Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
321	9.9	緊急 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるコードインジェクションの脆弱性 New	CWE-94 コード・インジェクション	CVE-2026-46850	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

322	8.5	重要 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-46870	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

323	6.5	警告 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-46871	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

324	4.8	警告 Network	F5 Networks	WAF NGINX Gateway Fabric DoS NGINX Instance Manager NGINX Ingress Controller NGINX plus nginx open source	F5 NetworksのDoS等の複数製品における境界外読み取りに関する脆弱性 New	CWE-125 境界外読み取り	CVE-2026-48142	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

325	8.1	重要 Network	F5 Networks	NGINX Gateway Fabric	F5 NetworksのNGINX Gateway Fabricにおけるインジェクションに関する脆弱性 New	CWE-74 インジェクション	CVE-2026-50107	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

326	-	-	三菱電機	MELSEC iQ-Fシリーズ FX5-ENET/IP形Ethernetユニット MELSEC iQ-F FX5-EIP形EtherNet/IPユニット	三菱電機製MELSEC iQ-FシリーズのFX5-EIPおよびFX5-ENET/IPにおける脆弱性 New	CWE-190 CWE-440	CVE-2026-8805 CVE-2026-8806	2026-06-22 18:05	2026-06-19	Show	GitHub Exploit DB Packet Storm

327	-	-	（複数のベンダ）	（複数の製品）	Vendor-signed UEFIアプリケーションにおけるセキュアブートバイパスの脆弱性 New	-	-	2026-06-22 17:17	2026-06-19	Show	GitHub Exploit DB Packet Storm

328	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年06月18日） New	-	-	2026-06-22 17:17	2026-06-19	Show	GitHub Exploit DB Packet Storm

329	8.4	重要 Local	マイクロソフト	Microsoft Office 2021 Long Term Servicing Channel Edition Microsoft Office 365 Microsoft Office 2024 Long-Term Servicing Ch…	Microsoft Office のリモートコードが実行される脆弱性 New	CWE-416 CWE-787	CVE-2026-45474	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

330	7.8	重要 Local	マイクロソフト	Microsoft Office 2021 Long Term Servicing Channel Edition Microsoft Office 365 Microsoft Office 2024 Long-Term Servicing Ch…	Microsoft Office のリモートコードが実行される脆弱性 New	CWE-122 ヒープオーバーフロー	CVE-2026-45475	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
257101	8.8	HIGH Network	google debian	chrome debian_linux	A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.	CWE-416 Use After Free	CVE-2017-5126	2024-11-21 12:27	2018-02-8	Show	GitHub Exploit DB Packet Storm

257102	8.8	HIGH Network	google debian	chrome debian_linux	Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-5125	2024-11-21 12:27	2018-02-8	Show	GitHub Exploit DB Packet Storm

257103	6.1	MEDIUM Network	google debian	chrome debian_linux	Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.	CWE-79 Cross-site Scripting	CVE-2017-5124	2024-11-21 12:27	2018-02-8	Show	GitHub Exploit DB Packet Storm

257104	7.2	HIGH Network	moxa	softnvr-ia_live_view	An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search path element (DLL Hijacking) vulnerability has be…	CWE-427 Uncontrolled Search Path Element	CVE-2017-5170	2024-11-21 12:27	2018-01-19	Show	GitHub Exploit DB Packet Storm

257105	8.0	HIGH Adjacent	cambiumnetworks	cnpilot_r190v_firmware cnpilot_e410_firmware cnpilot_r190n_firmware cnpilot_e400_firmware cnpilot_e600_firmware	Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session token…	CWE-352 Origin Validation Error	CVE-2017-5263	2024-11-21 12:27	2017-12-21	Show	GitHub Exploit DB Packet Storm

257106	8.0	HIGH Adjacent	cambiumnetworks	cnpilot_r190v_firmware cnpilot_e410_firmware cnpilot_r190n_firmware cnpilot_e400_firmware cnpilot_e600_firmware	In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.	CWE-200 Information Exposure	CVE-2017-5262	2024-11-21 12:27	2017-12-21	Show	GitHub Exploit DB Packet Storm

257107	8.8	HIGH Network	cambiumnetworks	cnpilot_r190v_firmware cnpilot_e410_firmware cnpilot_r190n_firmware cnpilot_e400_firmware cnpilot_e600_firmware	In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to …	CWE-22 Path Traversal	CVE-2017-5261	2024-11-21 12:27	2017-12-21	Show	GitHub Exploit DB Packet Storm

257108	8.8	HIGH Network	cambiumnetworks	cnpilot_r190v_firmware cnpilot_e410_firmware cnpilot_r190n_firmware cnpilot_e400_firmware cnpilot_e600_firmware	In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/sysc…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2017-5259	2024-11-21 12:27	2017-12-21	Show	GitHub Exploit DB Packet Storm

257109	5.4	MEDIUM Network	cambiumnetworks	epmp_1000_firmware epmp_2000_firmware	In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certain…	CWE-79 Cross-site Scripting	CVE-2017-5258	2024-11-21 12:27	2017-12-21	Show	GitHub Exploit DB Packet Storm

257110	5.4	MEDIUM Network	cambiumnetworks	epmp_1000_firmware epmp_2000_firmware	In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings in certain SNMP OIDs which will execute…	CWE-79 Cross-site Scripting	CVE-2017-5257	2024-11-21 12:27	2017-12-21	Show	GitHub Exploit DB Packet Storm