Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201 6.5 警告
Adjacent 		エリクソン Packet Core Controller エリクソンのPacket Core Controllerにおける不正な構文構造の不適切な処理に関する脆弱性 New CWE-228
不正な構文構造の不適切な処理 		CVE-2025-59174 2026-06-9 14:12 2026-06-5 Show GitHub Exploit DB Packet Storm
202 8.8 重要
Network 		Pointsharp ID Server PointsharpのID Serverにおけるユーザ制御の鍵による認証回避に関する脆弱性 New CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-3999 2026-06-9 14:12 2026-03-13 Show GitHub Exploit DB Packet Storm
203 7.8 重要
Local 		レッドハット
X.Org Foundation		 X.Org X Server
xwayland
Red Hat Enterprise Linux 		レッドハット等の複数ベンダの製品におけるスタックベースのバッファオーバーフローの脆弱性 New CWE-121
スタックオーバーフロー 		CVE-2026-50256 2026-06-9 14:12 2026-06-5 Show GitHub Exploit DB Packet Storm
204 7.8 重要
Local 		レッドハット
X.Org Foundation		 X.Org X Server
xwayland
Red Hat Enterprise Linux 		レッドハット等の複数ベンダの製品における解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-50257 2026-06-9 14:12 2026-06-5 Show GitHub Exploit DB Packet Storm
205 7.8 重要
Local 		レッドハット
X.Org Foundation		 X.Org X Server
xwayland
Red Hat Enterprise Linux 		レッドハット等の複数ベンダの製品におけるスタックベースのバッファオーバーフローの脆弱性 New CWE-121
スタックオーバーフロー 		CVE-2026-50258 2026-06-9 14:12 2026-06-5 Show GitHub Exploit DB Packet Storm
206 7.8 重要
Local 		レッドハット
X.Org Foundation		 X.Org X Server
xwayland
Red Hat Enterprise Linux 		レッドハット等の複数ベンダの製品におけるスタックベースのバッファオーバーフローの脆弱性 New CWE-121
スタックオーバーフロー 		CVE-2026-50259 2026-06-9 14:12 2026-06-5 Show GitHub Exploit DB Packet Storm
207 8.6 重要
Network 		Vertex-app Vertex Vertex-appのVertexにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2024-40646 2026-06-9 14:12 2026-06-1 Show GitHub Exploit DB Packet Storm
208 7.8 重要
Local 		BitDefender napoca BitDefenderのnapocaにおける境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-10046 2026-06-9 14:12 2026-06-2 Show GitHub Exploit DB Packet Storm
209 7.8 重要
Local 		BitDefender napoca BitDefenderのnapocaにおける境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-10047 2026-06-9 14:11 2026-06-2 Show GitHub Exploit DB Packet Storm
210 6.5 警告
Adjacent 		エリクソン Packet Core Gateway (PCG) エリクソンのPacket Core Gateway (PCG)における不正な構文構造の不適切な処理に関する脆弱性 New CWE-228
不正な構文構造の不適切な処理 		CVE-2026-25657 2026-06-9 14:11 2026-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2171 7.5 HIGH
Network 		synology c2_identity_edge_server An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server. CWE-749
 Exposed Dangerous Method or Function 		CVE-2025-14713 2026-06-3 05:41 2026-05-27 Show GitHub Exploit DB Packet Storm
2172 8.6 HIGH
Network 		synology active_backup_for_business A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files. CWE-89
SQL Injection 		CVE-2025-30028 2026-06-3 05:41 2026-05-27 Show GitHub Exploit DB Packet Storm
2173 5.9 MEDIUM
Network 		synology safe_access Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Safe Access in Synology Safe Access before 1.3.1-0329 allows remote authenticated users with admi… CWE-79
Cross-site Scripting 		CVE-2025-10466 2026-06-3 05:30 2026-05-27 Show GitHub Exploit DB Packet Storm
2174 8.6 HIGH
Local 		zed zed Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when opening a folder with a malicious .git/config file that abuses the core.fsmonitor Git configuration option. This allow… CWE-78
OS Command  		CVE-2026-44465 2026-06-3 05:17 2026-05-29 Show GitHub Exploit DB Packet Storm
2175 - - - In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names e… CWE-863
 Incorrect Authorization 		CVE-2026-49299 2026-06-3 05:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2176 - - - In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty bu… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-49017 2026-06-3 05:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2177 8.1 HIGH
Network 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage… CWE-863
 Incorrect Authorization 		CVE-2026-48064 2026-06-3 05:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2178 7.8 HIGH
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly withou… CWE-78
OS Command  		CVE-2026-44709 2026-06-3 05:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2179 8.6 HIGH
Local 		zed zed Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arbitrary commands nested inside an allowli… CWE-78
OS Command  		CVE-2026-44466 2026-06-3 05:14 2026-05-29 Show GitHub Exploit DB Packet Storm
2180 8.2 HIGH
Network 		ibm cognos_analytics
cognos_transformer 		IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting (XSS). This vulnerability allows a remote attacker to … CWE-79
Cross-site Scripting 		CVE-2025-3633 2026-06-3 05:05 2026-05-27 Show GitHub Exploit DB Packet Storm