Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
247871 5 警告 ヒューレット・パッカード - HP OV NNM におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-3285 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
247872 4.3 警告 ヒューレット・パッカード - HP SMH における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-3284 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
247873 4.3 警告 ヒューレット・パッカード - HP SMH におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3283 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
247874 5.4 警告 Alcatel-Lucent - Alcatel-Lucent OmniVista の HTTP プロキシサービスにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3281 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
247875 6.9 警告 Alcatel-Lucent - Alcatel-Lucent OmniTouch Contact Center の TSA コンポーネントの CCAgent オプションにおける Contact Center 操作を監視または再設定される脆弱性 CWE-200
情報漏えい 		CVE-2010-3280 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
247876 7.6 危険 Alcatel-Lucent - Alcatel-Lucent OmniTouch Contact Center の CCAgent オプションのディフォルト設定における Contact Center 操作を監視または再設定される脆弱性 CWE-16
環境設定 		CVE-2010-3279 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
247877 2.1 注意 VMware - VMware Workstation および VMware Player のインストーラにおける Web スクリプトまたは HTML の想定外の解釈が発生する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3277 2012-03-27 18:42 2010-09-23 Show GitHub Exploit DB Packet Storm
247878 9.3 危険 VideoLAN - VideoLAN VLC Media Player の libdirectx_plugin.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3276 2012-03-27 18:42 2011-03-28 Show GitHub Exploit DB Packet Storm
247879 9.3 危険 VideoLAN - VideoLAN VLC Media Player の libdirectx_plugin.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3275 2012-03-27 18:42 2011-03-28 Show GitHub Exploit DB Packet Storm
247880 4.3 警告 Zoho Corporation - ZOHO ManageEngine ADSelfService Plus の Employee Search Engine におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3274 2012-03-27 18:42 2011-02-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
271 7.8 HIGH
Local 		zhinst labone_q The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix, this mechanism accepted… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2026-7584 2026-05-5 03:23 2026-05-1 Show GitHub Exploit DB Packet Storm
272 9.8 CRITICAL
Network 		bitwarden cli Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident. Update CWE-78
CWE-94
OS Command 
Code Injection 		CVE-2026-42994 2026-05-5 03:23 2026-05-1 Show GitHub Exploit DB Packet Storm
273 6.5 MEDIUM
Network 		apple container Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3. Update CWE-522
 Insufficiently Protected Credentials 		CVE-2026-28909 2026-05-5 03:22 2026-05-1 Show GitHub Exploit DB Packet Storm
274 8.8 HIGH
Network 		hkuds openharness HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Atta… Update CWE-78
OS Command  		CVE-2026-7551 2026-05-5 03:22 2026-05-1 Show GitHub Exploit DB Packet Storm
275 8.1 HIGH
Network 		langflow langflow IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for an… Update CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-6542 2026-05-5 03:21 2026-05-1 Show GitHub Exploit DB Packet Storm
276 9.8 CRITICAL
Network 		progress moveit_automation Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from… Update CWE-305
 Authentication Bypass by Primary Weakness 		CVE-2026-4670 2026-05-5 03:20 2026-05-1 Show GitHub Exploit DB Packet Storm
277 7.1 HIGH
Local 		- - Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal seq… New CWE-23
 Relative Path Traversal 		CVE-2026-43616 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
278 9.9 CRITICAL
Network 		- - Apache Polaris accepts literal `*` characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused une… New CWE-20
CWE-116
 Improper Input Validation 
 Improper Encoding or Escaping of Output 		CVE-2026-42810 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
279 9.8 CRITICAL
Network 		- - Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards it to the plugin manager… New CWE-306
Missing Authentication for Critical Function 		CVE-2026-42796 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
280 5.5 MEDIUM
Local 		- - CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it aga… New CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2026-42146 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm