Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
225361 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Applications Framework における Diagnostics の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0376 2013-11-8 11:00 2013-01-15 Show GitHub Exploit DB Packet Storm
225362 5.5 警告 MySQL AB
オラクル
- Oracle MySQL の MySQL Server における Server Replication の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0375 2013-11-8 10:59 2013-01-15 Show GitHub Exploit DB Packet Storm
225363 4.3 警告 オラクル - 複数の Oracle Enterprise Manager 製品における Database Cloning の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0374 2013-11-8 10:58 2013-01-15 Show GitHub Exploit DB Packet Storm
225364 4.3 警告 オラクル - 複数の Oracle Enterprise Manager 製品における Distributed/Cross DB Features の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0373 2013-11-8 10:57 2013-01-15 Show GitHub Exploit DB Packet Storm
225365 4 警告 MySQL AB
オラクル
- Oracle MySQL の MySQL Server における MyISAM の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0371 2013-11-8 10:55 2013-01-15 Show GitHub Exploit DB Packet Storm
225366 2.1 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM Framework における Security の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0370 2013-11-8 10:54 2013-01-15 Show GitHub Exploit DB Packet Storm
225367 5.5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft PeopleTools における Query の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0369 2013-11-8 10:53 2013-01-15 Show GitHub Exploit DB Packet Storm
225368 4 警告 MySQL AB
オラクル
- Oracle MySQL の MySQL Server における InnoDB の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0368 2013-11-8 10:52 2013-01-15 Show GitHub Exploit DB Packet Storm
225369 4 警告 MySQL AB
オラクル
- Oracle MySQL の MySQL Server における Server Partition の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0367 2013-11-8 10:51 2013-01-15 Show GitHub Exploit DB Packet Storm
225370 4 警告 オラクル - Oracle Siebel CRM における Security の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-0365 2013-11-8 10:48 2013-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
151 4.1 MEDIUM
Local
- - IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user. New CWE-256
Plaintext Storage of a Password 
CVE-2024-45636 2026-06-12 01:16 2026-06-12 Show GitHub Exploit DB Packet Storm
152 9.6 CRITICAL
Adjacent
microsoft windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2022
windows_server_2025
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network. New CWE-122
Heap-based Buffer Overflow
CVE-2026-42904 2026-06-12 01:15 2026-06-10 Show GitHub Exploit DB Packet Storm
153 7.8 HIGH
Local
microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. New CWE-416
 Use After Free
CVE-2026-42905 2026-06-12 01:14 2026-06-10 Show GitHub Exploit DB Packet Storm
154 5.5 MEDIUM
Local
microsoft windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2022
windows_server_2025
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally. New CWE-200
Information Exposure
CVE-2026-42906 2026-06-12 01:13 2026-06-10 Show GitHub Exploit DB Packet Storm
155 6.1 MEDIUM
Network
vmware spring_framework Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code injection in the browser, potentially resulting in a cross-site scripting (XSS) vulnerability. Af… New CWE-79
Cross-site Scripting
CVE-2026-41845 2026-06-12 01:12 2026-06-9 Show GitHub Exploit DB Packet Storm
156 6.1 MEDIUM
Network
vmware spring_framework Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting… New CWE-79
Cross-site Scripting
CVE-2026-41846 2026-06-12 01:10 2026-06-9 Show GitHub Exploit DB Packet Storm
157 5.3 MEDIUM
Network
vmware spring_framework Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. Affected versions: Spring Framework 5.3.0 through 5.3.48. New CWE-284
NVD-CWE-noinfo
Improper Access Control
CVE-2026-41847 2026-06-12 01:08 2026-06-9 Show GitHub Exploit DB Packet Storm
158 7.8 HIGH
Local
microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. New CWE-416
 Use After Free
CVE-2026-42986 2026-06-12 01:02 2026-06-10 Show GitHub Exploit DB Packet Storm
159 8.1 HIGH
Network
microsoft windows_server_2012
windows_server_2016
windows_server_2019
windows_server_2022
windows_server_2025
Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network. New CWE-416
 Use After Free
CVE-2026-42987 2026-06-12 00:46 2026-06-10 Show GitHub Exploit DB Packet Storm
160 7.5 HIGH
Network
vmware spring_framework Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attacker is able to provide a pattern which is then directly or indirectly supplied to one of the followi… New CWE-1333
 Inefficient Regular Expression Complexity
CVE-2026-41848 2026-06-12 00:45 2026-06-9 Show GitHub Exploit DB Packet Storm