Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218091 5 警告 FreeBSD - FreeBSD の routed におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3955 2014-10-29 18:27 2014-10-21 Show GitHub Exploit DB Packet Storm
218092 10 危険 FreeBSD - FreeBSD の rtsold におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-3954 2014-10-29 18:26 2014-10-21 Show GitHub Exploit DB Packet Storm
218093 5 警告 FreeBSD - FreeBSD の namei におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-3711 2014-10-29 18:25 2014-10-21 Show GitHub Exploit DB Packet Storm
218094 5 警告 レッドハット - Red Hat CloudForms Management Engine の AgentController における任意のテキストをログファイルに挿入される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0136 2014-10-29 17:42 2014-08-13 Show GitHub Exploit DB Packet Storm
218095 7.5 危険 Django Software Foundation - Django Tastypie のserializers.py の from_yaml メソッドにおける任意の Python コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4104 2014-10-29 17:41 2011-11-1 Show GitHub Exploit DB Packet Storm
218096 7.5 危険 Django Software Foundation - Django Piston の emitters.py における任意の Python コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4103 2014-10-29 17:41 2011-11-1 Show GitHub Exploit DB Packet Storm
218097 6.8 警告 Cobbler project - Cobbler の item.py の set_mgmt_parameters 関数における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4953 2014-10-29 17:32 2011-11-15 Show GitHub Exploit DB Packet Storm
218098 7.8 危険 Claudio Klingler - QuiXplorer の zip ダウンロード機能におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-1641 2014-10-29 17:21 2013-11-3 Show GitHub Exploit DB Packet Storm
218099 6.8 警告 Marcel Hellkamp - Bottle におけるアクセス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3137 2014-10-29 17:21 2014-04-26 Show GitHub Exploit DB Packet Storm
218100 3.7 注意 Nelson Murilo
Canonical		 - chkrootkit の slapper 関数における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0476 2014-10-29 17:20 2014-06-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant update endpoint of FlowiseAI. … New CWE-284
CWE-639
CWE-915
Improper Access Control
 Authorization Bypass Through User-Controlled Key
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46441 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm
62 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions… New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-46400 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
63 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. The PHP version of HAX CMS prior to version 26.0.0 has an authenticated file overwrite vulnerability. An attacker can exploit this… New CWE-15
CWE-73
CWE-78
 External Control of System or Configuration Setting
 External Control of File Name or Path
OS Command  		CVE-2026-46399 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
64 6.5 MEDIUM
Network 		- - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an Authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low… New CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-46397 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
65 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery (SSRF) vulnerability in versions prior to 26.0.0 allows authenticated users to fetch … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-46393 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
66 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 9.0.1 and prior to version 26.0.0 of @haxtheweb/open-apis, multiple functions conduct substring-only matching … New CWE-183
CWE-918
 Permissive List of Allowed Inputs
Server-Side Request Forgery (SSRF)  		CVE-2026-46391 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
67 - - - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3d_get_extensions() walks a userspace-provided singly-linked … New - CVE-2026-46314 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm
68 8.8 HIGH
Network 		mbs-solutions universal_gateway_firmware A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. Update CWE-121
Stack-based Buffer Overflow 		CVE-2026-35085 2026-06-9 02:16 2026-06-3 Show GitHub Exploit DB Packet Storm
69 - - - In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp->psys is confirmed to be an error pointer not NULL so this c… New - CVE-2026-46313 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm
70 - - - In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap vb2_dma_contig sets VMA flags VM_DONTEXPAND and VM_DONTDUMP and I do not see a… New - CVE-2026-46312 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm