Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
551 7.5 重要
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおける情報漏えいに関する脆弱性 New CWE-200
情報漏えい 		CVE-2026-49187 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
552 9.8 緊急
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおけるアクティブ状態のデバッグコードに関する脆弱性 New CWE-489
間違ったセッションへのデータの漏洩 		CVE-2026-49188 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
553 7.8 重要
Local 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおける権限管理に関する脆弱性 New CWE-269
不適切な権限管理 		CVE-2026-49189 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
554 8.8 重要
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G FirmwareにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-49190 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
555 9.8 緊急
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおける認証に関する脆弱性 New CWE-287
不適切な認証 		CVE-2026-49191 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
556 5.4 警告
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおけるユーザ制御の鍵による認証回避に関する脆弱性 New CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-49192 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
557 7.5 重要
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおける情報漏えいに関する脆弱性 New CWE-200
情報漏えい 		CVE-2026-49193 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
558 8.8 重要
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおける認証に関する脆弱性 New CWE-287
不適切な認証 		CVE-2026-49194 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
559 9.8 緊急
Network 		日本エイサー Predator Connect W6x Firmware エイサーのPredator Connect W6x Firmwareにおけるコマンドインジェクションの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-49199 2026-06-8 11:50 2026-05-29 Show GitHub Exploit DB Packet Storm
560 8.6 重要
Network 		日本エイサー Acer Connect M6E 5G Firmware エイサーのAcer Connect M6E 5G Firmwareにおける認証に関する脆弱性 New CWE-287
不適切な認証 		CVE-2026-49202 2026-06-8 11:50 2026-06-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
310511 - mozilla firefox
seamonkey 		The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to sp… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2751 2024-11-21 10:17 2010-07-31 Show GitHub Exploit DB Packet Storm
310512 - citibank citi_mobile The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchron… CWE-200
Information Exposure 		CVE-2010-2913 2024-11-21 10:17 2010-07-30 Show GitHub Exploit DB Packet Storm
310513 - mozilla firefox layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory… CWE-399
 Resource Management Errors 		CVE-2010-2755 2024-11-21 10:17 2010-07-30 Show GitHub Exploit DB Packet Storm
310514 - mozilla firefox
thunderbird
seamonkey 		dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppres… CWE-200
Information Exposure 		CVE-2010-2754 2024-11-21 10:17 2010-07-30 Show GitHub Exploit DB Packet Storm
310515 - kayako esupport SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action. CWE-89
SQL Injection 		CVE-2010-2912 2024-11-21 10:17 2010-07-29 Show GitHub Exploit DB Packet Storm
310516 - kayako esupport SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewnews action. CWE-89
SQL Injection 		CVE-2010-2911 2024-11-21 10:17 2010-07-29 Show GitHub Exploit DB Packet Storm
310517 - alexred com_oziogallery SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. CWE-89
SQL Injection 		CVE-2010-2910 2024-11-21 10:17 2010-07-29 Show GitHub Exploit DB Packet Storm
310518 - toughtomato com_ttvideo SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to … CWE-89
SQL Injection 		CVE-2010-2909 2024-11-21 10:17 2010-07-29 Show GitHub Exploit DB Packet Storm
310519 - joomdle com_joomdle SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail actio… CWE-89
SQL Injection 		CVE-2010-2908 2024-11-21 10:17 2010-07-29 Show GitHub Exploit DB Packet Storm
310520 - huruhelpdesk com_huruhelpdesk SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to inde… CWE-89
SQL Injection 		CVE-2010-2907 2024-11-21 10:17 2010-07-29 Show GitHub Exploit DB Packet Storm