Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4301 7.5 重要
Network 		- アップルのmacOSにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-39871 2026-05-14 10:19 2026-05-11 Show GitHub Exploit DB Packet Storm
4302 8.8 重要
Network 		Anthropic PBC Claude Code Anthropic PBCのClaude Codeにおける複数の脆弱性 CWE-20
CWE-77
CWE-noinfo
CVE-2026-40068 2026-05-14 10:19 2026-05-5 Show GitHub Exploit DB Packet Storm
4303 7.5 重要
Network 		OpenMRS OpenMRS OpenMRSにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40075 2026-05-14 10:19 2026-05-5 Show GitHub Exploit DB Packet Storm
4304 7.8 重要
Local 		デル Dell ObjectScale
elastic cloud storage 		デルのelastic cloud storage等の複数製品におけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-40636 2026-05-14 10:19 2026-05-11 Show GitHub Exploit DB Packet Storm
4305 6.7 警告
Local 		デル insightiq デルのinsightiqにおける不要な特権による実行に関する脆弱性 CWE-250
不要な特権による実行 		CVE-2026-40638 2026-05-14 10:19 2026-05-12 Show GitHub Exploit DB Packet Storm
4306 7.5 重要
Network 		VMware Spring Cloud Config VMwareのSpring Cloud Configにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-40981 2026-05-14 10:19 2026-05-7 Show GitHub Exploit DB Packet Storm
4307 9.1 緊急
Network 		VMware Spring Cloud Config VMwareのSpring Cloud Configにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40982 2026-05-14 10:19 2026-05-7 Show GitHub Exploit DB Packet Storm
4308 8.1 重要
Network 		VMware Spring Cloud Config VMwareのSpring Cloud ConfigにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-41002 2026-05-14 10:19 2026-05-7 Show GitHub Exploit DB Packet Storm
4309 4.4 警告
Local 		VMware Spring Cloud Config VMwareのSpring Cloud Configにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-41004 2026-05-14 10:19 2026-05-7 Show GitHub Exploit DB Packet Storm
4310 5.3 警告
Network 		Sync-in Sync-in Server Sync-inのSync-in Serverにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-41161 2026-05-14 10:19 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313031 - mozilla firefox
seamonkey 		Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a craf… CWE-399
 Resource Management Errors 		CVE-2010-0183 2024-11-21 10:11 2010-06-24 Show GitHub Exploit DB Packet Storm
313032 - novell access_manager Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Ac… CWE-22
Path Traversal 		CVE-2010-0284 2024-11-21 10:11 2010-06-19 Show GitHub Exploit DB Packet Storm
313033 6.5 MEDIUM
Network 		apache qpid-cpp qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use . CWE-20
 Improper Input Validation  		CVE-2009-5004 2024-11-21 10:10 2019-11-9 Show GitHub Exploit DB Packet Storm
313034 6.1 MEDIUM
Network 		pixelpost pixelpost pixelpost 1.7.1 has XSS CWE-79
Cross-site Scripting 		CVE-2009-4900 2024-11-21 10:10 2019-10-29 Show GitHub Exploit DB Packet Storm
313035 9.8 CRITICAL
Network 		pixelpost pixelpost pixelpost 1.7.1 has SQL injection CWE-89
SQL Injection 		CVE-2009-4899 2024-11-21 10:10 2019-10-29 Show GitHub Exploit DB Packet Storm
313036 - justsystems just_smile
atok
atok_flat-rate_service 		Unspecified vulnerability in JustSystems Corporation ATOK 2006 through 2009 and ATOK flat-rate service, and Just Smile 4 with the ATOK Smile module, allows physically proximate users to bypass the sc… NVD-CWE-noinfo
CVE-2009-4738 2024-11-21 10:10 2013-01-19 Show GitHub Exploit DB Packet Storm
313037 - mozilla firefox Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted… CWE-79
Cross-site Scripting 		CVE-2009-5017 2024-11-21 10:10 2010-11-13 Show GitHub Exploit DB Packet Storm
313038 - php php Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanism… CWE-189
Numeric Errors 		CVE-2009-5016 2024-11-21 10:10 2010-11-13 Show GitHub Exploit DB Packet Storm
313039 - turbogears turbogears2 The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors. NVD-CWE-noinfo
CVE-2009-5015 2024-11-21 10:10 2010-11-6 Show GitHub Exploit DB Packet Storm
313040 - turbogears turbogears2 The default quickstart configuration of TurboGears2 (aka tg2) before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authoriz… CWE-310
Cryptographic Issues 		CVE-2009-5014 2024-11-21 10:10 2010-11-6 Show GitHub Exploit DB Packet Storm