Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3331 9 緊急
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-9891 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3332 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-9896 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3333 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-9897 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3334 7.5 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-9901 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3335 7.5 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性 CWE-472
不変と仮定される Web パラメータの外部制御 		CVE-2026-9909 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3336 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける複数の脆弱性 CWE-125
CWE-787
CVE-2026-9910 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3337 7.5 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-9922 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3338 8.3 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-9925 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3339 8.3 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-9926 2026-06-3 16:59 2026-05-28 Show GitHub Exploit DB Packet Storm
3340 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-9927 2026-06-3 16:58 2026-05-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
521 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site S… New CWE-79
Cross-site Scripting 		CVE-2026-50556 2026-06-27 04:33 2026-06-23 Show GitHub Exploit DB Packet Storm
522 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Si… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-46417 2026-06-27 04:33 2026-06-23 Show GitHub Exploit DB Packet Storm
523 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Se… New CWE-400
CWE-834
 Uncontrolled Resource Consumption
 Excessive Iteration 		CVE-2026-50171 2026-06-27 04:32 2026-06-23 Show GitHub Exploit DB Packet Storm
524 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in th… New CWE-200
CWE-524
Information Exposure
 Use of Cache Containing Sensitive Information 		CVE-2026-50184 2026-06-27 04:31 2026-06-23 Show GitHub Exploit DB Packet Storm
525 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an information disclosure vu… New CWE-200
CWE-359
Information Exposure
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2026-54264 2026-06-27 04:30 2026-06-23 Show GitHub Exploit DB Packet Storm
526 7.1 HIGH
Local 		home-assistant home_assistant_companion Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any in… New CWE-926
 Improper Export of Android Application Components 		CVE-2026-54318 2026-06-27 04:28 2026-06-24 Show GitHub Exploit DB Packet Storm
527 7.5 HIGH
Network 		aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chun… New CWE-409
 Improper Handling of Highly Compressed Data (Data Amplification) 		CVE-2026-54278 2026-06-27 04:27 2026-06-23 Show GitHub Exploit DB Packet Storm
528 7.4 HIGH
Network 		deno deno Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, node:crypto.checkPrime(candidate[, options][, callback]) and crypto.checkPrimeSync(candidate[, options]) ran no Miller-Rabin… New CWE-325
 Missing Required Cryptographic Step 		CVE-2026-49440 2026-06-27 04:27 2026-06-24 Show GitHub Exploit DB Packet Storm
529 8.1 HIGH
Network 		caddyserver caddy Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forward_auth copy_headers deletes the exact client-supplied identity header before copying the trusted value from the… New CWE-287
CWE-290
CWE-444
Improper Authentication
 Authentication Bypass by Spoofing
HTTP Request Smuggling 		CVE-2026-52845 2026-06-27 04:27 2026-06-24 Show GitHub Exploit DB Packet Storm
530 6.5 MEDIUM
Network 		aquasec trivy Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive (.tgz), its custom tar unpacker reads each entry with io.ReadAll(tr) and no size limit. An attacker who can place a… New CWE-770
CWE-789
 Allocation of Resources Without Limits or Throttling
 Memory Allocation with Excessive Size Value 		CVE-2026-54448 2026-06-27 04:27 2026-06-26 Show GitHub Exploit DB Packet Storm