Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189761 7.8 重要
Local 		libbpg - libbpg などの製品で使用される VideoLAN x265 における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-13135 2017-12-12 10:37 2017-11-16 Show GitHub Exploit DB Packet Storm
189762 7.5 重要
Network 		The BFTPD Project - Bftpd におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-16892 2017-12-12 10:35 2017-11-16 Show GitHub Exploit DB Packet Storm
189763 7.5 重要
Network 		Zeit, Inc. - ZEIT Next.js におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2017-16877 2017-12-12 10:35 2017-06-2 Show GitHub Exploit DB Packet Storm
189764 10 緊急
Network 		Fabrice Bellard - Qemu における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-16845 2017-12-12 10:35 2017-11-16 Show GitHub Exploit DB Packet Storm
189765 5.4 警告
Network 		Icon Time Systems Inc. - Icon Time Systems RTC-1000 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16819 2017-12-12 10:35 2017-11-17 Show GitHub Exploit DB Packet Storm
189766 7.8 重要
Local 		Back In Time project - Back In Time における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2017-16667 2017-12-12 09:57 2017-11-8 Show GitHub Exploit DB Packet Storm
189767 7.8 重要
Local 		Hola - Hola VPN におけるパーミッションに関する脆弱性 CWE-275
パーミッションの問題 		CVE-2017-16757 2017-12-12 09:56 2017-05-3 Show GitHub Exploit DB Packet Storm
189768 6.5 警告
Network 		OpenStack - OpenStack Nova における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-16239 2017-12-12 09:56 2017-11-14 Show GitHub Exploit DB Packet Storm
189769 5.9 警告
Network 		Digium - Asterisk Open Source および Certified Asterisk におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-16672 2017-12-11 18:06 2017-10-19 Show GitHub Exploit DB Packet Storm
189770 8.8 重要
Network 		Digium - Asterisk Open Source および Certified Asterisk におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-16671 2017-12-11 18:06 2017-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1181 7.1 HIGH
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4… CWE-79
Cross-site Scripting 		CVE-2026-49069 2026-06-11 03:35 2026-06-10 Show GitHub Exploit DB Packet Storm
1182 8.1 HIGH
Network 		google chrome Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pa… CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-11689 2026-06-11 03:35 2026-06-9 Show GitHub Exploit DB Packet Storm
1183 5.4 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Hig… CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-11666 2026-06-11 03:31 2026-06-9 Show GitHub Exploit DB Packet Storm
1184 6.5 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a cra… CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-11658 2026-06-11 03:30 2026-06-9 Show GitHub Exploit DB Packet Storm
1185 6.5 MEDIUM
Network 		google chrome Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page… CWE-20
 Improper Input Validation  		CVE-2026-11653 2026-06-11 03:29 2026-06-9 Show GitHub Exploit DB Packet Storm
1186 5.5 MEDIUM
Local 		cilium ebpf A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipul… CWE-189
CWE-190
Numeric Errors
 Integer Overflow or Wraparound 		CVE-2026-10722 2026-06-11 03:28 2026-06-3 Show GitHub Exploit DB Packet Storm
1187 7.8 HIGH
Local 		synology active_backup_for_business_recovery_media_creator An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users t… CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2022-49036 2026-06-11 03:20 2026-06-3 Show GitHub Exploit DB Packet Storm
1188 5.3 MEDIUM
Local 		lmsys sglang A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service.… CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-10775 2026-06-11 03:19 2026-06-4 Show GitHub Exploit DB Packet Storm
1189 - - - An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to e… CWE-78
OS Command  		CVE-2026-9151 2026-06-11 03:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1190 2.7 LOW
Network 		- - A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This… CWE-1220
 Insufficient Granularity of Access Control 		CVE-2026-9088 2026-06-11 03:17 2026-06-5 Show GitHub Exploit DB Packet Storm