Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2791 4.4 警告
Local 		PNG Development Group
Debian		 Debian GNU/Linux
libpng 		Debian等の複数ベンダの製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-34757 2026-05-15 11:02 2026-04-9 Show GitHub Exploit DB Packet Storm
2792 7.7 重要
Local 		Pengutronix e.K. barebox Pengutronix e.K.のbareboxにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-34961 2026-05-15 11:02 2026-05-11 Show GitHub Exploit DB Packet Storm
2793 5.5 警告
Local 		Pengutronix e.K. barebox Pengutronix e.K.のbareboxにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-34962 2026-05-15 11:02 2026-05-11 Show GitHub Exploit DB Packet Storm
2794 7.8 重要
Local 		Pengutronix e.K. barebox Pengutronix e.K.のbareboxにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-34963 2026-05-15 11:02 2026-05-11 Show GitHub Exploit DB Packet Storm
2795 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-35439 2026-05-15 11:02 2026-05-12 Show GitHub Exploit DB Packet Storm
2796 5.9 警告
Network 		IBM IBM WebSphere Application Server IBMのIBM WebSphere Application Serverにおける権限管理に関する脆弱性 CWE-269
CWE-noinfo
CVE-2026-3621 2026-05-15 11:02 2026-04-23 Show GitHub Exploit DB Packet Storm
2797 5.9 警告
Local 		The Go Project Go The Go ProjectのGoにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-39817 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
2798 5.3 警告
Local 		The Go Project Go The Go ProjectのGoにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-39819 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
2799 7.5 重要
Network 		The Go Project Go The Go ProjectのGoにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-39820 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
2800 6.1 警告
Network 		The Go Project Go The Go ProjectのGoにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-39823 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314401 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummy_boolean [WHY] dml2_core_shared_mode_support and dml_core_mode_support access the th… NVD-CWE-noinfo
CVE-2024-49971 2024-11-2 04:59 2024-10-22 Show GitHub Exploit DB Packet Storm
314402 6.7 MEDIUM
Local 		cisco adaptive_security_appliance_software
firepower_threat_defense_software 		A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arb… CWE-94
Code Injection 		CVE-2024-20485 2024-11-2 04:50 2024-10-24 Show GitHub Exploit DB Packet Storm
314403 6.5 MEDIUM
Network 		cisco secure_firewall_management_center A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote at… CWE-863
 Incorrect Authorization 		CVE-2024-20482 2024-11-2 04:49 2024-10-24 Show GitHub Exploit DB Packet Storm
314404 9.0 CRITICAL
Network 		lollms lord_of_large_language_models A vulnerability in the discussion image upload function of the Lollms application, version v9.9, allows for the uploading of SVG files. Due to incomplete filtering in the sanitize_svg function, this … CWE-79
Cross-site Scripting 		CVE-2024-6581 2024-11-2 04:38 2024-10-29 Show GitHub Exploit DB Packet Storm
314405 6.5 MEDIUM
Network 		trendmicro deep_discovery_inspector A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must… NVD-CWE-noinfo
CVE-2024-46903 2024-11-2 04:35 2024-10-23 Show GitHub Exploit DB Packet Storm
314406 - - - Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended t… - CVE-2024-49400 2024-11-2 04:35 2024-10-18 Show GitHub Exploit DB Packet Storm
314407 - - - A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. - CVE-2024-44573 2024-11-2 04:35 2024-09-12 Show GitHub Exploit DB Packet Storm
314408 9.8 CRITICAL
Network 		langchain langchain A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulatio… CWE-74
Injection 		CVE-2024-8309 2024-11-2 04:19 2024-10-29 Show GitHub Exploit DB Packet Storm
314409 4.3 MEDIUM
Network 		giuliopanda bulk_images_optimizer The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configura… CWE-862
 Missing Authorization 		CVE-2024-9361 2024-11-2 03:46 2024-10-18 Show GitHub Exploit DB Packet Storm
314410 9.8 CRITICAL
Network 		zte wrtm326_firmware The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests. CWE-78
OS Command  		CVE-2024-10119 2024-11-2 03:40 2024-10-18 Show GitHub Exploit DB Packet Storm