Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける権限管理に関する脆弱性 New	CWE-269 不適切な権限管理	CVE-2026-12018	2026-06-26 11:48	2026-06-11	Show	GitHub Exploit DB Packet Storm

252	5.5	警告 Local	東芝	Generic IO & Memory Access ドライバー	東芝製およびDynabook製PC搭載Generic IO & Memory Access ドライバーのIOCTLインタフェースに対するアクセス制御が不十分 New	CWE-782 不十分なアクセス制御による IOCTL の公開	CVE-2026-56129	2026-06-26 09:44	2026-06-25	Show	GitHub Exploit DB Packet Storm

253	6.7	警告 Local	ソニー株式会社	Optical Disc Archive Software	Optical Disc Archive Software（Windows版）のインストーラにおけるインストール時の不適切なファイルアクセス権設定の脆弱性	CWE-Other その他	CVE-2026-50255	2026-06-25 16:27	2026-06-16	Show	GitHub Exploit DB Packet Storm

254	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年06月23日）	-	-	2026-06-25 10:59	2026-06-24	Show	GitHub Exploit DB Packet Storm

255	-	-	日立	Hitachi Ops Center Analyzer viewpoint Hitachi Infrastructure Analytics Advisor Hitachi Ops Center Viewpoint Hitachi Ops Center&nbs…	Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Analyzer viewpointおよびHitachi Ops Center Viewpointにおける複数の脆弱性	-	CVE-2023-35116 CVE-2025-24970 CVE-2025-25193 CVE-2025-48924 CVE-2025-55163 CVE-2025-58056 CVE-2025-58057	2026-06-25 09:25	2026-06-23	Show	GitHub Exploit DB Packet Storm

256	-	-	横河電機株式会社	統合情報サーバ（CIサーバ） FAST/TOOLS	横河電機製FAST/TOOLSおよびCI Serverにおける重要情報の平文送信の脆弱性	CWE-319 重要な情報の平文での送信	CVE-2026-11833	2026-06-24 14:38	2026-06-23	Show	GitHub Exploit DB Packet Storm

257	-	-	（複数のベンダ）	（複数の製品）	Microsoft Windows Recovery EnvironmentにおけるUEFI/BIOSパスワード制限回避の脆弱性	-	-	2026-06-24 14:38	2026-06-23	Show	GitHub Exploit DB Packet Storm

258	-	-	（複数のベンダ）	（複数の製品）	FastStone Image Viewerにおけるファイル解析に関する複数の脆弱性	-	-	2026-06-24 14:38	2026-06-23	Show	GitHub Exploit DB Packet Storm

259	9.8	緊急 Network	InHand Networks	IR915L-FQ39-S Firmware IR912L-FQ58 Firmware	InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-38714	2026-06-24 10:00	2026-06-18	Show	GitHub Exploit DB Packet Storm

260	9.8	緊急 Network	InHand Networks	IR915L-FQ39-S Firmware IR912L-FQ58 Firmware	InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-38715	2026-06-24 10:00	2026-06-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
259531	5.9	MEDIUM Network	mcafee	network_data_loss_prevention	Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows man-in-the-middle attackers to expose confidential data…	CWE-200 Information Exposure	CVE-2017-3934	2024-11-21 12:26	2017-10-31	Show	GitHub Exploit DB Packet Storm

259532	5.4	MEDIUM Network	mcafee	network_data_loss_prevention	Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request fo…	CWE-79 Cross-site Scripting	CVE-2017-3933	2024-11-21 12:26	2017-10-31	Show	GitHub Exploit DB Packet Storm

259533	6.5	MEDIUM Network	google redhat	chrome enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation	Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via I…	CWE-20 Improper Input Validation	CVE-2017-5076	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm

259534	4.3	MEDIUM Network	google redhat	chrome enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation	Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value …	CWE-200 Information Exposure	CVE-2017-5075	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm

259535	8.0	HIGH Adjacent	google	chrome	A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.	CWE-416 Use After Free	CVE-2017-5074	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm

259536	8.8	HIGH Network	google redhat	chrome enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation	Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory…	CWE-416 Use After Free	CVE-2017-5073	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm

259537	6.5	MEDIUM Network	google	chrome	Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page.	CWE-20 Improper Input Validation	CVE-2017-5072	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm

259538	6.3	MEDIUM Network	google redhat	chrome enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation	Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds …	CWE-20 Improper Input Validation	CVE-2017-5071	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm

259539	6.1	MEDIUM Network	google redhat	chrome enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation	Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-…	CWE-79 Cross-site Scripting	CVE-2017-5069	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm

259540	7.5	HIGH Network	google redhat	chrome enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation	Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.	CWE-362 Race Condition	CVE-2017-5068	2024-11-21 12:26	2017-10-27	Show	GitHub Exploit DB Packet Storm