Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4471	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性	CWE-451 ユーザインターフェースにおける重要情報の誤った表示	CVE-2026-35371	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

4472	5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるUNIX Symbolic Link のフォローに関する脆弱性	CWE-61 UNIX Symbolic Link のフォロー	CVE-2026-35372	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

4473	5.5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるUnicode エンコーディングの処理に関する脆弱性	CWE-176 Unicode エンコーディングの不適切な処理	CVE-2026-35373	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

4474	6.3	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35374	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

4475	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるUnicode エンコーディングの処理に関する脆弱性	CWE-176 Unicode エンコーディングの不適切な処理	CVE-2026-35375	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

4476	5.8	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35376	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

4477	8.8	重要 Network	DBitNet	N300 T1 Pro ファームウェア	DBitNetのN300 T1 Pro ファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-36956	2026-05-7 11:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

4478	7.5	重要 Network	DBitNet	N300 T1 Pro ファームウェア	DBitNetのN300 T1 Pro ファームウェアにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-36957	2026-05-7 11:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

4479	4.4	警告 Local	Absolute Software	secure access	Absolute Softwareのsecure accessにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-40949	2026-05-7 11:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

4480	6.5	警告 Network	Absolute Software	secure access	Absolute Softwareのsecure accessにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-40950	2026-05-7 11:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314711	6.1	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…	CWE-79 Cross-site Scripting	CVE-2024-20415	2024-11-1 04:17	2024-10-24	Show	GitHub Exploit DB Packet Storm

314712	6.1	MEDIUM Network	cisco	secure_firewall_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…	CWE-79 Cross-site Scripting	CVE-2024-20273	2024-11-1 04:09	2024-10-24	Show	GitHub Exploit DB Packet Storm

314713	5.4	MEDIUM Network	cisco	secure_firewall_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack …	CWE-79 Cross-site Scripting	CVE-2024-20264	2024-11-1 04:04	2024-10-24	Show	GitHub Exploit DB Packet Storm

314714	6.5	MEDIUM Network	lunary	lunary	lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup). An unauthenticated attacker can inj…	CWE-74 Injection	CVE-2024-7472	2024-11-1 03:46	2024-10-29	Show	GitHub Exploit DB Packet Storm

314715	9.8	CRITICAL Network	langchain	langchain	A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability p…	CWE-89 SQL Injection	CVE-2024-7042	2024-11-1 03:36	2024-10-29	Show	GitHub Exploit DB Packet Storm

314716	9.1	CRITICAL Network	gaizhenbiao	chuanhuchatgpt	A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files w…	CWE-610 Externally Controlled Reference to a Resource in Another Sphere	CVE-2024-5823	2024-11-1 03:05	2024-10-29	Show	GitHub Exploit DB Packet Storm

314717	-		-	-	TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the book…	-	CVE-2024-34537	2024-11-1 02:15	2024-10-28	Show	GitHub Exploit DB Packet Storm

314718	7.5	HIGH Network	-	-	IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue m…	CWE-266 Incorrect Privilege Assignment	CVE-2024-40681	2024-11-1 02:15	2024-09-8	Show	GitHub Exploit DB Packet Storm

314719	5.5	MEDIUM Local	ibm	mq_operator	IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2024-40680	2024-11-1 02:15	2024-09-7	Show	GitHub Exploit DB Packet Storm

314720	5.4	MEDIUM Network	tychesoftwares	arconix_shortcodes	The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input saniti…	CWE-79 Cross-site Scripting	CVE-2024-10226	2024-11-1 01:48	2024-10-29	Show	GitHub Exploit DB Packet Storm