Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
204691	8.1	重要 Network	マイクロソフト	-	複数の Microsoft Windows 製品における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3223	2016-06-17 12:10	2016-06-14	Show	GitHub Exploit DB Packet Storm

204692	6.1	警告 Network	マイクロソフト	-	Microsoft Internet Explorer 9 から 11 の XSS フィルタにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-3212	2016-06-17 11:33	2016-06-14	Show	GitHub Exploit DB Packet Storm

204693	8.8	重要 Network	マイクロソフト	-	Microsoft Internet Explorer 9 から 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-3211	2016-06-17 11:33	2016-06-14	Show	GitHub Exploit DB Packet Storm

204694	8.8	重要 Network	マイクロソフト	-	Microsoft Internet Explorer 11 で使用される JScript および VBScript エンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-3210	2016-06-17 11:33	2016-06-14	Show	GitHub Exploit DB Packet Storm

204695	8.8	重要 Network	マイクロソフト	-	Microsoft Internet Explorer 9 から 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0200	2016-06-17 11:33	2016-06-14	Show	GitHub Exploit DB Packet Storm

204696	8.8	重要 Network	マイクロソフト	-	Microsoft Internet Explorer 9 から 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0199	2016-06-17 11:33	2016-06-14	Show	GitHub Exploit DB Packet Storm

204697	3.3	低 Local	ABB	-	ABB PCM600 における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2016-4527	2016-06-16 16:25	2016-05-31	Show	GitHub Exploit DB Packet Storm

204698	6.5	警告 Local	ABB	-	ABB PCM600 における重要な情報を取得される脆弱性	CWE-310 CWE-Other	CVE-2016-4524	2016-06-16 16:25	2016-05-31	Show	GitHub Exploit DB Packet Storm

204699	3.3	低 Local	ABB	-	ABB PCM600 における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-4516	2016-06-16 16:25	2016-05-31	Show	GitHub Exploit DB Packet Storm

204700	8.1	重要 Network	Debian Canonical Jiri Pirko レッドハット	-	NetworkManager で使用される libndp における中間者攻撃を実行される脆弱性	CWE-Other その他	CVE-2016-3698	2016-06-16 15:24	2016-05-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
301	8.8	HIGH Network	zed	zed	Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash variable expansion chaining (${var@P}), allowing arbitrary command execution under an allowliste… Update	CWE-184 Incomplete Blacklist	CVE-2026-44462	2026-06-3 10:00	2026-05-29	Show	GitHub Exploit DB Packet Storm

302	8.6	HIGH Local	zed	zed	Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL remote commands as a shell command string that starts with exec env ..., but environment variable keys are inserted without shell quoting or… Update	CWE-78 OS Command	CVE-2026-44461	2026-06-3 09:58	2026-05-29	Show	GitHub Exploit DB Packet Storm

303	7.5	HIGH Network	jg-rp	python_liquid	Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search pa… Update	CWE-22 Path Traversal	CVE-2026-45017	2026-06-3 09:43	2026-05-29	Show	GitHub Exploit DB Packet Storm

304	4.3	MEDIUM Network	-	-	The EmergencyWP – Dead Man's switch & legacy deliverance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorr… New	CWE-352 Origin Validation Error	CVE-2026-9732	2026-06-3 09:16	2026-06-3	Show	GitHub Exploit DB Packet Storm

305	4.4	MEDIUM Network	-	-	The Passeum Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.0. This is due to the `get_shop_url()` method returning the `shop_name`… New	CWE-79 Cross-site Scripting	CVE-2026-7421	2026-06-3 09:16	2026-06-3	Show	GitHub Exploit DB Packet Storm

306	4.3	MEDIUM Network	-	-	A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function is_safe_regex_pattern of the component search_code_advanced. Executing a manipulation of the argum… New	CWE-400 CWE-1333 Uncontrolled Resource Consumption Inefficient Regular Expression Complexity	CVE-2026-10692	2026-06-3 09:16	2026-06-3	Show	GitHub Exploit DB Packet Storm

307	4.3	MEDIUM Network	-	-	A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component start_search. Performing a ma… New	CWE-400 CWE-1333 Uncontrolled Resource Consumption Inefficient Regular Expression Complexity	CVE-2026-10691	2026-06-3 09:16	2026-06-3	Show	GitHub Exploit DB Packet Storm

308	6.5	MEDIUM Network	-	-	LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only `VIEW` access to an MCP server can retrieve the server's decrypted a… New	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-44653	2026-06-3 08:16	2026-06-3	Show	GitHub Exploit DB Packet Storm

309	-		-	-	When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or log… New	-	CVE-2026-42507	2026-06-3 08:16	2026-06-3	Show	GitHub Exploit DB Packet Storm

310	-		-	-	GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, a technician can store an XSS payload in a ITIL costs. This issue has been fixed in version 11.0.7. New	CWE-79 Cross-site Scripting	CVE-2026-40108	2026-06-3 08:16	2026-06-3	Show	GitHub Exploit DB Packet Storm