Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5821 8.8 重要
Network 		Math.js Math.js Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-41139 2026-05-11 11:10 2026-05-7 Show GitHub Exploit DB Packet Storm
5822 8.8 重要
Network 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-41142 2026-05-11 11:10 2026-05-7 Show GitHub Exploit DB Packet Storm
5823 7.7 重要
Network 		Istio Istio Istioにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41413 2026-05-11 11:09 2026-05-7 Show GitHub Exploit DB Packet Storm
5824 8.1 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-41496 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5825 9.8 緊急
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性 CWE-77
CWE-78
CVE-2026-41497 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5826 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41500 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5827 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41501 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5828 7.8 重要
Local 		Sebastian Bergmann PHPUnit Sebastian BergmannのPHPUnitにおける複数の脆弱性 CWE-88
CWE-93
CVE-2026-41570 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5829 7.5 重要
Network 		Zcash Foundation Zebra-chain
Zebrad 		Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-41584 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5830 5.3 警告
Network 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41645 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346571 - consona consona_dynamic_agent
consona_live_assistance
consona_subscriber_assistance 		The SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to bypass intended restrictions on ActiveX execution via "in… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-1912 2018-10-11 04:57 2010-05-12 Show GitHub Exploit DB Packet Storm
346572 - sun solaris Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager. CWE-59
Link Following 		CVE-2010-1183 2018-10-11 04:56 2010-03-30 Show GitHub Exploit DB Packet Storm
346573 - sap maxdb Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to T… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-1185 2018-10-11 04:56 2010-03-30 Show GitHub Exploit DB Packet Storm
346574 - sahanafoundation sahana Sahana disaster management system 0.6.2.2, and possibly other versions, allows remote attackers to bypass intended access restrictions and disable administrator authentication via a direct request to… CWE-287
Improper Authentication 		CVE-2010-1191 2018-10-11 04:56 2010-04-1 Show GitHub Exploit DB Packet Storm
346575 - ca xosoft_content_distribution
xosoft_high_availability
xosoft_replication 		CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request. CWE-287
Improper Authentication 		CVE-2010-1221 2018-10-11 04:56 2010-04-8 Show GitHub Exploit DB Packet Storm
346576 - ca xosoft_content_distribution
xosoft_high_availability
xosoft_replication 		Per: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869 'The first vulnerability, CVE-2010-1221, occurs due to a lack of authentication. An attacker can make a SOAP request… CWE-287
Improper Authentication 		CVE-2010-1221 2018-10-11 04:56 2010-04-8 Show GitHub Exploit DB Packet Storm
346577 - ca xosoft_content_distribution
xosoft_high_availability
xosoft_replication 		CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request. CWE-287
Improper Authentication 		CVE-2010-1222 2018-10-11 04:56 2010-04-8 Show GitHub Exploit DB Packet Storm
346578 - ca xosoft_content_distribution
xosoft_high_availability
xosoft_replication 		Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-1223 2018-10-11 04:56 2010-04-8 Show GitHub Exploit DB Packet Storm
346579 - digium asterisk main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used i… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-1224 2018-10-11 04:56 2010-04-2 Show GitHub Exploit DB Packet Storm
346580 - microsoft virtual_pc
virtual_server
windows_virtual_pc 		The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-1225 2018-10-11 04:56 2010-04-2 Show GitHub Exploit DB Packet Storm