Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205371 8.8 重要
Network 		Google - Google Chrome の Service Workers サブシステムにおける同一生成元ポリシーを回避される脆弱性 CWE-Other
その他 		CVE-2016-5132 2016-07-28 14:32 2016-07-20 Show GitHub Exploit DB Packet Storm
205372 7.5 重要
Network 		Google - Google Chrome で使用される Blink の WebKit/Source/core/editing/VisibleUnits.cpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-5127 2016-07-28 14:32 2016-07-20 Show GitHub Exploit DB Packet Storm
205373 8.8 重要
Network 		Google - Google Chrome で使用される Blink の WebKit/Source/core/loader/FrameLoader.cpp における同一生成元ポリシーを回避される脆弱性 CWE-Other
その他 		CVE-2016-1711 2016-07-28 12:05 2016-07-20 Show GitHub Exploit DB Packet Storm
205374 8.8 重要
Network 		Google - Google Chrome で使用される Blink の WebKit/Source/web/ChromeClientImpl.cpp における同一生成元ポリシーを回避される脆弱性 CWE-Other
その他 		CVE-2016-1710 2016-07-28 12:05 2016-07-20 Show GitHub Exploit DB Packet Storm
205375 8.8 重要
Network 		Google - Google Chrome で使用される Google sfntly の data/byte_array.cc におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-1709 2016-07-28 12:05 2016-07-20 Show GitHub Exploit DB Packet Storm
205376 8.8 重要
Network 		Google - Google Chrome の拡張サブシステムの Chrome Web Store Inline Installation の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-1708 2016-07-28 12:05 2016-07-20 Show GitHub Exploit DB Packet Storm
205377 6.5 警告
Network 		Google - Apple iOS 上で稼動する Google Chrome の ios/web/web_state/ui/crw_web_controller.mm における URL 表示を偽造される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1707 2016-07-28 12:05 2016-07-20 Show GitHub Exploit DB Packet Storm
205378 9.6 緊急
Network 		Google - Google Chrome の PPAPI の実装におけるサンドボックス保護メカニズムを回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1706 2016-07-28 12:05 2016-07-20 Show GitHub Exploit DB Packet Storm
205379 8.8 重要
Network 		Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2016-1705 2016-07-28 12:05 2016-07-20 Show GitHub Exploit DB Packet Storm
205380 6.5 警告
Network 		オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Application Designer に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-5470 2016-07-28 11:41 2016-07-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1151 6.1 MEDIUM
Network 		- - Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after… CWE-601
Open Redirect 		CVE-2026-41706 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1152 4.4 MEDIUM
Network 		- - Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.… CWE-330
 Use of Insufficiently Random Values 		CVE-2026-41701 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1153 4.8 MEDIUM
Network 		- - Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher (STARTING, ENDING, or CONTAINING) in Query By Example (QBE). An attacker can sup… CWE-943
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-41697 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1154 5.9 MEDIUM
Network 		- - Spring Data MongoDB repository query methods annotated with @Query that use regex parameter binding perform insufficient validation of the bound parameter. An attacker can supply a crafted string to … CWE-943
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-41696 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1155 7.5 HIGH
Network 		- - Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion when attacker-controlled property path strings are passed to MappingContext property path resolutio… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-41695 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1156 3.7 LOW
Network 		- - Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloa… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-41694 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1157 6.1 MEDIUM
Network 		- - Spring Security Authorization Server's authorization endpoint performs insufficient validation of the request_uri parameter. An attacker can craft a malicious authorization request containing an inva… CWE-601
Open Redirect 		CVE-2026-41008 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1158 7.6 HIGH
Network 		- - An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 throug… CWE-79
Cross-site Scripting 		CVE-2026-41003 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1159 7.3 HIGH
Adjacent 		- - An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) may be able to store malicious serialized payloads in the col… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-40993 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1160 5.9 MEDIUM
Network 		- - When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a maliciou… CWE-611
XXE 		CVE-2026-40991 2026-06-10 09:16 2026-06-10 Show GitHub Exploit DB Packet Storm