Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4061 4.4 警告
Local 		notepad-plus-plus notepad++ notepad-plus-plusのnotepad++における書式文字列に関する脆弱性 CWE-134
書式文字列の問題 		CVE-2026-6539 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
4062 5.5 警告
Local 		Wireshark Wireshark Wiresharkにおける不適切に制御された順次メモリ割り当てに関する脆弱性 CWE-1325
不適切に制御された順次メモリ割り当て 		CVE-2026-6867 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
4063 7.5 重要
Network 		Wireshark Wireshark Wiresharkにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-6868 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
4064 5.5 警告
Local 		Wireshark Wireshark Wiresharkにおける不適切に制御された順次メモリ割り当てに関する脆弱性 CWE-1325
不適切に制御された順次メモリ割り当て 		CVE-2026-6869 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
4065 5.5 警告
Local 		Wireshark Wireshark Wiresharkにおける初期化されていないポインタのアクセスに関する脆弱性 CWE-824
初期化されていないポインタのアクセス 		CVE-2026-6870 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
4066 5.6 警告
Network 		ollama ollama Ollamaにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-7020 2026-05-7 12:02 2026-04-26 Show GitHub Exploit DB Packet Storm
4067 5.6 警告
Network 		vLLM vLLM vLLMにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-7141 2026-05-7 12:02 2026-04-27 Show GitHub Exploit DB Packet Storm
4068 7.5 重要
Network 		FreeBSD FreeBSD FreeBSDにおける複数の脆弱性 CWE-674
CWE-791
CVE-2026-7164 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
4069 7.8 重要
Local 		FreeBSD FreeBSD FreeBSDにおける演算子の優先順位についての論理エラーに関する脆弱性 CWE-783
演算子の優先順位についての論理エラー 		CVE-2026-7270 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
4070 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-7320 2026-05-7 12:01 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313811 - - - Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter. - CVE-2024-51065 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
313812 - - - Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid parameter to admin/queries.php. - CVE-2024-51064 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
313813 - - - An issue in MobaXterm v24.2 allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI is spawning one Administrative cmd (conhost.exe) - CVE-2024-48200 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
313814 - - - Glossarizer through 1.5.2 improperly tries to convert text into HTML. Even though the application itself escapes special characters (e.g., <>), the underlying library converts these encoded character… - CVE-2024-42515 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
313815 - - - Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path traversal, likely leading to remote code execution via modification of shell scripts on the server. - CVE-2024-39332 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
313816 - - - Studio-42 eLfinder 2.1.62 is vulnerable to Remote Code Execution (RCE) as there is no restriction for uploading files with the .php8 extension. - CVE-2023-52044 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
313817 - - - The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges t… CWE-59
Link Following 		CVE-2024-45315 2024-11-2 01:35 2024-10-11 Show GitHub Exploit DB Packet Storm
313818 - - - Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/… - CVE-2024-8037 2024-11-2 01:35 2024-10-2 Show GitHub Exploit DB Packet Storm
313819 9.8 CRITICAL
Network 		tenda ac1206_firmware A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The m… CWE-787
 Out-of-bounds Write 		CVE-2024-10434 2024-11-2 01:32 2024-10-28 Show GitHub Exploit DB Packet Storm
313820 7.8 HIGH
Local 		autodesk autocad
autocad_advance_steel
autocad_architecture
autocad_civil_3d
autocad_electrical
autocad_mechanical
autocad_mep
autocad_plant_3d
dwg_trueview
autocad_lt 		A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, wri… CWE-787
 Out-of-bounds Write 		CVE-2024-9997 2024-11-2 01:27 2024-10-30 Show GitHub Exploit DB Packet Storm