Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3191 5.3 警告
Network 		Mem0 mem0 Mem0のmem0における複数の脆弱性 CWE-306
CWE-862
CVE-2026-31245 2026-05-18 12:05 2026-05-12 Show GitHub Exploit DB Packet Storm
3192 7.5 重要
Network 		マイクロソフト Copilot Chat (Microsoft Edge) Copilot Chat (Microsoft Edge) の情報漏えいの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-33111 2026-05-18 12:05 2026-05-7 Show GitHub Exploit DB Packet Storm
3193 8.1 重要
Network 		マイクロソフト Azure Monitor Action Group Notification System Azure Monitor のアクション グループの通知システムの特権昇格の脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41105 2026-05-18 12:05 2026-05-7 Show GitHub Exploit DB Packet Storm
3194 7.8 重要
Local 		マイクロソフト Kiota マイクロソフトのKiotaにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41134 2026-05-18 12:05 2026-04-22 Show GitHub Exploit DB Packet Storm
3195 8.2 重要
Network 		Kata Containers Confidential Containers
Kata Containers 		Kata ContainersのConfidential Containers等の複数製品におけるUNIX Symbolic Link のフォローに関する脆弱性 CWE-61
UNIX Symbolic Link のフォロー 		CVE-2026-41326 2026-05-18 12:05 2026-04-24 Show GitHub Exploit DB Packet Storm
3196 8.4 重要
Local 		opentelemetry OpenTelemetry eBPF Instrumentation opentelemetryのOpenTelemetry eBPF Instrumentationにおける複数の脆弱性 CWE-22
CWE-59
CVE-2026-41433 2026-05-18 12:05 2026-04-24 Show GitHub Exploit DB Packet Storm
3197 5.3 警告
Network 		RedwoodSDK RedwoodSDK RedwoodjsのRedwoodSDKにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-42190 2026-05-18 12:05 2026-05-8 Show GitHub Exploit DB Packet Storm
3198 7.2 重要
Network 		FileMaker, Inc Claris FileMaker Cloud Claris International Inc. (旧 FileMaker, Inc)のClaris FileMaker Cloudにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-43680 2026-05-18 12:05 2026-05-12 Show GitHub Exploit DB Packet Storm
3199 7.2 重要
Network 		FileMaker, Inc Claris FileMaker Cloud Claris International Inc. (旧 FileMaker, Inc)のClaris FileMaker CloudにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-43685 2026-05-18 12:05 2026-05-12 Show GitHub Exploit DB Packet Storm
3200 6.5 警告
Network 		Shellhub Shellhub Shellhubにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-44426 2026-05-18 12:05 2026-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
306991 - php php Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname fo… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-1938 2024-11-21 10:27 2011-06-1 Show GitHub Exploit DB Packet Storm
306992 - webmin webmin Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related … CWE-79
Cross-site Scripting 		CVE-2011-1937 2024-11-21 10:27 2011-06-1 Show GitHub Exploit DB Packet Storm
306993 - wouter_verhelst nbd nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by… NVD-CWE-Other
CVE-2011-1925 2024-11-21 10:27 2011-06-1 Show GitHub Exploit DB Packet Storm
306994 - nlnetlabs unbound daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and … CWE-399
 Resource Management Errors 		CVE-2011-1922 2024-11-21 10:27 2011-06-1 Show GitHub Exploit DB Packet Storm
306995 - isc bind Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service… CWE-189
Numeric Errors 		CVE-2011-1910 2024-11-21 10:27 2011-06-1 Show GitHub Exploit DB Packet Storm
306996 - tigervnc tigervnc The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not properly verify the server's X.509 certificate, which allows man-in-the-m… CWE-20
 Improper Input Validation  		CVE-2011-1775 2024-11-21 10:27 2011-05-27 Show GitHub Exploit DB Packet Storm
306997 - ibm websphere_portal The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via request… CWE-399
 Resource Management Errors 		CVE-2011-2173 2024-11-21 10:27 2011-05-27 Show GitHub Exploit DB Packet Storm
306998 - ibm websphere_portal Cross-site scripting (XSS) vulnerability in the search center in IBM WebSphere Portal 7.0.0.1 before CF004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2011-2172 2024-11-21 10:27 2011-05-27 Show GitHub Exploit DB Packet Storm
306999 - google chrome Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write. CWE-787
 Out-of-bounds Write 		CVE-2011-1807 2024-11-21 10:27 2011-05-27 Show GitHub Exploit DB Packet Storm
307000 - google chrome Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspe… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-1806 2024-11-21 10:27 2011-05-27 Show GitHub Exploit DB Packet Storm