Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3411	7.5	重要 Network	NLnet Labs	unbound	NLnet Labsのunboundにおける複数の脆弱性	CWE-407 CWE-770	CVE-2026-41292	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3412	5.3	警告 Network	NLnet Labs	unbound	NLnet Labsのunboundにおける予期せぬ動作に関する脆弱性	CWE-440 予期せぬ動作	CVE-2026-42534	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3413	5.3	警告 Network	NLnet Labs	unbound	NLnet Labsのunboundにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-42923	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3414	7.5	重要 Network	NLnet Labs	unbound	NLnet Labsのunboundにおける複数の脆弱性	CWE-197 CWE-787	CVE-2026-42944	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3415	7.5	重要 Network	NLnet Labs	unbound	NLnet Labsのunboundにおける初期化されていないポインタのアクセスに関する脆弱性	CWE-824 初期化されていないポインタのアクセス	CVE-2026-42959	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3416	10	緊急 Network	NLnet Labs	unbound	NLnet Labsのunboundにおける信頼できるデータ受け入れ時の信頼できない無関係なデータの受け入れに関する脆弱性	CWE-349 信頼できるデータ受け入れ時の信頼できない無関係なデータの受け入れ	CVE-2026-42960	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3417	5.3	警告 Network	NLnet Labs	unbound	NLnet Labsのunboundにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-44390	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3418	5.9	警告 Network	NLnet Labs	unbound	NLnet Labsのunboundにおける不適切なリソースロックに関する脆弱性	CWE-413 不適切なリソースロック	CVE-2026-44608	2026-05-22 10:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

3419	6.1	警告 Network	Drupal	Drupal	Drupalにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-6365	2026-05-22 10:59	2026-05-19	Show	GitHub Exploit DB Packet Storm

3420	6.6	警告 Network	Drupal	Drupal	Drupalにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性	CWE-915 動的に決定されたオブジェクト属性の不適切に制御された変更	CVE-2026-6366	2026-05-22 10:59	2026-05-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311531	-	santafox	santafox	Cross-site scripting (XSS) vulnerability in modules/search/search.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the search param…	CWE-79 Cross-site Scripting	CVE-2010-3463	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311532	-	mollify	mollify	Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML v…	CWE-79 Cross-site Scripting	CVE-2010-3462	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311533	-	endonesia	endonesia	SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printarticle action to mod.php, a different…	CWE-89 SQL Injection	CVE-2010-3461	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311534	-	gecad	axigen_mail_server	Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL.	CWE-22 Path Traversal	CVE-2010-3460	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311535	-	gecad	axigen_mail_server	Cross-site scripting (XSS) vulnerability in the Ajax WebMail interface in AXIGEN Mail Server before 7.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2010-3459	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311536	-	getsymphony	symphony	SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-email[recipient] parameter t…	CWE-89 SQL Injection	CVE-2010-3458	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311537	-	getsymphony	symphony	Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) fields[website] parameter in the post com…	CWE-79 Cross-site Scripting	CVE-2010-3457	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311538	-	energyscripts	simple_download	Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.	CWE-22 Path Traversal	CVE-2010-3456	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311539	-	atutor	achecker	Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 allows remote attackers to inject arbitrary web script or HTML via the uri parameter.	CWE-79 Cross-site Scripting	CVE-2010-3455	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm

311540	-	microsoft	sharepoint_services groove_server internet_explorer sharepoint_server sharepoint_foundation web_apps	The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, …	CWE-79 Cross-site Scripting	CVE-2010-3324	2024-11-21 10:18	2010-09-18	Show	GitHub Exploit DB Packet Storm