Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218631 5.4 警告 Devarai - Android 用 Word Search Free アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5561 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218632 5.4 警告 i Learn With - Kids Educational Game - Android 用 Kids Preschool Learning Games アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5553 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218633 5.4 警告 i Learn With - Kids Educational Game - Android 用 Numbers & Addition! Math games アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5552 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218634 5.4 警告 i Learn With - Kids Educational Game - Android 用 Alphabet & Spelling Kids Games アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5551 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218635 5.4 警告 MDickie - Android 用 Popscene アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5560 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218636 5.4 警告 Joy2Girl Club - Android 用 Kids GoldFish Care アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5559 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218637 5.4 警告 Appeak - Android 用 Appeak Poker アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5571 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218638 5.4 警告 AOL - Android 用 DailyFinance - Stocks & News アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5570 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218639 5.4 警告 Animoca - Android 用 Star Girl アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5569 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
218640 5.4 警告 MDickie - Android 用 Hard Time アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5558 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 6.5 MEDIUM
Network 		google chrome Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions v… New CWE-20
CWE-602
 Improper Input Validation 
 Client-Side Enforcement of Server-Side Security 		CVE-2026-11287 2026-06-9 01:31 2026-06-5 Show GitHub Exploit DB Packet Storm
162 5.3 MEDIUM
Network 		cosimo net\ Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional st… Update CWE-93
CRLF Injection 		CVE-2026-46739 2026-06-9 01:31 2026-06-5 Show GitHub Exploit DB Packet Storm
163 7.5 HIGH
Network 		oalders html\ HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) into the entity-value SV retu… Update CWE-416
 Use After Free 		CVE-2026-8829 2026-06-9 01:29 2026-06-4 Show GitHub Exploit DB Packet Storm
164 5.0 MEDIUM
Local 		google chrome Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. (Ch… New CWE-472
CWE-190
 External Control of Assumed-Immutable Web Parameter
 Integer Overflow or Wraparound 		CVE-2026-11281 2026-06-9 01:27 2026-06-5 Show GitHub Exploit DB Packet Storm
165 - - - Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67. New CWE-416
 Use After Free 		CVE-2026-48913 2026-06-9 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm
166 - - - phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attac… New CWE-328
 Use of Weak Hash 		CVE-2026-48488 2026-06-9 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm
167 8.8 HIGH
Network 		- - Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding user account has been physically del… New CWE-285
CWE-613
Improper Authorization
 Insufficient Session Expiration 		CVE-2026-46656 2026-06-9 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm
168 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This… New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46478 2026-06-9 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm
169 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-workspace dataset takeover. Thi… New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46477 2026-06-9 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm
170 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeo… New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46476 2026-06-9 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm