Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4071	7.5	重要 Network	OpenMRS	OpenMRS	OpenMRSにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40075	2026-05-14 10:19	2026-05-5	Show	GitHub Exploit DB Packet Storm

4072	7.8	重要 Local	デル	Dell ObjectScale elastic cloud storage	デルのelastic cloud storage等の複数製品におけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2026-40636	2026-05-14 10:19	2026-05-11	Show	GitHub Exploit DB Packet Storm

4073	6.7	警告 Local	デル	insightiq	デルのinsightiqにおける不要な特権による実行に関する脆弱性	CWE-250 不要な特権による実行	CVE-2026-40638	2026-05-14 10:19	2026-05-12	Show	GitHub Exploit DB Packet Storm

4074	7.5	重要 Network	VMware	Spring Cloud Config	VMwareのSpring Cloud Configにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-40981	2026-05-14 10:19	2026-05-7	Show	GitHub Exploit DB Packet Storm

4075	9.1	緊急 Network	VMware	Spring Cloud Config	VMwareのSpring Cloud Configにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40982	2026-05-14 10:19	2026-05-7	Show	GitHub Exploit DB Packet Storm

4076	8.1	重要 Network	VMware	Spring Cloud Config	VMwareのSpring Cloud ConfigにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-41002	2026-05-14 10:19	2026-05-7	Show	GitHub Exploit DB Packet Storm

4077	4.4	警告 Local	VMware	Spring Cloud Config	VMwareのSpring Cloud Configにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-41004	2026-05-14 10:19	2026-05-7	Show	GitHub Exploit DB Packet Storm

4078	5.3	警告 Network	Sync-in	Sync-in Server	Sync-inのSync-in Serverにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-41161	2026-05-14 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

4079	5.3	警告 Network	angular	angular	angularにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-41423	2026-05-14 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

4080	8.1	重要 Network	Linux Foundation	dapr	Linux Foundationのdaprにおける複数の脆弱性	CWE-22 CWE-284 CWE-noinfo	CVE-2026-41491	2026-05-14 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312961	-	viewvc	viewvc	ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_limit configuration setting, and consequently conduct resource-consumption attacks, via the limit parameter, as demonstrated by a …	CWE-399 Resource Management Errors	CVE-2009-5024	2024-11-21 10:11	2011-05-24	Show	GitHub Exploit DB Packet Storm

312962	-	zeacom	chat_server	Zeacom Chat Server before 5.1 uses too short a random string for the JSESSIONID value, which makes it easier for remote attackers to hijack sessions or cause a denial of service (Chat Server crash or…	CWE-310 Cryptographic Issues	CVE-2010-0217	2024-11-21 10:11	2011-05-21	Show	GitHub Exploit DB Packet Storm

312963	-	monkeysaudio	monkey\'s_audio	Monkey's Audio before 4.02 allows remote attackers to cause a denial of service (application crash) via a malformed APE file.	CWE-399 Resource Management Errors	CVE-2009-5075	2024-11-21 10:11	2011-05-21	Show	GitHub Exploit DB Packet Storm

312964	-	inventivetec	mediacast	authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the Us…	CWE-310 Cryptographic Issues	CVE-2010-0216	2024-11-21 10:11	2011-05-11	Show	GitHub Exploit DB Packet Storm

312965	-	libtiff	libtiff	Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-5022	2024-11-21 10:11	2011-05-4	Show	GitHub Exploit DB Packet Storm

312966	-	mojolicious	mojolicious	Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors.	NVD-CWE-noinfo	CVE-2009-5074	2024-11-21 10:11	2011-05-3	Show	GitHub Exploit DB Packet Storm

312967	-	ibm	tivoli_directory_server	IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) by adding a nested g…	CWE-399 Resource Management Errors	CVE-2009-5073	2024-11-21 10:11	2011-04-21	Show	GitHub Exploit DB Packet Storm

312968	-	ibm	tivoli_directory_server	Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memo…	CWE-399 Resource Management Errors	CVE-2009-5072	2024-11-21 10:11	2011-04-21	Show	GitHub Exploit DB Packet Storm

312969	-	hp	palm_pre_webos	Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file."	NVD-CWE-noinfo	CVE-2009-5071	2024-11-21 10:11	2011-04-20	Show	GitHub Exploit DB Packet Storm

312970	-	mark_pilgrim	feedparser	Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via …	CWE-79 Cross-site Scripting	CVE-2009-5065	2024-11-21 10:11	2011-04-12	Show	GitHub Exploit DB Packet Storm