Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3721	2.7	低 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-2900	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3722	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-3073	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3723	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-3074	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3724	5.8	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるフィルタリングの回避に関する脆弱性	CWE-441 フィルタリング回避	CVE-2026-3160	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3725	9.1	緊急 Network	マイクロソフト	Azure SDK for Java	Azure SDK for Java のセキュリティ機能のバイパスの脆弱性	CWE-287 CWE-347	CVE-2026-33117	2026-05-18 12:07	2026-05-12	Show	GitHub Exploit DB Packet Storm

3726	9.9	緊急 Network	マイクロソフト	Microsoft Dynamics 365 Customer Insights	Microsoft Dynamics 365 Customer Insights の特権昇格の脆弱性	CWE-269 不適切な権限管理	CVE-2026-33821	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

3727	6.5	警告 Adjacent	Pengutronix e.K.	barebox	Pengutronix e.K.のbareboxにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34960	2026-05-18 12:06	2026-05-11	Show	GitHub Exploit DB Packet Storm

3728	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows テレフォニーサービスの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40382	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

3729	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows 共通ログファイルシステムドライバーの特権の昇格の脆弱性	CWE-191 整数アンダーフロー	CVE-2026-40397	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

3730	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows リモートデスクトップサービスの特権昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-40398	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
305641	-	siemens	wincc_flexible wincc simatic_hmi_panels wincc_runtime_advanced wincc_flexible_runtime	Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort…	CWE-79 Cross-site Scripting	CVE-2011-4511	2024-11-21 10:32	2012-02-4	Show	GitHub Exploit DB Packet Storm

305642	-	siemens	wincc_flexible wincc simatic_hmi_panels wincc_runtime_advanced wincc_flexible_runtime	Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort…	CWE-79 Cross-site Scripting	CVE-2011-4510	2024-11-21 10:32	2012-02-4	Show	GitHub Exploit DB Packet Storm

305643	-	siemens	wincc_flexible wincc simatic_hmi_panels wincc_runtime_advanced wincc_flexible_runtime	The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4509	2024-11-21 10:32	2012-02-4	Show	GitHub Exploit DB Packet Storm

305644	-	siemens	wincc_flexible wincc simatic_hmi_panels wincc_runtime_advanced wincc_flexible_runtime	The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panel…	CWE-287 Improper Authentication	CVE-2011-4508	2024-11-21 10:32	2012-02-4	Show	GitHub Exploit DB Packet Storm

305645	-	novell	open_enterprise_server	Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language fiel…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4194	2024-11-21 10:32	2012-02-2	Show	GitHub Exploit DB Packet Storm

305646	-	sitracker	support_incident_tracker	Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in …	CWE-94 Code Injection	CVE-2011-4337	2024-11-21 10:32	2012-01-29	Show	GitHub Exploit DB Packet Storm

305647	-	redhat	kvm	The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual …	NVD-CWE-noinfo	CVE-2011-4622	2024-11-21 10:32	2012-01-28	Show	GitHub Exploit DB Packet Storm

305648	-	redhat	jboss_enterprise_application_platform	mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access rest…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4608	2024-11-21 10:32	2012-01-28	Show	GitHub Exploit DB Packet Storm

305649	-	linux	linux_kernel	Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via an HF…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4330	2024-11-21 10:32	2012-01-28	Show	GitHub Exploit DB Packet Storm

305650	-	linux	linux_kernel	The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer derefe…	NVD-CWE-Other	CVE-2011-4325	2024-11-21 10:32	2012-01-28	Show	GitHub Exploit DB Packet Storm