Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1761	8.1	重要 Network	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows UPnP デバイスホストのリモートでコードが実行される脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-45599	2026-06-12 14:50	2026-06-9	Show	GitHub Exploit DB Packet Storm

1762	7	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-362 CWE-416	CVE-2026-45601	2026-06-12 14:50	2026-06-9	Show	GitHub Exploit DB Packet Storm

1763	7	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-362 CWE-416	CVE-2026-45603	2026-06-12 14:50	2026-06-9	Show	GitHub Exploit DB Packet Storm

1764	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 11 24h2 Microsoft Windows Server 2025 Microsoft Wind…	Windows マネージドインストーラーの情報漏えいの脆弱性	CWE-125 境界外読み取り	CVE-2026-45604	2026-06-12 14:50	2026-06-9	Show	GitHub Exploit DB Packet Storm

1765	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows Bluetooth サービスの特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-45605	2026-06-12 14:49	2026-06-9	Show	GitHub Exploit DB Packet Storm

1766	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Microsoft UxTheme ライブラリ (uxtheme.dll) のサービス拒否の脆弱性	CWE-125 境界外読み取り	CVE-2026-45606	2026-06-12 14:49	2026-06-9	Show	GitHub Exploit DB Packet Storm

1767	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows Hyper-V のリモートでコードが実行される脆弱性	CWE-125 境界外読み取り	CVE-2026-45607	2026-06-12 14:49	2026-06-9	Show	GitHub Exploit DB Packet Storm

1768	5.1	警告 Local	ImageMagick	ImageMagick	ImageMagickにおける複数の脆弱性	CWE-125 CWE-129	CVE-2026-45624	2026-06-12 14:49	2026-06-10	Show	GitHub Exploit DB Packet Storm

1769	8.1	重要 Network	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows UPnP デバイスホストのリモートでコードが実行される脆弱性	CWE-416 CWE-843	CVE-2026-45635	2026-06-12 14:49	2026-06-9	Show	GitHub Exploit DB Packet Storm

1770	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows NTFS のリモートでコードが実行される脆弱性	CWE-122 CWE-20	CVE-2026-45636	2026-06-12 14:49	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1011	4.2	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a cra… New	CWE-20 Improper Input Validation	CVE-2026-13024	2026-06-26 11:12	2026-06-25	Show	GitHub Exploit DB Packet Storm

1012	8.3	HIGH Network	google	chrome	Race in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium… New	CWE-20 Improper Input Validation	CVE-2026-13025	2026-06-26 11:12	2026-06-25	Show	GitHub Exploit DB Packet Storm

1013	8.8	HIGH Network	google	chrome	Use after free in Digital Credentials in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security seve… New	CWE-416 Use After Free	CVE-2026-13026	2026-06-26 11:12	2026-06-25	Show	GitHub Exploit DB Packet Storm

1014	8.8	HIGH Network	google	chrome	Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-13027	2026-06-26 11:11	2026-06-25	Show	GitHub Exploit DB Packet Storm

1015	9.6	CRITICAL Network	google	chrome	Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Cri… New	CWE-416 Use After Free	CVE-2026-13028	2026-06-26 11:11	2026-06-25	Show	GitHub Exploit DB Packet Storm

1016	6.5	MEDIUM Network	openexr	openexr	OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K (High-Throughput JPEG 2000)… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-45696	2026-06-26 11:08	2026-06-19	Show	GitHub Exploit DB Packet Storm

1017	7.5	HIGH Network	nlnetlabs	nsd	When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes… New	CWE-284 CWE-306 Improper Access Control Missing Authentication for Critical Function	CVE-2026-12490	2026-06-26 11:08	2026-06-25	Show	GitHub Exploit DB Packet Storm

1018	8.1	HIGH Network	nlnetlabs	nsd	NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a … New	CWE-20 CWE-120 Improper Input Validation Classic Buffer Overflow	CVE-2026-12246	2026-06-26 11:07	2026-06-25	Show	GitHub Exploit DB Packet Storm

1019	7.5	HIGH Network	nlnetlabs	nsd	NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT c… New	CWE-416 Use After Free	CVE-2026-12245	2026-06-26 11:07	2026-06-25	Show	GitHub Exploit DB Packet Storm

1020	8.8	HIGH Network	nlnetlabs	nsd	If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an (u… New	CWE-122 CWE-190 Heap-based Buffer Overflow Integer Overflow or Wraparound	CVE-2026-12244	2026-06-26 11:07	2026-06-25	Show	GitHub Exploit DB Packet Storm