Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3401 5.5 警告
Local 		OpenImageIO (OIIO) OpenImageIO (OIIO) OpenImageIO (OIIO)における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-43996 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
3402 6.5 警告
Network 		Shellhub Shellhub Shellhubにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-44423 2026-05-18 11:22 2026-05-13 Show GitHub Exploit DB Packet Storm
3403 4.7 警告
Network 		lfprojects MCP Registry lfprojectsのMCP Registryにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-44428 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
3404 5.4 警告
Network 		lfprojects MCP Registry lfprojectsのMCP Registryにおける複数の脆弱性 CWE-116
CWE-79
CVE-2026-44429 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
3405 4 警告
Network 		lfprojects MCP Registry lfprojectsのMCP Registryにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-44430 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
3406 7.2 重要
Network 		Ivanti Ivanti Virtual Traffic Manager (vTM) IvantiのIvanti Virtual Traffic Manager (vTM)におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-8051 2026-05-18 11:22 2026-05-12 Show GitHub Exploit DB Packet Storm
3407 5.4 警告
Network 		Bitwarden Server BitwardenのServerにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-43638 2026-05-18 11:22 2026-05-11 Show GitHub Exploit DB Packet Storm
3408 9.1 緊急
Network 		Bitwarden Server BitwardenのServerにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-43639 2026-05-18 11:22 2026-05-11 Show GitHub Exploit DB Packet Storm
3409 8.1 重要
Network 		Bitwarden Server BitwardenのServerにおける認証アルゴリズムの不適切な実装に関する脆弱性 CWE-303
認証アルゴリズム上の問題 		CVE-2026-43640 2026-05-18 11:21 2026-05-11 Show GitHub Exploit DB Packet Storm
3410 8.8 重要
Adjacent 		エレコム株式会社
ロジテック株式会社		 WAB-S1775
WSC-X1800GS-B
WRC-X6000QS-G
WMC-2LX2-B
WRC-X3000GS3-B
LAN-WH300ANDGPE
WRC-1900GHBK-A
WRC-1900GHBK-S
WRC-X1800GSH-B
LAN-WH300N/DR
WRC-1750GHBK2-I
WRC-600GHBK… 		エレコム製およびロジテック製ネットワーク機器における複数の脆弱性 CWE-120
CWE-284
CWE-78
CWE-912
CVE-2023-32626
CVE-2023-35991
CVE-2023-38132
CVE-2023-38576
CVE-2023-39445
CVE-2023-39454
CVE-2023-39455
CVE-2023-39944
CVE-2023-40069
CVE-2023-40072 		2026-05-15 19:26 2023-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312371 - mcafee linuxshield McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client … CWE-287
Improper Authentication 		CVE-2009-5116 2024-11-21 10:11 2012-08-22 Show GitHub Exploit DB Packet Storm
312372 - mcafee common_management_agent McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by access… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-5115 2024-11-21 10:11 2012-08-22 Show GitHub Exploit DB Packet Storm
312373 - mysql
oracle 		mysql The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows… CWE-89
SQL Injection 		CVE-2009-5026 2024-11-21 10:11 2012-08-17 Show GitHub Exploit DB Packet Storm
312374 - redhat jboss_community_application_server
jboss_enterprise_application_platform 		twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments. CWE-255
Credentials Management 		CVE-2009-5066 2024-11-21 10:11 2012-08-14 Show GitHub Exploit DB Packet Storm
312375 - trustwave
opensuse 		modsecurity
opensuse 		ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scrip… CWE-79
Cross-site Scripting 		CVE-2009-5031 2024-11-21 10:11 2012-07-23 Show GitHub Exploit DB Packet Storm
312376 - uclouvain openjpeg The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile informa… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-5030 2024-11-21 10:11 2012-07-19 Show GitHub Exploit DB Packet Storm
312377 - iwork webglimpse Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter. CWE-22
Path Traversal 		CVE-2009-5114 2024-11-21 10:11 2012-03-20 Show GitHub Exploit DB Packet Storm
312378 - iwork webglimpse Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter. CWE-79
Cross-site Scripting 		CVE-2009-5113 2024-11-21 10:11 2012-03-20 Show GitHub Exploit DB Packet Storm
312379 - iwork webglimpse wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request. CWE-200
Information Exposure 		CVE-2009-5112 2024-11-21 10:11 2012-03-20 Show GitHub Exploit DB Packet Storm
312380 - goahead goahead_webserver GoAhead WebServer allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris. CWE-399
 Resource Management Errors 		CVE-2009-5111 2024-11-21 10:11 2011-12-28 Show GitHub Exploit DB Packet Storm