Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1021	8.1	重要 Network	Project Jupyter	Jupyter Server	Project JupyterのJupyter Serverにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-5422	2026-06-5 10:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

1022	7.5	重要 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける入力の構文的正当性の検証に関する脆弱性	CWE-1286 入力の構文的正当性の不適切な検証	CVE-2026-7307	2026-06-5 10:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1023	8.1	重要 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-7504	2026-06-5 10:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1024	7.5	重要 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-7507	2026-06-5 10:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1025	7.1	重要 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける不変と仮定される Web パラメータの外部制御に関する脆弱性	CWE-472 不変と仮定される Web パラメータの外部制御	CVE-2026-7571	2026-06-5 10:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1026	5.4	警告 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける認証アルゴリズムの不適切な実装に関する脆弱性	CWE-303 認証アルゴリズム上の問題	CVE-2026-8922	2026-06-5 10:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1027	5.4	警告 Network	Mozilla Foundation	Mozilla Firefox	Mozilla FoundationのMozilla Firefoxにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-9308	2026-06-5 10:44	2026-06-1	Show	GitHub Exploit DB Packet Storm

1028	5.4	警告 Network	Mozilla Foundation	Mozilla Firefox	Mozilla FoundationのMozilla Firefoxにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-9309	2026-06-5 10:44	2026-06-1	Show	GitHub Exploit DB Packet Storm

1029	4.2	警告 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける入力の一貫性の検証に関する脆弱性	CWE-1288 入力の一貫性の不適切な検証	CVE-2026-9689	2026-06-5 10:44	2026-05-27	Show	GitHub Exploit DB Packet Storm

1030	8.8	重要 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける入力で指定された数量の不適切な検証に関する脆弱性	CWE-1284 入力で指定された数量の不適切な検証	CVE-2026-9704	2026-06-5 10:44	2026-05-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2741	7.6	HIGH Network	ibm	cognos_analytics cognos_transformer	IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting (XSS) in Cognos Adminstration. This vulnerability allows…	CWE-79 Cross-site Scripting	CVE-2025-36126	2026-06-2 02:30	2026-05-27	Show	GitHub Exploit DB Packet Storm

2742	7.4	HIGH Network	miniorange	saml_sso_-_service_provider	Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation. This issue affects SAML SSO - Service Provider: from 0.0.0 befor…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2026-5343	2026-06-2 02:29	2026-05-29	Show	GitHub Exploit DB Packet Storm

2743	8.8	HIGH Network	freerdp	freerdp	FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without track…	CWE-415 CWE-416 Double Free Use After Free	CVE-2026-44422	2026-06-2 02:26	2026-05-30	Show	GitHub Exploit DB Packet Storm

2744	5.3	MEDIUM Network	ibm	watsonx.data	IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions.	CWE-923 NVD-CWE-noinfo Improper Restriction of Communication Channel to Intended Endpoints	CVE-2025-36145	2026-06-2 02:24	2026-05-27	Show	GitHub Exploit DB Packet Storm

2745	9.8	CRITICAL Network	freerdp	freerdp	FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/pl…	CWE-787 Out-of-bounds Write	CVE-2026-45700	2026-06-2 02:23	2026-05-30	Show	GitHub Exploit DB Packet Storm

2746	6.1	MEDIUM Network	ibm	financial_transaction_manager_for_multiplatform	IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allo…	CWE-79 Cross-site Scripting	CVE-2025-36148	2026-06-2 02:22	2026-05-27	Show	GitHub Exploit DB Packet Storm

2747	8.8	HIGH Network	google	chrome	Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-10013	2026-06-2 02:22	2026-05-29	Show	GitHub Exploit DB Packet Storm

2748	9.6	CRITICAL Network	google	chrome	Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)	CWE-787 Out-of-bounds Write	CVE-2026-9967	2026-06-2 02:22	2026-05-29	Show	GitHub Exploit DB Packet Storm

2749	8.3	HIGH Network	google	chrome	Out of bounds read and write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted…	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2026-9975	2026-06-2 02:21	2026-05-29	Show	GitHub Exploit DB Packet Storm

2750	5.0	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted …	CWE-20 Improper Input Validation	CVE-2026-9979	2026-06-2 02:21	2026-05-29	Show	GitHub Exploit DB Packet Storm