Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2871	7.8	重要 Local	Nullsoft	Nullsoft Scriptable Install System	NullsoftのNullsoft Scriptable Install Systemにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-42171	2026-05-20 13:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

2872	4.3	警告 Network	getkirby	kirby	getkirbyのkirbyにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-42174	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2873	7.5	重要 Network	OpenBao	OpenBao	OpenBaoにおける保存または転送前の重要な情報の削除に関する脆弱性	CWE-212 保存または転送前の重要な情報の不適切な削除	CVE-2026-42186	2026-05-20 13:30	2026-05-14	Show	GitHub Exploit DB Packet Storm

2874	7.5	重要 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-42245	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2875	7.4	重要 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-392 CWE-393 CWE-636 CWE-754 CWE-841	CVE-2026-42246	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2876	9.8	緊急 Network	ollama	ollama	Ollamaにおけるダウンロードしたコードの完全性検証不備に関する脆弱性	CWE-494 ダウンロードしたコードの完全性検証不備	CVE-2026-42248	2026-05-20 13:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

2877	9.8	緊急 Network	ollama	ollama	Ollamaにおける複数の脆弱性	CWE-22 CWE-494	CVE-2026-42249	2026-05-20 13:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

2878	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-77 CWE-93	CVE-2026-42257	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2879	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-77 CWE-93	CVE-2026-42258	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2880	7.1	重要 Network	Quantum Nous	New API	Quantum NousのNew APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42339	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306821	-	apache	tomcat	Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3…	NVD-CWE-Other	CVE-2011-2481	2024-11-21 10:28	2011-08-16	Show	GitHub Exploit DB Packet Storm

306822	-	adobe	flash_player adobe_air	Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, al…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-2424	2024-11-21 10:28	2011-08-16	Show	GitHub Exploit DB Packet Storm

306823	-	google	android	Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitra…	CWE-20 Improper Input Validation	CVE-2011-2357	2024-11-21 10:28	2011-08-13	Show	GitHub Exploit DB Packet Storm

306824	-	adobe	shockwave_player	msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-2423	2024-11-21 10:28	2011-08-12	Show	GitHub Exploit DB Packet Storm

306825	-	adobe	shockwave_player	Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-2422	2024-11-21 10:28	2011-08-12	Show	GitHub Exploit DB Packet Storm

306826	-	adobe	shockwave_player	Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-2421	2024-11-21 10:28	2011-08-12	Show	GitHub Exploit DB Packet Storm

306827	-	adobe	shockwave_player	Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-2420	2024-11-21 10:28	2011-08-12	Show	GitHub Exploit DB Packet Storm

306828	-	adobe	shockwave_player	IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-2419	2024-11-21 10:28	2011-08-12	Show	GitHub Exploit DB Packet Storm

306829	-	hp	palm_webos	Cross-site scripting (XSS) vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2011-2409	2024-11-21 10:28	2011-08-12	Show	GitHub Exploit DB Packet Storm

306830	-	hp	palm_webos	Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2011-2408	2024-11-21 10:28	2011-08-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed