Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
221981	4.3	警告	IBM	-	IBM Cognos Business Intelligence のサーバにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6732	2014-02-25 13:45	2013-11-8	Show	GitHub Exploit DB Packet Storm

221982	6.5	警告	AuraCMS	-	AuraCMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1401	2014-02-24 18:01	2014-01-30	Show	GitHub Exploit DB Packet Storm

221983	9.3	危険	Jetro Platforms	-	Jetro COCKPIT4i Secure Browsing のクライアントにおける任意のプログラムを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2014-1861	2014-02-24 16:21	2014-02-2	Show	GitHub Exploit DB Packet Storm

221984	5.8	警告	シトリックス・システムズ	-	Android 用 Citrix ShareFile Mobile および ShareFile Mobile for Tablets におけるサーバになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2014-1910	2014-02-24 15:34	2014-02-18	Show	GitHub Exploit DB Packet Storm

221985	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2014-0497	2014-02-24 13:41	2014-02-4	Show	GitHub Exploit DB Packet Storm

221986	2.1	注意	マイクロソフトシマンテック IBM オラクル	-	Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性	CWE-noinfo 情報不足	CVE-2012-1772	2014-02-21 18:44	2012-07-17	Show	GitHub Exploit DB Packet Storm

221987	2.1	注意	マイクロソフトシマンテック IBM オラクル	-	Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性	CWE-noinfo 情報不足	CVE-2012-1771	2014-02-21 18:43	2012-07-17	Show	GitHub Exploit DB Packet Storm

221988	2.1	注意	マイクロソフトシマンテック IBM オラクル	-	Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性	CWE-noinfo 情報不足	CVE-2012-1770	2014-02-21 18:41	2012-07-17	Show	GitHub Exploit DB Packet Storm

221989	2.1	注意	マイクロソフトシマンテック IBM オラクル	-	Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性	CWE-noinfo 情報不足	CVE-2012-1769	2014-02-21 18:40	2012-07-17	Show	GitHub Exploit DB Packet Storm

221990	2.1	注意	マイクロソフトシマンテック IBM オラクル	-	Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性	CWE-noinfo 情報不足	CVE-2012-1768	2014-02-21 18:38	2012-07-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2491	8.3	HIGH Network	google	chrome	Use after free in UI in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-9951	2026-05-30 01:28	2026-05-29	Show	GitHub Exploit DB Packet Storm

2492	8.8	HIGH Network	google	chrome	Use after free in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-9952	2026-05-30 01:27	2026-05-29	Show	GitHub Exploit DB Packet Storm

2493	8.3	HIGH Network	-	-	Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and 2026.4.4 for Android, he Home Assistant Companion apps for Android and …	CWE-94 CWE-346 CWE-749 CWE-940 Code Injection Origin Validation Error Exposed Dangerous Method or Function Improper Verification of Source of a Communication Channel	CVE-2026-44698	2026-05-30 01:25	2026-05-29	Show	GitHub Exploit DB Packet Storm

2494	7.5	HIGH Network	google	chrome	Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML pag…	CWE-416 Use After Free	CVE-2026-9956	2026-05-30 01:20	2026-05-29	Show	GitHub Exploit DB Packet Storm

2495	-		-	-	Prometheus is an open-source monitoring system and time series database. From 2.49.0 to before 3.5.3 and 3.11.3, in the Prometheus server's legacy web UI (enabled via the command-line flag --enable-f…	CWE-79 Cross-site Scripting	CVE-2026-44903	2026-05-30 01:19	2026-05-27	Show	GitHub Exploit DB Packet Storm

2496	7.4	HIGH Local	-	-	In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer with…	CWE-121 Stack-based Buffer Overflow	CVE-2026-49014	2026-05-30 01:19	2026-05-27	Show	GitHub Exploit DB Packet Storm

2497	8.2	HIGH Network	-	-	LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other ap…	CWE-502 Deserialization of Untrusted Data	CVE-2026-44843	2026-05-30 01:19	2026-05-27	Show	GitHub Exploit DB Packet Storm

2498	8.8	HIGH Network	google	chrome	Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-9957	2026-05-30 01:19	2026-05-29	Show	GitHub Exploit DB Packet Storm

2499	7.5	HIGH Network	google	chrome	Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font fi…	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-9960	2026-05-30 01:18	2026-05-29	Show	GitHub Exploit DB Packet Storm

2500	8.8	HIGH Network	google	chrome	Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-9962	2026-05-30 01:17	2026-05-29	Show	GitHub Exploit DB Packet Storm