Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1691 9.8 緊急
Network 		Thingino Thingino Firmware ThinginoのThingino FirmwareにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-26213 2026-06-5 10:52 2026-03-26 Show GitHub Exploit DB Packet Storm
1692 7.5 重要
Network 		MessagePack MessagePack shamatonのMessagePackにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-32284 2026-06-5 10:52 2026-03-26 Show GitHub Exploit DB Packet Storm
1693 7.5 重要
Network 		pgproto3 project pgproto3 Jackcのpgproto3における配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2026-32286 2026-06-5 10:52 2026-03-26 Show GitHub Exploit DB Packet Storm
1694 7.5 重要
Network 		HKUDS DeepCode HKUDSのDeepCodeにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-32847 2026-06-5 10:51 2026-05-28 Show GitHub Exploit DB Packet Storm
1695 5.3 警告
Network 		storage project storage NhostのStorageにおける複数の脆弱性 CWE-343
CWE-345
CVE-2026-33221 2026-06-5 10:51 2026-03-20 Show GitHub Exploit DB Packet Storm
1696 9.8 緊急
Network 		Datadog dd-trace-java Datadogのdd-trace-javaにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-33728 2026-06-5 10:51 2026-03-27 Show GitHub Exploit DB Packet Storm
1697 6.1 警告
Network 		Carnegie Mellon University (Project Cyrus) cveClient Carnegie Mellon University (Project Cyrus)のcveClientにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-35466 2026-06-5 10:51 2026-04-2 Show GitHub Exploit DB Packet Storm
1698 7.5 重要
Network 		Carnegie Mellon University (Project Cyrus) cveClient Carnegie Mellon University (Project Cyrus)のcveClientにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-35467 2026-06-5 10:51 2026-04-2 Show GitHub Exploit DB Packet Storm
1699 7.5 重要
Network 		Mosaic5G Flexric Mosaic5GのFlexricにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-37226 2026-06-5 10:51 2026-06-1 Show GitHub Exploit DB Packet Storm
1700 7.5 重要
Network 		Mosaic5G Flexric Mosaic5GのFlexricにおける到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-37228 2026-06-5 10:51 2026-06-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2671 8.8 HIGH
Network 		- - Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) CWE-416
 Use After Free 		CVE-2026-11262 2026-06-6 00:02 2026-06-5 Show GitHub Exploit DB Packet Storm
2672 5.1 MEDIUM
Local 		- - Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. (Ch… CWE-269
 Improper Privilege Management 		CVE-2026-11276 2026-06-6 00:02 2026-06-5 Show GitHub Exploit DB Packet Storm
2673 - - - Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) CWE-20
 Improper Input Validation  		CVE-2026-11280 2026-06-6 00:02 2026-06-5 Show GitHub Exploit DB Packet Storm
2674 - - - Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low) CWE-472
 External Control of Assumed-Immutable Web Parameter 		CVE-2026-11290 2026-06-6 00:02 2026-06-5 Show GitHub Exploit DB Packet Storm
2675 - - - A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio ra… - CVE-2026-7762 2026-06-6 00:02 2026-06-5 Show GitHub Exploit DB Packet Storm
2676 - - - A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio rang… - CVE-2026-7763 2026-06-6 00:02 2026-06-5 Show GitHub Exploit DB Packet Storm
2677 6.5 MEDIUM
Network 		- - Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network. CWE-200
Information Exposure 		CVE-2026-47655 2026-06-5 23:59 2026-06-5 Show GitHub Exploit DB Packet Storm
2678 6.4 MEDIUM
Network 		- - All versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) when extracting a ZIP archive containing two entries with the same path - the first bei… CWE-29
 Path Traversal: '\..\filename' 		CVE-2026-10732 2026-06-5 23:59 2026-06-5 Show GitHub Exploit DB Packet Storm
2679 - - - Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration. - CVE-2026-21034 2026-06-5 23:59 2026-06-5 Show GitHub Exploit DB Packet Storm
2680 - - - Improper input validation in Samsung Plus TV prior to version 1.0.28.6 allows remote attackers to access sensitive information. - CVE-2026-21035 2026-06-5 23:59 2026-06-5 Show GitHub Exploit DB Packet Storm