Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2701 6.5 警告
Network 		Splunk Splunk AI Toolkit SplunkのSplunk AI Toolkitにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-20238 2026-05-28 14:33 2026-05-20 Show GitHub Exploit DB Packet Storm
2702 7.5 重要
Network 		NVIDIA NVIDIA TensorRT NVIDIAのNVIDIA TensorRTにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-24188 2026-05-28 14:33 2026-05-20 Show GitHub Exploit DB Packet Storm
2703 5.3 警告
Network 		Dropbox Erlang SAML library Lexi Wilson (arekinath)等の複数ベンダの製品におけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-28809 2026-05-28 14:33 2026-03-23 Show GitHub Exploit DB Packet Storm
2704 9.1 緊急
Network 		Nexent Nexent Nexentにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-31215 2026-05-28 14:33 2026-05-12 Show GitHub Exploit DB Packet Storm
2705 9.1 緊急
Network 		Nexent Nexent Nexentにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-31216 2026-05-28 14:33 2026-05-12 Show GitHub Exploit DB Packet Storm
2706 9.8 緊急
Network 		Nebuly OptiMate NebulyのOptiMateにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-31217 2026-05-28 14:33 2026-05-12 Show GitHub Exploit DB Packet Storm
2707 7.5 重要
Network 		Gleam-wisp Wisp Gleam-wispのWispにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-32145 2026-05-28 14:33 2026-04-2 Show GitHub Exploit DB Packet Storm
2708 7.5 重要
Network 		Elixir Plug Plug.cowboy Elixir PlugのPlug.cowboyにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-32688 2026-05-28 14:33 2026-04-27 Show GitHub Exploit DB Packet Storm
2709 8.8 重要
Network 		9bis KiTTY KovidgoyalのKittyにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-33633 2026-05-28 14:33 2026-05-19 Show GitHub Exploit DB Packet Storm
2710 9.8 緊急
Network 		9bis KiTTY KovidgoyalのKittyにおける複数の脆弱性 CWE-125
CWE-190
CWE-787
CVE-2026-33642 2026-05-28 14:33 2026-05-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
306431 - cisco carrier_routing_system Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a denial of service (Metro subsystem crash) via a fragmented GRE packet, aka Bug ID CSCts14887. CWE-20
 Improper Input Validation  		CVE-2011-3283 2024-11-21 10:30 2012-05-2 Show GitHub Exploit DB Packet Storm
306432 - apple safari Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application cr… CWE-399
 Resource Management Errors 		CVE-2011-3443 2024-11-21 10:30 2012-03-2 Show GitHub Exploit DB Packet Storm
306433 - craig_barratt backuppc Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num paramet… CWE-79
Cross-site Scripting 		CVE-2011-3361 2024-11-21 10:30 2012-02-18 Show GitHub Exploit DB Packet Storm
306434 - sun
oracle 		jre Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows… NVD-CWE-noinfo
CVE-2011-3563 2024-11-21 10:30 2012-02-16 Show GitHub Exploit DB Packet Storm
306435 - apple mac_os_x_server
mac_os_x 		WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound direc… CWE-287
Improper Authentication 		CVE-2011-3463 2024-11-21 10:30 2012-02-3 Show GitHub Exploit DB Packet Storm
306436 - apple mac_os_x_server
mac_os_x 		Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in… NVD-CWE-noinfo
CVE-2011-3462 2024-11-21 10:30 2012-02-3 Show GitHub Exploit DB Packet Storm
306437 - apple mac_os_x
mac_os_x_server 		Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3460 2024-11-21 10:30 2012-02-3 Show GitHub Exploit DB Packet Storm
306438 - apple mac_os_x
mac_os_x_server 		Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie fil… CWE-189
Numeric Errors 		CVE-2011-3459 2024-11-21 10:30 2012-02-3 Show GitHub Exploit DB Packet Storm
306439 - apple mac_os_x_server
mac_os_x 		QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-3458 2024-11-21 10:30 2012-02-3 Show GitHub Exploit DB Packet Storm
306440 - apple mac_os_x
mac_os_x_server 		The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading Language (aka GLSL) compilation, which allows remote attackers to execute arbitrary code or cause a … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3457 2024-11-21 10:30 2012-02-3 Show GitHub Exploit DB Packet Storm