Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3251 7.3 重要
Network 		Zeit, Inc. AI Vercel, Inc. (旧 Zeit, Inc.)のAIにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-8768 2026-05-21 10:47 2026-05-17 Show GitHub Exploit DB Packet Storm
3252 6.5 警告
Network 		Zeit, Inc. AI Vercel, Inc. (旧 Zeit, Inc.)のAIにおける複数の脆弱性 CWE-400
CWE-404
CVE-2026-8769 2026-05-21 10:47 2026-05-17 Show GitHub Exploit DB Packet Storm
3253 6.3 警告
Network 		Tencent WeKnora TencentのWeKnoraにおける複数の脆弱性 CWE-285
CWE-639
CVE-2026-8786 2026-05-21 10:47 2026-05-18 Show GitHub Exploit DB Packet Storm
3254 7.5 重要
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-8946 2026-05-21 10:47 2026-05-19 Show GitHub Exploit DB Packet Storm
3255 7.3 重要
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-8947 2026-05-21 10:47 2026-05-19 Show GitHub Exploit DB Packet Storm
3256 9.6 緊急
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-8953 2026-05-21 10:47 2026-05-19 Show GitHub Exploit DB Packet Storm
3257 7.5 重要
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-8954 2026-05-21 10:47 2026-05-19 Show GitHub Exploit DB Packet Storm
3258 4.3 警告
Network 		シックス・アパート株式会社 Movable Type Premium (Advanced Edition)
Movable Type
Movable Type Advanced
Movable Type Premium 		Movable Typeにおける権限チェックの欠如の脆弱性 CWE-Other
その他 		CVE-2026-44392 2026-05-20 14:09 2026-05-20 Show GitHub Exploit DB Packet Storm
3259 4.3 警告
Network 		Outlook.com Microsoft Edge Chromium Microsoft Edge (Chromium ベース) for Android のスプーフィングの脆弱性 CWE-451
ユーザインターフェースにおける重要情報の誤った表示 		CVE-2026-40416 2026-05-20 13:31 2026-05-12 Show GitHub Exploit DB Packet Storm
3260 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける有効期限後または解放後のリソースの操作に関する脆弱性 CWE-672
有効期限後または解放後のリソースの操作 		CVE-2026-4053 2026-05-20 13:31 2026-05-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311791 - hp data_protector_express Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain… NVD-CWE-noinfo
CVE-2010-3008 2024-11-21 10:17 2010-09-14 Show GitHub Exploit DB Packet Storm
311792 - apache traffic_server Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, w… CWE-20
 Improper Input Validation  		CVE-2010-2952 2024-11-21 10:17 2010-09-14 Show GitHub Exploit DB Packet Storm
311793 - hp proliant_g6_lights-out_100_remote_management Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote Management card with firmware before 4.06 allows remote attackers to cause a denial of service via unknown vectors. NVD-CWE-noinfo
CVE-2010-3006 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm
311794 - todd_miller sudo Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a comman… NVD-CWE-Other
CVE-2010-2956 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm
311795 - quagga quagga bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS … NVD-CWE-Other
CVE-2010-2949 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm
311796 - quagga quagga Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2948 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm
311797 - cisco wireless_lan_controller_software Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unin… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-3034 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm
311798 - cisco wireless_lan_controller_software Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain admi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-3033 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm
311799 - hp insight_diagnostics Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2010-3003 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm
311800 - s9y serendipity Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2010-2957 2024-11-21 10:17 2010-09-11 Show GitHub Exploit DB Packet Storm