Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3681 5.5 警告
Local 		jqlang jq jqlangのjqにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40612 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
3682 7.5 重要
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40863 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
3683 5.5 警告
Local 		jqlang jq jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性 CWE-158
NULL バイトまたは NULL キャラクタの不適切な無害化 		CVE-2026-41256 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
3684 5.5 警告
Local 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-41257 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
3685 5.4 警告
Network 		Langfuse GmbH Langfuse Langfuse GmbHのLangfuseにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41487 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
3686 9.8 緊急
Network 		Nhost Nhost/auth NhostのNhost/authにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-41574 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
3687 7.5 重要
Network 		Web Technologies Change Detection Web TechnologiesのChange DetectionにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-41895 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
3688 9.8 緊急
Network 		レッドハット
GNU Project		 Red Hat OpenShift Container Platform
Red Hat Hardened Images
GnuTLS
Red Hat Enterprise Linux 		GNU Project等の複数ベンダの製品におけるNull バイト相互作用エラー (Poison Null Byte) の脆弱性 CWE-626
Null バイト相互作用エラー (Poison Null Byte) 		CVE-2026-42010 2026-05-15 11:00 2026-05-7 Show GitHub Exploit DB Packet Storm
3689 9.6 緊急
Network 		langflow langflow langflowにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-42048 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
3690 5.5 警告
Local 		ImageMagick ImageMagick ImageMagickにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-42050 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
306961 - google
apple 		chrome
iphone_os
itunes
safari 		Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. CWE-416
 Use After Free 		CVE-2011-2792 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306962 - google chrome The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via un… CWE-787
 Out-of-bounds Write 		CVE-2011-2791 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306963 - google
apple 		chrome
iphone_os
itunes
safari 		Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. CWE-416
 Use After Free 		CVE-2011-2790 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306964 - google chrome Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation o… CWE-416
 Use After Free 		CVE-2011-2789 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306965 - google
apple 		chrome
iphone_os
itunes
safari 		Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. CWE-120
Classic Buffer Overflow 		CVE-2011-2788 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306966 - google chrome Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspeci… CWE-20
 Improper Input Validation  		CVE-2011-2787 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306967 - google chrome Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted… CWE-20
 Improper Input Validation  		CVE-2011-2786 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306968 - google chrome The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted exte… CWE-20
 Improper Input Validation  		CVE-2011-2785 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306969 - google chrome Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. CWE-200
Information Exposure 		CVE-2011-2784 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm
306970 - google chrome Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product… CWE-20
 Improper Input Validation  		CVE-2011-2783 2024-11-21 10:28 2011-08-3 Show GitHub Exploit DB Packet Storm