Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245601	4.3	警告	TYPO3 Association an searchit	-	TYPO3 のan_searchit 拡張におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4161	2012-06-26 16:18	2009-12-1	Show	GitHub Exploit DB Packet Storm

245602	7.5	危険	ciamos	-	Ciamos CMS の modules/pms/index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4156	2012-06-26 16:18	2009-12-2	Show	GitHub Exploit DB Packet Storm

245603	7.5	危険	eshopbuilder	-	Eshopbuilde CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4155	2012-06-26 16:18	2009-12-2	Show	GitHub Exploit DB Packet Storm

245604	5	警告	Elxis	-	Elxis CMS の includes/feedcreator.class.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4154	2012-06-26 16:18	2009-12-2	Show	GitHub Exploit DB Packet Storm

245605	5.8	警告	Best Practical Solutions	-	Best Practical Solutions RT の html/Elements/SetupSessionCookie におけるセッションをハイジャックされるの脆弱性	CWE-287 不適切な認証	CVE-2009-4151	2012-06-26 16:18	2009-11-30	Show	GitHub Exploit DB Packet Storm

245606	9.3	危険	daz3d	-	DAZ Studio における任意の JavaScript コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-4148	2012-06-26 16:18	2009-12-4	Show	GitHub Exploit DB Packet Storm

245607	7.2	危険	FreeBSD	-	FreeBSD の libexec/rtld-elf/rtld.c における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4147	2012-06-26 16:18	2009-12-2	Show	GitHub Exploit DB Packet Storm

245608	7.2	危険	FreeBSD	-	FreeBSD の libexec/rtld-elf/rtld.c における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4146	2012-06-26 16:18	2009-12-2	Show	GitHub Exploit DB Packet Storm

245609	4.4	警告	GNU Project	-	GNU coreutils の dist-check.mk の distcheck rule における権限を取得される脆弱性	CWE-59 リンク解釈の問題	CVE-2009-4135	2012-06-26 16:18	2009-12-5	Show	GitHub Exploit DB Packet Storm

245610	6.5	警告	Condor Project レッドハット	-	MRG の Grid Execute Node で使用される Condor における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2009-4133	2012-06-26 16:18	2009-12-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2381	6.5	MEDIUM Network	google	chrome	Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit…	CWE-457 Use of Uninitialized Variable	CVE-2026-10994	2026-06-7 02:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2382	6.5	MEDIUM Network	google	chrome	Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur…	CWE-122 Heap-based Buffer Overflow	CVE-2026-10993	2026-06-7 02:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2383	6.5	MEDIUM Network	google	chrome	Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (C…	NVD-CWE-noinfo CWE-20 Improper Input Validation	CVE-2026-10992	2026-06-7 02:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2384	8.3	HIGH Network	google	chrome	Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…	CWE-416 Use After Free	CVE-2026-10990	2026-06-7 02:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2385	5.9	MEDIUM Network	google	chrome	Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. (Chromium …	CWE-20 Improper Input Validation	CVE-2026-11199	2026-06-6 22:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2386	8.3	HIGH Network	google	chrome	Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a s…	CWE-20 Improper Input Validation	CVE-2026-10971	2026-06-6 22:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2387	8.8	HIGH Network	google	chrome	Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security…	NVD-CWE-noinfo CWE-474 Use of Function with Inconsistent Implementations	CVE-2026-11102	2026-06-6 13:17	2026-06-5	Show	GitHub Exploit DB Packet Storm

2388	5.5	MEDIUM Local	samsung	android	Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files.	NVD-CWE-Other	CVE-2026-21017	2026-06-6 11:01	2026-06-5	Show	GitHub Exploit DB Packet Storm

2389	5.5	MEDIUM Local	samsung	android	Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.	NVD-CWE-Other	CVE-2026-21025	2026-06-6 11:01	2026-06-5	Show	GitHub Exploit DB Packet Storm

2390	5.5	MEDIUM Local	samsung	android	Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information.	NVD-CWE-Other	CVE-2026-21026	2026-06-6 11:00	2026-06-5	Show	GitHub Exploit DB Packet Storm