Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1901 8.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office クイック実行の特権の昇格の脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-35436 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
1902 5.5 警告
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Microsoft Word
Office Long Term Servicing Channel (LTSC) 		Microsoft Word の情報漏えいの脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-35440 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
1903 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-3637 2026-05-21 10:52 2026-05-18 Show GitHub Exploit DB Packet Storm
1904 9.8 緊急
Network 		H2O.ai H2O H2O.aiのH2Oにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-3960 2026-05-21 10:52 2026-04-23 Show GitHub Exploit DB Packet Storm
1905 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office のリモート コードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-40358 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
1906 7.8 重要
Local 		マイクロソフト Microsoft Office Online Server
Microsoft Excel
Microsoft Office
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps 		Microsoft Excel のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-40359 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
1907 7.8 重要
Local 		マイクロソフト Microsoft Office Online Server
Microsoft Excel
Microsoft Office
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps 		Microsoft Excel の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-40360 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
1908 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Microsoft Word
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-40361 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
1909 7.8 重要
Local 		マイクロソフト Microsoft Office Online Server
Microsoft Excel
Microsoft Office
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps 		Microsoft Excel のリモートでコードが実行される脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-40362 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
1910 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office のリモート コードが実行される脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-40363 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
344971 - paul_vixie vixie_cron crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when a… NVD-CWE-Other
CVE-2001-0559 2017-10-10 10:29 2001-08-14 Show GitHub Exploit DB Packet Storm
344972 - paul_vixie vixie_cron Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username (> 20 characters). NVD-CWE-Other
CVE-2001-0560 2017-10-10 10:29 2001-08-22 Show GitHub Exploit DB Packet Storm
344973 - electrosoft electrocomm ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a remote attacker to create a denial of service via large (> 160000 character) strings sent to port 23. NVD-CWE-Other
CVE-2001-0563 2017-10-10 10:29 2001-08-14 Show GitHub Exploit DB Packet Storm
344974 - apc ap9606 APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporari… NVD-CWE-Other
CVE-2001-0564 2017-10-10 10:29 2001-08-22 Show GitHub Exploit DB Packet Storm
344975 - zope zope Digital Creations Zope 2.3.2 and earlier allows a local attacker to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass. NVD-CWE-Other
CVE-2001-0567 2017-10-10 10:29 2001-08-14 Show GitHub Exploit DB Packet Storm
344976 - ibm aix lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsf… NVD-CWE-Other
CVE-2001-0573 2017-10-10 10:29 2001-08-2 Show GitHub Exploit DB Packet Storm
344977 - jason_rahaim mp3mystic Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL. NVD-CWE-Other
CVE-2001-0574 2017-10-10 10:29 2001-08-14 Show GitHub Exploit DB Packet Storm
344978 - gordano ntmail Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000. NVD-CWE-Other
CVE-2001-0585 2017-10-10 10:29 2001-08-22 Show GitHub Exploit DB Packet Storm
344979 - trend_micro scanmail_exchange TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted pass… NVD-CWE-Other
CVE-2001-0586 2017-10-10 10:29 2001-08-22 Show GitHub Exploit DB Packet Storm
344980 - juniper netscreen_screenos NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns. NVD-CWE-Other
CVE-2001-0589 2017-10-10 10:29 2001-08-22 Show GitHub Exploit DB Packet Storm