Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2921	7.8	重要 Local	Linux Foundation	Automotive Grade Linux	Linux FoundationのAutomotive Grade Linuxにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-37526	2026-05-20 13:20	2026-05-1	Show	GitHub Exploit DB Packet Storm

2922	9.8	緊急 Network	Linux Foundation	Automotive Grade Linux	Linux FoundationのAutomotive Grade Linuxにおける複数の脆弱性	CWE-22 CWE-367	CVE-2026-37531	2026-05-20 13:20	2026-05-1	Show	GitHub Exploit DB Packet Storm

2923	6.5	警告 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-40016	2026-05-20 13:20	2026-05-12	Show	GitHub Exploit DB Packet Storm

2924	4.3	警告 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品におけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-40020	2026-05-20 13:20	2026-05-12	Show	GitHub Exploit DB Packet Storm

2925	7.8	重要 Local	マイクロソフト	Azure Connected Machine Agent	Azure Connected Machine Agent の特権の昇格の脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-40381	2026-05-20 13:20	2026-05-12	Show	GitHub Exploit DB Packet Storm

2926	9.8	緊急 Network	エレコム株式会社	WRC-XE5400GS-G WRC-BE72XSD-B WAB-BE72-M WRC-X1800GS-B WRC-BE65QSD-B WRC-X6000QSA-G WRC-X3000GS2A-B WRC-W702-B WRC-X6000XS-G WAB-BE36-M WRC-X6000XST-G WRC-X3000GS2-B	エレコム製無線LANルーターおよび無線アクセスポイントにおける複数の脆弱性（2026年5月）	CWE-78 CWE-79 CWE-Other	CVE-2026-25107 CVE-2026-35506 CVE-2026-40621 CVE-2026-42062 CVE-2026-42948 CVE-2026-42950 CVE-2026-42961	2026-05-19 17:24	2026-05-12	Show	GitHub Exploit DB Packet Storm

2927	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年05月14日）	-	-	2026-05-18 14:06	2026-05-15	Show	GitHub Exploit DB Packet Storm

2928	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-71297	2026-05-18 12:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

2929	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-71298	2026-05-18 12:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

2930	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-71299	2026-05-18 12:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306621	6.1	MEDIUM Network	snewscms	snews	A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71.	CWE-79 Cross-site Scripting	CVE-2011-2706	2024-11-21 10:28	2020-01-15	Show	GitHub Exploit DB Packet Storm

306622	6.1	MEDIUM Network	mozilla	firefox	Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets	CWE-79 Cross-site Scripting	CVE-2011-2670	2024-11-21 10:28	2020-01-13	Show	GitHub Exploit DB Packet Storm

306623	9.8	CRITICAL Network	linux redhat	dhcp6c enterprise_linux	The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP messag…	CWE-74 Injection	CVE-2011-2717	2024-11-21 10:28	2019-11-28	Show	GitHub Exploit DB Packet Storm

306624	9.8	CRITICAL Network	vsftpd_project debian	vsftpd debian_linux	vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.	CWE-78 OS Command	CVE-2011-2523	2024-11-21 10:28	2019-11-28	Show	GitHub Exploit DB Packet Storm

306625	5.3	MEDIUM Local	packagekit_project debian redhat	packagekit debian_linux enterprise_linux_server	PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2011-2515	2024-11-21 10:28	2019-11-28	Show	GitHub Exploit DB Packet Storm

306626	7.5	HIGH Network	freebsd netbsd	freebsd netbsd	Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl all…	CWE-200 Information Exposure	CVE-2011-2480	2024-11-21 10:28	2019-11-28	Show	GitHub Exploit DB Packet Storm

306627	7.5	HIGH Network	drupal debian redhat fedoraproject	drupal debian_linux enterprise_linux fedora	An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individua…	CWE-863 Incorrect Authorization	CVE-2011-2726	2024-11-21 10:28	2019-11-16	Show	GitHub Exploit DB Packet Storm

306628	6.5	MEDIUM Network	google	blink	Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.	CWE-416 Use After Free	CVE-2011-2334	2024-11-21 10:28	2019-11-13	Show	GitHub Exploit DB Packet Storm

306629	7.5	HIGH Network	google	blink	A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.	CWE-415 Double Free	CVE-2011-2335	2024-11-21 10:28	2019-11-13	Show	GitHub Exploit DB Packet Storm

306630	9.8	CRITICAL Network	google	blink	A wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms.	CWE-704 Incorrect Type Conversion or Cast	CVE-2011-2337	2024-11-21 10:28	2019-11-8	Show	GitHub Exploit DB Packet Storm