Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
581 7.8 重要
Local 		NVIDIA NVTabular NVIDIAのNVTabularにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-24237 2026-06-8 11:49 2026-06-2 Show GitHub Exploit DB Packet Storm
582 6.8 警告
Network 		SWUpdate SWUpdate SWUpdateにおける複数の脆弱性 New CWE-125
CWE-191
CVE-2026-28525 2026-06-8 11:49 2026-04-23 Show GitHub Exploit DB Packet Storm
583 7.5 重要
Network 		turbo-stream
Shopify		 React Router
Turbo Stream 		Shopify等の複数ベンダの製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-34077 2026-06-8 11:49 2026-06-2 Show GitHub Exploit DB Packet Storm
584 6.5 警告
Network 		Apnotic Password Pusher ApnoticのPassword Pusherにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 New CWE-288
CWE-noinfo
CVE-2026-41308 2026-06-8 11:48 2026-05-8 Show GitHub Exploit DB Packet Storm
585 7.5 重要
Network 		Shopify remix-run/server-runtime
React Router 		ShopifyのReact Router等の複数製品におけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-42342 2026-06-8 11:48 2026-06-2 Show GitHub Exploit DB Packet Storm
586 5.3 警告
Network 		forms project forms NextcloudのFormsにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 New CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-45543 2026-06-8 11:48 2026-06-1 Show GitHub Exploit DB Packet Storm
587 8.1 重要
Network 		Get-hermes Hermes Web UI Get-hermesのHermes Web UIにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-6832 2026-06-8 11:48 2026-04-21 Show GitHub Exploit DB Packet Storm
588 8.8 重要
Network 		radare Radare2 MCP Server radareのRadare2 MCP ServerにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-6942 2026-06-8 11:48 2026-04-23 Show GitHub Exploit DB Packet Storm
589 7.3 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおけるハードコードされた認証情報の使用に関する脆弱性 New CWE-798
ハードコードされた認証情報の使用 		CVE-2026-8876 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
590 7.5 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおける暗号強度に関する脆弱性 New CWE-326
不適切な暗号強度 		CVE-2026-8878 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319341 6.1 MEDIUM
Network 		baijunyao bjyadmin bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics/umeditor1_2_3/php/getContent.php CWE-79
Cross-site Scripting 		CVE-2024-41351 2024-09-5 01:07 2024-08-30 Show GitHub Exploit DB Packet Storm
319342 6.1 MEDIUM
Network 		baijunyao bjyadmin bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics/umeditor1_2_3/php/imageUp.php CWE-79
Cross-site Scripting 		CVE-2024-41350 2024-09-5 01:07 2024-08-30 Show GitHub Exploit DB Packet Storm
319343 6.1 MEDIUM
Network 		jpatokal openflights openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/alsearch.php CWE-79
Cross-site Scripting 		CVE-2024-41348 2024-09-5 01:06 2024-08-30 Show GitHub Exploit DB Packet Storm
319344 6.1 MEDIUM
Network 		jpatokal openflights openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/settings.php CWE-79
Cross-site Scripting 		CVE-2024-41347 2024-09-5 01:05 2024-08-30 Show GitHub Exploit DB Packet Storm
319345 5.4 MEDIUM
Network 		jpatokal openflights openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/submit.php CWE-79
Cross-site Scripting 		CVE-2024-41346 2024-09-5 01:05 2024-08-30 Show GitHub Exploit DB Packet Storm
319346 9.8 CRITICAL
Network 		smackcoders sendgrid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress… CWE-89
SQL Injection 		CVE-2024-43965 2024-09-5 01:02 2024-08-30 Show GitHub Exploit DB Packet Storm
319347 9.8 CRITICAL
Network 		progress whatsup_gold In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users enc… CWE-89
SQL Injection 		CVE-2024-6671 2024-09-5 00:53 2024-08-30 Show GitHub Exploit DB Packet Storm
319348 9.8 CRITICAL
Network 		mozilla firefox Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code… CWE-787
 Out-of-bounds Write 		CVE-2024-8389 2024-09-5 00:50 2024-09-3 Show GitHub Exploit DB Packet Storm
319349 9.8 CRITICAL
Network 		seacms seacms SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del. CWE-89
SQL Injection 		CVE-2024-44921 2024-09-5 00:00 2024-09-3 Show GitHub Exploit DB Packet Storm
319350 6.1 MEDIUM
Network 		seacms seacms A cross-site scripting (XSS) vulnerability in the component admin_collect_news.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the si… CWE-79
Cross-site Scripting 		CVE-2024-44920 2024-09-4 23:59 2024-09-3 Show GitHub Exploit DB Packet Storm