Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200111 6.1 警告
Network 		soruly - whatanime.ga における脆弱な Web サイトのコンテキスト内のブラウザで任意の HTML およびスクリプトコードを実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6390 2017-03-17 15:51 2017-02-28 Show GitHub Exploit DB Packet Storm
200112 7.8 重要
Local 		kernel.org - util-linux の runuser における親セッションにエスケープされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2779 2017-03-17 15:48 2016-02-25 Show GitHub Exploit DB Packet Storm
200113 5.9 警告
Network 		A10ネットワークス株式会社 - A10 AX1030 およびその他のデバイスのソフトウェアにおける認証キーを取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-10213 2017-03-17 15:39 2016-06-10 Show GitHub Exploit DB Packet Storm
200114 7.5 重要
Network 		Atheme.org - Atheme の saslserv/main.so の saslserv/main.c 内の login_user 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2017-6384 2017-03-17 15:35 2017-02-4 Show GitHub Exploit DB Packet Storm
200115 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-3003 2017-03-17 11:59 2017-03-14 Show GitHub Exploit DB Packet Storm
200116 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player の ActionScript2 TextField オブジェクトにおける任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-3002 2017-03-17 11:59 2017-03-14 Show GitHub Exploit DB Packet Storm
200117 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-3001 2017-03-17 11:59 2017-03-14 Show GitHub Exploit DB Packet Storm
200118 7.5 重要
Network 		アドビシステムズ - Adobe Flash Player の乱数発生器における情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-3000 2017-03-17 11:59 2017-03-14 Show GitHub Exploit DB Packet Storm
200119 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player の Primetime TVSDK 機能におけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-2999 2017-03-17 11:59 2017-03-14 Show GitHub Exploit DB Packet Storm
200120 5.3 警告
Network 		Puppet - Puppet Communications Protocol ブローカにおけるクラッシュ状態にされる脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9686 2017-03-17 10:45 2016-11-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3461 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute cod… CWE-23
 Relative Path Traversal 		CVE-2025-41280 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
3462 7.2 HIGH
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 RX Host in version… CWE-78
OS Command  		CVE-2025-41279 2026-06-2 03:55 2026-05-29 Show GitHub Exploit DB Packet Storm
3463 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that al… CWE-78
OS Command  		CVE-2025-41281 2026-06-2 03:55 2026-05-29 Show GitHub Exploit DB Packet Storm
3464 6.5 MEDIUM
Network 		- - Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loo… CWE-674
CWE-835
 Uncontrolled Recursion
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-44740 2026-06-2 03:53 2026-06-2 Show GitHub Exploit DB Packet Storm
3465 9.9 CRITICAL
Network 		- - OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc… CWE-693
 Protection Mechanism Failure 		CVE-2026-45102 2026-06-2 03:50 2026-05-28 Show GitHub Exploit DB Packet Storm
3466 7.8 HIGH
Local 		- - systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active Netwo… CWE-78
OS Command  		CVE-2026-44724 2026-06-2 03:50 2026-05-28 Show GitHub Exploit DB Packet Storm
3467 7.5 HIGH
Network 		- - Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcr… CWE-200
CWE-306
Information Exposure
Missing Authentication for Critical Function 		CVE-2026-45332 2026-06-2 03:50 2026-05-29 Show GitHub Exploit DB Packet Storm
3468 - - - Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled… CWE-22
CWE-79
Path Traversal
Cross-site Scripting 		CVE-2026-45668 2026-06-2 03:50 2026-05-30 Show GitHub Exploit DB Packet Storm
3469 7.5 HIGH
Network 		google chrome Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Ch… CWE-416
 Use After Free 		CVE-2026-9934 2026-06-2 03:49 2026-05-29 Show GitHub Exploit DB Packet Storm
3470 8.8 HIGH
Network 		google chrome Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-9941 2026-06-2 03:49 2026-05-29 Show GitHub Exploit DB Packet Storm