Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1821 7.5 重要
Network 		Shopify remix-run/server-runtime
React Router 		ShopifyのReact Router等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-42342 2026-06-8 11:48 2026-06-2 Show GitHub Exploit DB Packet Storm
1822 5.3 警告
Network 		forms project forms NextcloudのFormsにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-45543 2026-06-8 11:48 2026-06-1 Show GitHub Exploit DB Packet Storm
1823 8.1 重要
Network 		Get-hermes Hermes Web UI Get-hermesのHermes Web UIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6832 2026-06-8 11:48 2026-04-21 Show GitHub Exploit DB Packet Storm
1824 8.8 重要
Network 		radare Radare2 MCP Server radareのRadare2 MCP ServerにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-6942 2026-06-8 11:48 2026-04-23 Show GitHub Exploit DB Packet Storm
1825 7.3 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-8876 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
1826 7.5 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおける暗号強度に関する脆弱性 CWE-326
不適切な暗号強度 		CVE-2026-8878 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
1827 7.5 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-8879 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
1828 7.8 重要
Local 		Amazon.com, Inc. Kiro CLI Amazon.com, Inc.のKiro CLIにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-9255 2026-06-8 11:48 2026-05-22 Show GitHub Exploit DB Packet Storm
1829 9.9 緊急
Network 		Flowintel Flowintel Flowintelにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-9813 2026-06-8 11:48 2026-05-28 Show GitHub Exploit DB Packet Storm
1830 7.8 重要
Local 		huggingface transformers huggingfaceのtransformersにおける複数の脆弱性 CWE-1066
CWE-502
CVE-2026-4372 2026-06-8 11:48 2026-05-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
344241 - microsoft office_web_components
project 		The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands vi… NVD-CWE-Other
CVE-2002-0727 2018-10-13 06:31 2002-09-24 Show GitHub Exploit DB Packet Storm
344242 - microsoft office_web_components
project 		The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to read arbitrary files through Internet Explorer via a URL that redire… NVD-CWE-Other
CVE-2002-0860 2018-10-13 06:31 2002-09-24 Show GitHub Exploit DB Packet Storm
344243 - microsoft office_web_components
project 		Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell ob… NVD-CWE-Other
CVE-2002-0861 2018-10-13 06:31 2002-09-24 Show GitHub Exploit DB Packet Storm
344244 - microsoft virtual_machine A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remot… NVD-CWE-Other
CVE-2002-0865 2018-10-13 06:31 2002-10-11 Show GitHub Exploit DB Packet Storm
344245 - microsoft virtual_machine Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet tha… NVD-CWE-Other
CVE-2002-0866 2018-10-13 06:31 2002-10-11 Show GitHub Exploit DB Packet Storm
344246 - microsoft virtual_machine Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Hand… NVD-CWE-Other
CVE-2002-0867 2018-10-13 06:31 2002-10-11 Show GitHub Exploit DB Packet Storm
344247 - microsoft outlook
word 		Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which … NVD-CWE-Other
CVE-2002-1056 2018-10-13 06:31 2002-05-16 Show GitHub Exploit DB Packet Storm
344248 - microsoft data_engine
sql_server 		Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port … NVD-CWE-Other
CVE-2002-1123 2018-10-13 06:31 2002-09-24 Show GitHub Exploit DB Packet Storm
344249 - microsoft data_engine
sql_server 		Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 20… NVD-CWE-Other
CVE-2002-1137 2018-10-13 06:31 2002-10-11 Show GitHub Exploit DB Packet Storm
344250 - microsoft data_engine
sql_server 		Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the … NVD-CWE-Other
CVE-2002-1138 2018-10-13 06:31 2002-10-11 Show GitHub Exploit DB Packet Storm