Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3081	7.3	重要 Network	Northern.tech	cfengine	Northern.techのcfengineにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-24712	2026-05-21 10:55	2026-05-14	Show	GitHub Exploit DB Packet Storm

3082	9.8	緊急 Network	Open JS Foundation	WebdriverIO	Open JS FoundationのWebdriverIOにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-25244	2026-05-21 10:55	2026-05-18	Show	GitHub Exploit DB Packet Storm

3083	6.5	警告 Network	マイクロソフト	Power Automate for Desktop	Microsoft Power Automate デスクトップの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-40374	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

3084	7.8	重要 Local	protobufjs project	protobufjs-cli	protobufjs projectのprotobufjs-cliにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-42290	2026-05-21 10:55	2026-05-13	Show	GitHub Exploit DB Packet Storm

3085	6.1	警告 Network	beaugunderson	ip-address	beaugundersonのip-addressにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42338	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

3086	7.6	重要 Network	PocketBase	PocketBase	PocketBaseにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-44166	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

3087	7.2	重要 Network	German Cancer Research Center (DKFZ)	nnU-Net	German Cancer Research Center (DKFZ)のnnU-Netにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2026-44246	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

3088	8.7	重要 Network	protobufjs project	protobufjs-cli	protobufjs projectのprotobufjs-cliにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44295	2026-05-21 10:55	2026-05-13	Show	GitHub Exploit DB Packet Storm

3089	9.8	緊急 Network	WGDashboard	WGDashboard	WGDashboardにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-44343	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

3090	8.8	重要 Network	Tabby	Tabby	TabbyにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-45035	2026-05-21 10:55	2026-05-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306131	-	ffftp	ffftp	Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions.	NVD-CWE-Other	CVE-2011-3991	2024-11-21 10:31	2011-11-5	Show	GitHub Exploit DB Packet Storm

306132	-	hiroyuki_oyama	dbd\	SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2011-3989	2024-11-21 10:31	2011-11-5	Show	GitHub Exploit DB Packet Storm

306133	-	controlsystemworks	csworks	The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service (service crash) via crafted TCP packets.	CWE-399 Resource Management Errors	CVE-2011-3996	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm

306134	-	skyarc	mtcms multifileuploader autotagging mailpack duplicateentry	Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0…	CWE-352 Origin Validation Error	CVE-2011-3994	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm

306135	-	skyarc	mtcms multifileuploader autotagging mailpack duplicateentry	SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-3993	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm

306136	-	dlink	des-3800 des-3800_firmware dwl-2100ap dwl-2100ap_firmware dwl-3200ap dwl-3200ap_firmware	Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows r…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-3992	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm

306137	-	daemon-tools	daemon_tools	dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced before 4.41.0315 allows local users to cause a denial of service (system crash) via an invalid Devi…	CWE-399 Resource Management Errors	CVE-2011-3987	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm

306138	-	pligg	pligg_cms	Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2011-3986	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm

306139	-	wireshark	wireshark	Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4102	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm

306140	-	wireshark	wireshark	The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a de…	NVD-CWE-Other	CVE-2011-4101	2024-11-21 10:31	2011-11-4	Show	GitHub Exploit DB Packet Storm