Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
11	8.1	重要 Network	Grafana Labs	Grafana	Grafana LabsのGrafanaにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-33381	2026-06-17 15:46	2026-05-13	Show	GitHub Exploit DB Packet Storm

12	5.4	警告 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-3341	2026-06-17 15:46	2026-06-11	Show	GitHub Exploit DB Packet Storm

13	6.1	警告 Network	IBM	IBM DevOps Plan	IBMのIBM DevOps PlanにおけるHTTP ヘッダのスクリプト構文の不適切な無効化に関する脆弱性	CWE-644 HTTP ヘッダのスクリプト構文の不適切な無効化	CVE-2026-4096	2026-06-17 15:46	2026-06-11	Show	GitHub Exploit DB Packet Storm

14	5.4	警告 Network	VMware	VMware Cloud Foundation VMware Telco Cloud Platform VMware vSphere VMware Aria Operations	VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2026-41722	2026-06-17 15:46	2026-06-8	Show	GitHub Exploit DB Packet Storm

15	8	重要 Network	VMware	VMware Cloud Foundation VMware Telco Cloud Platform VMware vSphere VMware Aria Operations	VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41723	2026-06-17 15:46	2026-06-8	Show	GitHub Exploit DB Packet Storm

16	5.9	警告 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-42767	2026-06-17 15:46	2026-06-9	Show	GitHub Exploit DB Packet Storm

17	3.7	低 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける暗号化処理の不備に関する脆弱性	CWE-325 暗号化処理の不備	CVE-2026-42770	2026-06-17 15:46	2026-06-9	Show	GitHub Exploit DB Packet Storm

18	6.2	警告 Local	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-42771	2026-06-17 15:46	2026-06-9	Show	GitHub Exploit DB Packet Storm

19	8.8	重要 Network	Kovidgoyal	Kitty	KovidgoyalのKittyにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-42850	2026-06-17 15:46	2026-06-12	Show	GitHub Exploit DB Packet Storm

20	7.8	重要 Local	Kovidgoyal	Kitty	KovidgoyalのKittyにおける複数の脆弱性	CWE-862 CWE-94	CVE-2026-42851	2026-06-17 15:46	2026-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
257401	8.8	HIGH Network	mcafee	network_security_manager	Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTT…	NVD-CWE-noinfo	CVE-2017-3960	2024-11-21 12:26	2018-06-12	Show	GitHub Exploit DB Packet Storm

257402	5.4	MEDIUM Network	mcafee	network_security_manager	Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in …	CWE-79 Cross-site Scripting	CVE-2017-3961	2024-11-21 12:26	2018-05-25	Show	GitHub Exploit DB Packet Storm

257403	6.4	MEDIUM Physics	lenovo	flex_system_x240_m5_bios flex_system_x280_x6_bios flex_system_x480_x6_bios flex_system_x880_bios nextscale_nx360_m5_bios system_x3250_m6_bios system_x3500_m5_bios system_x3550_m5…	Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with p…	CWE-287 Improper Authentication	CVE-2017-3775	2024-11-21 12:26	2018-05-5	Show	GitHub Exploit DB Packet Storm

257404	7.5	HIGH Network	vmware	xenon	VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient acces…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-4952	2024-11-21 12:26	2018-05-2	Show	GitHub Exploit DB Packet Storm

257405	7.5	HIGH Network	lenovo	lenovo_help	Lenovo Help Android mobile app versions earlier than 6.1.2.0327 allowed information to be transmitted over an HTTP channel, permitting others observing the channel to potentially see this information.	CWE-200 Information Exposure	CVE-2017-3776	2024-11-21 12:26	2018-04-19	Show	GitHub Exploit DB Packet Storm

257406	9.8	CRITICAL Network	lenovo	integrated_management_module_2	A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than ver…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-3774	2024-11-21 12:26	2018-04-19	Show	GitHub Exploit DB Packet Storm

257407	6.5	MEDIUM Network	mcafee	network_security_manager	Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyp…	CWE-326 Inadequate Encryption Strength	CVE-2017-3971	2024-11-21 12:26	2018-04-4	Show	GitHub Exploit DB Packet Storm

257408	5.9	MEDIUM Network	mcafee	network_security_manager	Abuse of communication channels vulnerability in the server in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows man-in-the-middle attackers to decrypt messages via an inadequate impl…	CWE-417 Channel and Path Errors	CVE-2017-3969	2024-11-21 12:26	2018-04-4	Show	GitHub Exploit DB Packet Storm

257409	6.1	MEDIUM Network	mcafee	network_security_manager	Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via applic…	CWE-94 Code Injection	CVE-2017-3967	2024-11-21 12:26	2018-04-4	Show	GitHub Exploit DB Packet Storm

257410	6.3	MEDIUM Network	mcafee	network_security_manager	Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers …	CWE-613 Insufficient Session Expiration	CVE-2017-3966	2024-11-21 12:26	2018-04-4	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed