Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3261 7.8 重要
Local 		George Nachman iTerm2 George NachmanのiTerm2における信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-41253 2026-05-20 13:31 2026-04-18 Show GitHub Exploit DB Packet Storm
3262 8.2 重要
Network 		Quantum Nous New API Quantum NousのNew APIにおける複数の脆弱性 CWE-1188
CWE-345
CWE-863
CVE-2026-41432 2026-05-20 13:31 2026-05-8 Show GitHub Exploit DB Packet Storm
3263 8.8 重要
Network 		anyscale ray anyscaleのrayにおける複数の脆弱性 CWE-502
CWE-94
CVE-2026-41486 2026-05-20 13:31 2026-05-8 Show GitHub Exploit DB Packet Storm
3264 4.4 警告
Local 		cilium cilium ciliumにおける複数の脆弱性 CWE-200
CWE-312
CWE-312
CVE-2026-41520 2026-05-20 13:31 2026-05-8 Show GitHub Exploit DB Packet Storm
3265 7 重要
Local 		VMware VMware Fusion VMwareのVMware FusionにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-41702 2026-05-20 13:31 2026-05-15 Show GitHub Exploit DB Packet Storm
3266 4.3 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-42006 2026-05-20 13:31 2026-05-12 Show GitHub Exploit DB Packet Storm
3267 4.3 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42051 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
3268 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42069 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
3269 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける複数の脆弱性 CWE-862
CWE-863
CVE-2026-42137 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
3270 7.8 重要
Local 		Nullsoft Nullsoft Scriptable Install System NullsoftのNullsoft Scriptable Install Systemにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2026-42171 2026-05-20 13:30 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311961 - apache http_server mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remo… CWE-200
Information Exposure 		CVE-2010-2791 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311962 - nalin_dahyabhai vte The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows… NVD-CWE-Other
CVE-2010-2713 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311963 - hp openview_network_node_manager Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2709 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311964 - avscripts av_arcade SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task. CWE-89
SQL Injection 		CVE-2010-2933 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311965 - barcodewiz barcode_activex_control Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2932 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311966 - topazsystems sigplus_pro_activex_control Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2931 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311967 - zabbix zabbix Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary we… CWE-79
Cross-site Scripting 		CVE-2010-2790 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311968 - barnowl barnowl BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and … CWE-20
 Improper Input Validation  		CVE-2010-2725 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311969 - raphael_assenat libmikmod loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of name##env relative to name##tick and name##node, which allows remote attackers to trigger a buffer ov… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2971 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311970 - moinmo moinmoin Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.p… CWE-79
Cross-site Scripting 		CVE-2010-2970 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm