Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
331	7.2	重要 Network	emlog	emlog	emlogにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-39276	2026-06-12 14:54	2026-05-29	Show	GitHub Exploit DB Packet Storm

332	8.1	重要 Network	マイクロソフト	Visual Studio Code	Visual Studio Code の特権の昇格の脆弱性	CWE-20 CWE-noinfo	CVE-2026-40376	2026-06-12 14:54	2026-06-9	Show	GitHub Exploit DB Packet Storm

333	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows ユニバーサルディスクフォーマットファイルシステムドライバー (UDFS) の特権昇格の脆弱性	CWE-197 数値打ち切り誤差	CVE-2026-40409	2026-06-12 14:54	2026-06-9	Show	GitHub Exploit DB Packet Storm

334	7.5	重要 Network	VMware	Spring HATEOAS	VMwareのSpring HATEOASにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-41006	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

335	7.5	重要 Network	VMware	Spring HATEOAS	VMwareのSpring HATEOASにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-41007	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

336	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Microsoft Kinect の特権昇格の脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41092	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

337	7	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows DNS クライアントの特権の昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-41108	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

338	7.5	重要 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおける不十分なランダム値の使用に関する脆弱性	CWE-330 不十分なランダム値の使用	CVE-2026-41838	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

339	6.1	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-41844	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

340	6.1	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41845	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
354201	-	mozilla	bugzilla	process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be a…	NVD-CWE-Other	CVE-2001-1406	2016-10-18 11:15	2001-09-10	Show	GitHub Exploit DB Packet Storm

354202	-	mozilla	bugzilla	Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows t…	NVD-CWE-Other	CVE-2001-1407	2016-10-18 11:15	2001-09-10	Show	GitHub Exploit DB Packet Storm

354203	-	apple	mac_os_x	Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.	NVD-CWE-Other	CVE-2001-1411	2016-10-18 11:15	2003-11-17	Show	GitHub Exploit DB Packet Storm

354204	-	apple	mac_os_x	nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.	NVD-CWE-Other	CVE-2001-1412	2016-10-18 11:15	2003-11-17	Show	GitHub Exploit DB Packet Storm

354205	-	bsd	nvi	Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename.	NVD-CWE-Other	CVE-2001-1562	2016-10-18 11:15	2001-12-31	Show	GitHub Exploit DB Packet Storm

354206	-	ibm	lotus_domino lotus_domino_server	Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request wit…	NVD-CWE-Other	CVE-2001-1567	2016-10-18 11:15	2001-12-31	Show	GitHub Exploit DB Packet Storm

354207	-	mutt	mutt	Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the …	NVD-CWE-Other	CVE-2002-0001	2016-10-18 11:15	2002-02-27	Show	GitHub Exploit DB Packet Storm

354208	-	university_of_washington	pine	URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).	NVD-CWE-Other	CVE-2002-0014	2016-10-18 11:15	2002-07-26	Show	GitHub Exploit DB Packet Storm

354209	-	andrew_tridgell	rsync	Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary…	NVD-CWE-Other	CVE-2002-0048	2016-10-18 11:15	2002-02-27	Show	GitHub Exploit DB Packet Storm

354210	-	squid redhat	squid linux	Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.	NVD-CWE-Other	CVE-2002-0067	2016-10-18 11:15	2002-03-8	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed