Security assessment and information provision

This site provides information on security and offers web audit tools.

Annoucement Show List

NVD Vulnerability Information NVD Vulnerability Search Top

Update Date":June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date
1	7.5	HIGH Network	-	-	Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 64-bit payload-length value (taken from the IPv6 fixed header's payload length field) by the size of each IPv6 extension header without validating it, so… New	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2026-49494	2026-06-7 22:16	2026-06-7
2	3.3	LOW Local	-	-	A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.1. Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler. The manipulation leads to information disclosure. Local access is required to approach this attack. The exploit has been discl… New	CWE-200 CWE-284 Information Exposure Improper Access Control	CVE-2026-11459	2026-06-7 19:16	2026-06-7
3	5.3	MEDIUM Network	-	-	A weakness has been identified in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This issue affects some unknown processing of the file /base-boot/actuator of the component Boot Actuator Endpoint. Executing a manipulation can lead to information disclosure. The attack can be exec… New	CWE-200 CWE-284 Information Exposure Improper Access Control	CVE-2026-11458	2026-06-7 18:16	2026-06-7
4	7.3	HIGH Network	-	-	A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability affects unknown code of the file /base-boot/jmreport/testConnection of the component JimuReport test-connection Endpoint. Performing a manipulation of the argument dbType/dbDr… New	CWE-74 CWE-707 Injection Improper Enforcement of Message or Data Structure	CVE-2026-11457	2026-06-7 18:16	2026-06-7
5	7.3	HIGH Network	-	-	A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxf_dump_systable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-11456	2026-06-7 18:16	2026-06-7
6	5.0	MEDIUM Network	-	-	A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function check_cmd_exists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of comple… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-11455	2026-06-7 18:16	2026-06-7
7	6.3	MEDIUM Network	-	-	A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched rem… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-11453	2026-06-7 13:16	2026-06-7
8	7.3	HIGH Network	-	-	A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN_0042e200 of the file /cgi-bin/glc of the component SET_USER_PWD Handler. The manipulation of the argument Password leads to command injection. The attack can be initiated remotely. Upgrading to version 4.8… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-11452	2026-06-7 13:16	2026-06-7
9	7.3	HIGH Network	-	-	A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler. Executing a manipulation of the argument media_dir can lead to command injection. It is possible to launch the attack remotely. Upgrading to version 4… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-11451	2026-06-7 13:16	2026-06-7
10	7.3	HIGH Network	-	-	A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument dev_name results in command injection. It is possible to initiate the attack remote… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-11450	2026-06-7 12:16	2026-06-7

JVN Vulnerability Information JVN Vulnerability Search Top

Update Date:June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date
1	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年06月04日） New	-	-	2026-06-8 14:51	2026-06-5
2	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるヒープベースのバッファオーバーフローの脆弱性 New	CWE-122 ヒープオーバーフロー	CVE-2026-10929	2026-06-8 12:40	2026-06-4
3	8.1	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける境界外読み取りに関する脆弱性 New	CWE-125 境界外読み取り	CVE-2026-10930	2026-06-8 12:40	2026-06-4
4	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-10931	2026-06-8 12:40	2026-06-4
5	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-10932	2026-06-8 12:40	2026-06-4
6	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-10933	2026-06-8 12:40	2026-06-4
7	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-10934	2026-06-8 12:40	2026-06-4
8	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける型の取り違えに関する脆弱性 New	CWE-843 型の取り違え	CVE-2026-10935	2026-06-8 12:40	2026-06-4
9	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける型の取り違えに関する脆弱性 New	CWE-843 型の取り違え	CVE-2026-10936	2026-06-8 12:39	2026-06-4
10	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける同一生成元ポリシー違反に関する脆弱性 New	CWE-346 CWE-346	CVE-2026-10937	2026-06-8 12:39	2026-06-4

Version update history excerpt Go To Version Update History

Support Expiration Date Go to Support Expiration Information

Target Period : 2026-05-01 〜 2026-09-30

No	Name	Normal Support	Security Support	Extended Support
1	Red Hat OpenJDK 8 for Windows		2026-05-31
2	Red Hat OpenJDK 8		2026-05-31
3	Java 8 (LTS)		2026-05-31
4	MariaDB 10.6	2026-06-30
5	SQL Server 2016 Service Pack 2	2021-07-13		2026-07-14
6	Oracle JDK 11 (LTS)	2023-09-30		2026-09-30

2026-6-8 JST

media_news

No	Name	URL	Excerpt Of Changes	Tag
1	Ars Technica	https://arstechnica.com/	70,RIP Anthony Head: Our 10 favorite moments of,Buffy,‘s Giles,Head’s true genius—and that of his character, Giles—lay in quietly filling in the gaps in every scene,Jennifer Ouellette,–,6/7/2026,\|,31, ...	English News Foreign Country Blog Site Information Gathering
2	Bleeping Computer®	https://www.bleepingcomputer.com/	C0XMO botnet spreads via DD-WRT router flaw, kills rival malware,Silent Ransom Group targets law firms with fake IT support calls,Get lifetime access to Curiosity Stream for $127.50,C0XMO botnet sprea ...	English News Foreign Country Information Provision
3	cnet	https://www.cnet.com/	Tech,Everyone Is Wearing Wired Earbuds Again. I Never Stopped,Wired headphones are superior to their wireless counterparts, and history will prove me right.,By,Jason Chun,The Delivery You Didn't Order ...	English News Foreign Country Blog
4	Cybersecurity News	https://securityonline.info/	June 7, 2026,Millions of Servers At Risk: Crucial MariaDB Flaw Carries Maximum 10.0 CVSS Score,Do Son,June 7, 2026,0,Vulnerability Report,Critical Cordova Vulnerability Threatens iOS App Data Boundari ...	English News Foreign Country Information Provision
5	Engadget	https://www.engadget.com/	Xbox,A limited edition translucent green Xbox Series X and controller are coming this fall,Xbox’s 25th anniversary collection drops in November.,By,Cheyenne MacDonald,Read More,Gaming,Crazy Taxi World ...	English News Foreign Country Blog
6	Gizmodo	https://gizmodo.com/	‘Chat Is Dead’: OpenAI Reportedly Planning Radical Changes to ChatGPT,It’s not the first time OpenAI has hinted at something like this.,Artificial Intelligence,Mike Pearl,Jun 7,Jun 7,‘The Super Mario ...	English News Foreign Country Blog
7	HELPNETSECURITY	https://www.helpnetsecurity.com/	Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast,June 7, 2026,OAuth marketplace apps keep access after publishers vanish	English News Foreign Country Information Provision
8	Japan Security Summit	https://japansecuritysummit.org/	IPA、ブランドアイデンティティを刷新　新英語名称「In...,2026.06.08,編集部,NEDOら、AIセーフティの共通基盤を整備　設計・評価・...,2026.06.08,編集部,PayPay送金詐欺が急増、2カ月で19倍に　携帯料金や...,2026.06.05,編集部,IPA調査、AI利用者の7割超が経験3年未満　生成AIの...,2026.06.05,編集部	Japanese News Organization
9	Mashable	https://mashable.com/	Mashable's Best: E-readers, robovacs, laptops, earbuds, smart home and more,Look Up,The Queen is here,All hail Amy Poehler, queen of podcasting goodness,second thoughts,The AI vibe shift is real: Why ...	English News Foreign Country Blog
10	ScanNetSecurity	https://scan.netsecurity.ne.jp/	2026.06.08（月）,研修・セミナー・カンファレンス,2026年6月8日,8 / 19・20 開催「都道府県CIOフォーラム in 茨城第24回年次総会」にHENNGEが協賛、赤瀬礼旺氏による講演も,HENNGE株式会社は6月3日、8月19、20日に開催される「都道府県CIOフォーラム in 茨城第24回年次総会」に同社が協賛し、赤瀬礼旺氏が登壇すると発表した。,2026年6月4日, ...	Japanese News Information Provision
11	securityweek	https://www.securityweek.com/	Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation,Emphere’s solution delivers AI-driven remediation to software companies to speed up releases.,Emphere Raises $2.1 Million for AI-Po ...	English News Foreign Country Information Provision
12	TechCrunch	https://techcrunch.com/	Security,Hacked, leaked, and held for ransom: the worst breaches of 2026 so far,Zack Whittaker,9 hours ago,AI,Is this the dawn of the Tokenpocalypse?,Anthony Ha,2 hours ago,Transportation,TechCrunch M ...	English News Foreign Country Blog Site Information Gathering
13	TechRadar	https://www.techradar.com/	I asked Siri if it knew what to expect at WWDC 2026 and its answer was so predictably disappointing — I really hope Apple can fix this,Apple's WWDC 2026 keynote is hours away, but the current Siri doe ...	English News Foreign Country Blog
14	The Verge	https://www.theverge.com/	The 7 biggest storylines from Summer Game Fest 2026,PlayStation and Xbox are going old-school, and GTA VI was everywhere and nowhere at the same time.,Andrew Webster,6:45 PM UTC,JMGO’s N3 Ultimate pro ...	English News Foreign Country Blog
15	ZDNet Japan Security	https://japan.zdnet.com/security/	量子コンピューティングの到来とセキュリティへの影響に備えるには,2026-06-08 07:00,インシデント対応演習の基礎,ITインフラを自由に再デザイン。Nutanix Cloud Platform™対応の「Dell Private Cloud」で多様なワークロードを最適化,仮想化基盤のロックインから脱却せよ！ Dell Private CloudとNutanix Cloud Platform ...	Japanese News Information Provision

security_company

No	Image	Name	URL	Excerpt Of Changes	Tag
1		NTT Advanced Technology Corporation	https://www.ntt-at.co.jp/	06.08,[月],商品・サービス,体験型サイバー対策演習「CyberBastion」のページに、「サービス紹介動画」と「説明会・研修の開催カレンダー」を追加しました。,2026/	Japanese Web Audit Network Audit Company Consulting Education Endpoint Detection and Response(EDR) Incident Response Forensic Security enhancement support Security enhancement support Automatic Audit tools Targeted Email Attack Training SIEM Cloud IDS/IPS Management DDos protection Endpoint Audit Monitoring CSPM（Cloud Security Posture Management） Internal information leakage countermeasures

tool

No	Image	Name	URL	Excerpt Of Changes	Tag
1		sqlmap	http://sqlmap.org/	Intro,Capabilities,Demo,Licensing,Intro,Capabilities,Demo,Licensing,Download on GitHub,Commercial licensing,The tool that,sees every,SQL injection.,Open-source automation for detecting and exploiting ...	English Tools Automatic Audit tools