Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189401	7.8	重要 Local	GNU Project	-	GNU Binutils におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-17121	2017-12-27 11:55	2017-11-28	Show	GitHub Exploit DB Packet Storm

189402	8.8	重要 Network	トレンドマイクロ	-	Trend Micro InterScan Messaging Security Virtual Appliance におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2017-11391	2017-12-27 10:37	2017-07-19	Show	GitHub Exploit DB Packet Storm

189403	8.8	重要 Network	トレンドマイクロ	-	Trend Micro InterScan Messaging Security Virtual Appliance におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2017-11392	2017-12-27 10:37	2017-07-19	Show	GitHub Exploit DB Packet Storm

189404	8.8	重要 Network	Libav	-	Libav におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-17130	2017-12-27 10:32	2017-11-17	Show	GitHub Exploit DB Packet Storm

189405	8.8	重要 Network	Libav	-	Libav における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-17129	2017-12-27 10:32	2017-11-17	Show	GitHub Exploit DB Packet Storm

189406	6.5	警告 Network	Libav	-	Libav におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-17128	2017-12-27 10:32	2017-11-30	Show	GitHub Exploit DB Packet Storm

189407	6.5	警告 Network	Libav	-	Libav における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-17127	2017-12-27 10:32	2017-11-17	Show	GitHub Exploit DB Packet Storm

189408	8.1	重要 Network	GNU Project	-	GNU C Library における整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2017-17426	2017-12-27 10:15	2017-11-30	Show	GitHub Exploit DB Packet Storm

189409	7.8	重要 Local	Google	-	Android におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-9722	2017-12-27 09:57	2017-12-4	Show	GitHub Exploit DB Packet Storm

189410	7	重要 Local	Google	-	Android におけるバッファエラーの脆弱性	CWE-119 CWE-362	CVE-2017-9718	2017-12-27 09:57	2017-12-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1591	8.1	HIGH Network	microsoft	windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2022 windows_server_2025	Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.	CWE-190 Integer Overflow or Wraparound	CVE-2026-42974	2026-06-11 04:53	2026-06-10	Show	GitHub Exploit DB Packet Storm

1592	7.8	HIGH Local	microsoft	windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2019 windows_server_2022 windows_server_2025	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.	CWE-362 Race Condition	CVE-2026-42977	2026-06-11 04:49	2026-06-10	Show	GitHub Exploit DB Packet Storm

1593	6.5	MEDIUM Network	-	-	A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption (QE) or Client-Side Field Level Encryption (CSFLE) results in literal values for encrypted fields w…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2026-9741	2026-06-11 04:43	2026-06-10	Show	GitHub Exploit DB Packet Storm

1594	7.5	HIGH Network	-	-	When OIDC authentication is enabled in configuration, clients may set specific values in the "mechanism" parameter of the "authenticate" command that lead to server crash. The authenticate command is…	CWE-1287 Improper Validation of Specified Type of Input	CVE-2026-9742	2026-06-11 04:43	2026-06-10	Show	GitHub Exploit DB Packet Storm

1595	6.5	MEDIUM Network	-	-	When using $changestreams and $_requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user m…	CWE-617 Reachable Assertion	CVE-2026-9746	2026-06-11 04:43	2026-06-10	Show	GitHub Exploit DB Packet Storm

1596	6.5	MEDIUM Network	-	-	This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces e…	CWE-617 Reachable Assertion	CVE-2026-9749	2026-06-11 04:43	2026-06-10	Show	GitHub Exploit DB Packet Storm

1597	6.5	MEDIUM Network	-	-	An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-wi…	CWE-476 NULL Pointer Dereference	CVE-2026-9752	2026-06-11 04:43	2026-06-10	Show	GitHub Exploit DB Packet Storm

1598	8.1	HIGH Network	-	-	The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $_internalApply…	CWE-1287 Improper Validation of Specified Type of Input	CVE-2026-9753	2026-06-11 04:43	2026-06-10	Show	GitHub Exploit DB Packet Storm

1599	6.5	MEDIUM Network	-	-	An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command	CWE-457 Use of Uninitialized Variable	CVE-2026-9754	2026-06-11 04:43	2026-06-10	Show	GitHub Exploit DB Packet Storm

1600	5.4	MEDIUM Network	microsoft	sharepoint_server	Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.	CWE-79 Cross-site Scripting	CVE-2026-45479	2026-06-11 04:42	2026-06-10	Show	GitHub Exploit DB Packet Storm