Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3661	6.5	警告 Network	Apache Software Foundation	Ignite	Apache Software FoundationのIgniteにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2025-48977	2026-06-3 17:04	2026-05-28	Show	GitHub Exploit DB Packet Storm

3662	9.1	緊急 Network	Palo Alto Networks	PAN-OS Prisma Access	Palo Alto NetworksのPAN-OS等の複数製品における検証および完全性チェックを行っていない Cookie への依存に関する脆弱性	CWE-565 検証および完全性チェックを行っていない Cookie への依存	CVE-2026-0257	2026-06-3 17:04	2026-05-13	Show	GitHub Exploit DB Packet Storm

3663	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-10001	2026-06-3 17:04	2026-05-28	Show	GitHub Exploit DB Packet Storm

3664	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-10002	2026-06-3 17:04	2026-05-28	Show	GitHub Exploit DB Packet Storm

3665	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-10004	2026-06-3 17:04	2026-05-28	Show	GitHub Exploit DB Packet Storm

3666	7.5	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける競合状態に関する脆弱性	CWE-362 競合状態	CVE-2026-10006	2026-06-3 17:03	2026-05-28	Show	GitHub Exploit DB Packet Storm

3667	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-10012	2026-06-3 17:03	2026-05-28	Show	GitHub Exploit DB Packet Storm

3668	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性	CWE-472 不変と仮定される Web パラメータの外部制御	CVE-2026-10018	2026-06-3 17:03	2026-05-28	Show	GitHub Exploit DB Packet Storm

3669	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性	CWE-472 不変と仮定される Web パラメータの外部制御	CVE-2026-10019	2026-06-3 17:03	2026-05-28	Show	GitHub Exploit DB Packet Storm

3670	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-10021	2026-06-3 17:03	2026-05-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	4.6	MEDIUM Physics	-	-	Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 (V603) allow a p… New	CWE-312 Cleartext Storage of Sensitive Information	CVE-2026-38571	2026-06-30 00:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

312	7.5	HIGH Network	-	-	An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-36478	2026-06-30 00:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

313	8.1	HIGH Network	-	-	The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using the… New	CWE-798 Use of Hard-coded Credentials	CVE-2026-31928	2026-06-30 00:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

314	7.5	HIGH Network	-	-	fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode (IDN) hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constru… New	CWE-436 Interpretation Conflict	CVE-2026-13676	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

315	-		-	-	SzafirHost verifies the downloaded native library archive with one JarFile parser (reading the Central Directory) but extracts native libraries with JarInputStream parser (reading sequentially from l… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-13165	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

316	-		-	-	The /v1/upload/sbom endpoint extracts the iss claim from the attacker-supplied JWT with signature verification disabled, then interpolates that string into three log statements before any validation … New	CWE-117 Improper Output Neutralization for Logs	CVE-2026-12616	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

317	-		-	-	libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function processes user input using fixed-size stack buffers wit… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-11979	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

318	7.4	HIGH Network	-	-	Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct getaddrinfo_state ai_state) as the user_data of an … New	CWE-416 Use After Free	CVE-2026-10646	2026-06-30 00:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

319	4.2	MEDIUM Adjacent	-	-	The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous (DMA) receive path. When uart_rx_ena… New	CWE-787 Out-of-bounds Write	CVE-2026-10644	2026-06-30 00:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

320	8.7	HIGH Local	-	-	Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg… New	CWE-787 Out-of-bounds Write	CVE-2026-10643	2026-06-30 00:16	2026-06-28	Show	GitHub Exploit DB Packet Storm