Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
411	8.1	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるファイル名やパス名の外部制御に関する脆弱性 New	CWE-73 ファイル名やパス名の外部制御	CVE-2026-35077	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

412	8.1	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるファイル名やパス名の外部制御に関する脆弱性 New	CWE-73 ファイル名やパス名の外部制御	CVE-2026-35078	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

413	8.1	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるファイル名やパス名の外部制御に関する脆弱性 New	CWE-73 ファイル名やパス名の外部制御	CVE-2026-35079	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

414	8.1	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるファイル名やパス名の外部制御に関する脆弱性 New	CWE-73 ファイル名やパス名の外部制御	CVE-2026-35080	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

415	8.1	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-35081	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

416	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-35082	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

417	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-35083	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

418	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-35084	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

419	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-35085	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

420	7.5	重要 Network	レッドハット GNU Project	Redhat Enterprise Linux For Power Little Endian Els Red Hat Enterprise Linux for IBM z Systems - Extended Updat…	GNU Project等の複数ベンダの製品におけるAPI への入力に対する未定義の動作に関する脆弱性 New	CWE-475 API への入力に対する未定義の動作	CVE-2026-42009	2026-06-9 14:11	2026-05-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2561	8.3	HIGH Network	google	chrome	Out of bounds read and write in Dawn in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security …	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2026-9889	2026-06-2 03:44	2026-05-29	Show	GitHub Exploit DB Packet Storm

2562	8.3	HIGH Network	google	chrome	Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via…	CWE-269 Improper Privilege Management	CVE-2026-9892	2026-06-2 03:44	2026-05-29	Show	GitHub Exploit DB Packet Storm

2563	8.3	HIGH Network	google	chrome	Insufficient validation of untrusted input in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb…	CWE-20 Improper Input Validation	CVE-2026-9898	2026-06-2 03:44	2026-05-29	Show	GitHub Exploit DB Packet Storm

2564	5.0	MEDIUM Network	-	-	Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attac…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46526	2026-06-2 03:43	2026-05-29	Show	GitHub Exploit DB Packet Storm

2565	7.8	HIGH Local	-	-	Roslyn CodeLens MCP Server is a Roslyn-based MCP server providing semantic code intelligence for .NET codebases. From 0.0.9 to 1.17.0, the get_diagnostics MCP tool loads and executes all DiagnosticAn…	CWE-94 Code Injection	CVE-2026-45555	2026-06-2 03:43	2026-05-29	Show	GitHub Exploit DB Packet Storm

2566	8.3	HIGH Network	google	chrome	Use after free in Accessibility in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr…	CWE-416 Use After Free	CVE-2026-9905	2026-06-2 03:43	2026-05-29	Show	GitHub Exploit DB Packet Storm

2567	4.3	MEDIUM Network	google	chrome	Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)	CWE-125 Out-of-bounds Read	CVE-2026-9943	2026-06-2 03:43	2026-05-29	Show	GitHub Exploit DB Packet Storm

2568	8.8	HIGH Network	-	-	LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but…	CWE-787 Out-of-bounds Write	CVE-2026-44988	2026-06-2 03:42	2026-05-28	Show	GitHub Exploit DB Packet Storm

2569	8.1	HIGH Network	sangoma	freepbx	FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation does not sufficiently validate client credentials during token issuance. Knowledge of a valid client_…	CWE-1390 Weak Authentication	CVE-2026-44237	2026-06-2 03:42	2026-05-29	Show	GitHub Exploit DB Packet Storm

2570	8.8	HIGH Network	sangoma	freepbx	FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administrati…	CWE-89 SQL Injection	CVE-2026-44238	2026-06-2 03:41	2026-05-29	Show	GitHub Exploit DB Packet Storm