重要
Network 		QNAP Systems QuTS hero
QNAP QTS 		QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-66279 2026-06-16 13:39 2026-06-10 Show GitHub Exploit DB Packet Storm
269 7.2 重要
Network 		QNAP Systems QuTS hero
QNAP QTS 		QNAP SystemsのQNAP QTS等の複数製品における複数の脆弱性 CWE-121
CWE-190
CVE-2025-66280 2026-06-16 13:39 2026-06-10 Show GitHub Exploit DB Packet Storm
270 7.2 重要
Network 		QNAP Systems QuTS hero
QNAP QTS 		QNAP SystemsのQNAP QTS等の複数製品におけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2025-66281 2026-06-16 13:39 2026-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
309641 - binarymoon timthumb Cross-site scripting (XSS) vulnerability in the displayError function in timthumb.php in TimThumb before 1.15 (r85), as used in multiple products, allows remote attackers to inject arbitrary web scri… CWE-79
Cross-site Scripting 		CVE-2010-5303 2024-11-21 10:22 2014-08-22 Show GitHub Exploit DB Packet Storm
309642 - binarymoon timthumb Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb before 1.15 as of 20100908 (r88), as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via… CWE-79
Cross-site Scripting 		CVE-2010-5302 2024-11-21 10:22 2014-08-22 Show GitHub Exploit DB Packet Storm
309643 - echoping_project echoping Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted reply in the (1) TLS_readline o… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-5111 2024-11-21 10:22 2014-06-17 Show GitHub Exploit DB Packet Storm
309644 - senkas kolibri Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a HEAD request. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-5301 2024-11-21 10:22 2014-06-13 Show GitHub Exploit DB Packet Storm
309645 - jzip jzip Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-5300 2024-11-21 10:22 2014-06-11 Show GitHub Exploit DB Packet Storm
309646 - microp_project microp Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl file. NOTE: it has been reported that the overflow is in the lpFileName paramet… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-5299 2024-11-21 10:22 2014-05-23 Show GitHub Exploit DB Packet Storm
309647 - fedoraproject
randall_hand 		fedora
yerase\'s_tnef_stream_reader 		Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer … CWE-189
Numeric Errors 		CVE-2010-5109 2024-11-21 10:22 2014-05-6 Show GitHub Exploit DB Packet Storm
309648 - blender blender The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue mi… CWE-59
Link Following 		CVE-2010-5105 2024-11-21 10:22 2014-04-28 Show GitHub Exploit DB Packet Storm
309649 - openssl
mariadb
fedoraproject
suse 		openssl
mariadb
fedora
linux_enterprise_server
linux_enterprise_software_development_kit
linux_enterprise_desktop
linux_enterprise_workstation_extension 		Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denia… CWE-362
Race Condition 		CVE-2010-5298 2024-11-21 10:22 2014-04-15 Show GitHub Exploit DB Packet Storm
309650 - wordpress wordpress WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators t… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-5297 2024-11-21 10:22 2014-01-21 Show GitHub Exploit DB Packet Storm