Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4241 7.5 重要
Network 		libsndfile project libsndfile libsndfile projectのlibsndfileにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-37555 2026-05-7 12:06 2026-04-29 Show GitHub Exploit DB Packet Storm
4242 6.5 警告
Network 		Grokability, Inc. Snipe-IT Grokability, Inc.のSnipe-ITにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-38533 2026-05-7 12:05 2026-04-14 Show GitHub Exploit DB Packet Storm
4243 7.5 重要
Network 		Apache Software Foundation ActiveMQ Broker
Apache ActiveMQ 		Apache Software FoundationのApache ActiveMQ等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-39304 2026-05-7 12:05 2026-04-10 Show GitHub Exploit DB Packet Storm
4244 6.5 警告
Network 		OpenBao OpenBao OpenBaoにおける複数の脆弱性 CWE-400
CWE-674
CWE-770
CVE-2026-39396 2026-05-7 12:05 2026-04-21 Show GitHub Exploit DB Packet Storm
4245 7.8 重要
Local 		FreeBSD FreeBSD FreeBSDにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-39457 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
4246 10 緊急
Network 		traefik traefik traefikにおける複数の脆弱性 CWE-290
CWE-306
CVE-2026-39858 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
4247 7.2 重要
Network 		Progress Software Corporation ECS Connection Manager
loadmaster
Connection Manager for ObjectScale 		Progress Software CorporationのConnection Manager for ObjectScale等の複数製品におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-4048 2026-05-7 12:05 2026-04-20 Show GitHub Exploit DB Packet Storm
4248 7.8 重要
Local 		radare radare2 radareのradare2におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-40499 2026-05-7 12:05 2026-04-15 Show GitHub Exploit DB Packet Storm
4249 7.3 重要
Network 		Apache Software Foundation HttpClient Apache Software FoundationのHttpClientにおける認証の重要なステップの欠如に関する脆弱性 CWE-304
認証の重要なステップの欠如 		CVE-2026-40542 2026-05-7 12:05 2026-04-22 Show GitHub Exploit DB Packet Storm
4250 9.1 緊急
Network 		goshs goshs goshsにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-40903 2026-05-7 12:05 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314441 - - - Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid parameter to admin/queries.php. - CVE-2024-51064 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
314442 - - - An issue in MobaXterm v24.2 allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI is spawning one Administrative cmd (conhost.exe) - CVE-2024-48200 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
314443 - - - Glossarizer through 1.5.2 improperly tries to convert text into HTML. Even though the application itself escapes special characters (e.g., <>), the underlying library converts these encoded character… - CVE-2024-42515 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
314444 - - - Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path traversal, likely leading to remote code execution via modification of shell scripts on the server. - CVE-2024-39332 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
314445 - - - Studio-42 eLfinder 2.1.62 is vulnerable to Remote Code Execution (RCE) as there is no restriction for uploading files with the .php8 extension. - CVE-2023-52044 2024-11-2 01:35 2024-11-1 Show GitHub Exploit DB Packet Storm
314446 - - - The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges t… CWE-59
Link Following 		CVE-2024-45315 2024-11-2 01:35 2024-10-11 Show GitHub Exploit DB Packet Storm
314447 - - - Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/… - CVE-2024-8037 2024-11-2 01:35 2024-10-2 Show GitHub Exploit DB Packet Storm
314448 9.8 CRITICAL
Network 		tenda ac1206_firmware A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The m… CWE-787
 Out-of-bounds Write 		CVE-2024-10434 2024-11-2 01:32 2024-10-28 Show GitHub Exploit DB Packet Storm
314449 7.8 HIGH
Local 		autodesk autocad
autocad_advance_steel
autocad_architecture
autocad_civil_3d
autocad_electrical
autocad_mechanical
autocad_mep
autocad_plant_3d
dwg_trueview
autocad_lt 		A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, wri… CWE-787
 Out-of-bounds Write 		CVE-2024-9997 2024-11-2 01:27 2024-10-30 Show GitHub Exploit DB Packet Storm
314450 7.8 HIGH
Local 		autodesk autocad
autocad_advance_steel
autocad_architecture
autocad_civil_3d
autocad_electrical
autocad_mechanical
autocad_mep
autocad_plant_3d
dwg_trueview
autocad_lt 		A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, … CWE-787
 Out-of-bounds Write 		CVE-2024-9996 2024-11-2 01:27 2024-10-30 Show GitHub Exploit DB Packet Storm