Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
441 7.5 重要
Network 		Apache Software Foundation
Debian
F5 Networks		 Apache HTTP Server
nginx
Debian GNU/Linux 		Apache Software Foundation等の複数ベンダの製品における過剰なサイズ値のメモリ割り当てに関する脆弱性 New CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-49975 2026-06-11 16:15 2026-06-8 Show GitHub Exploit DB Packet Storm
442 6.8 警告
Physics 		マイクロソフト Microsoft Windows 11 25h2
Microsoft Windows Server 2012
Microsoft Windows 11 24h2
Microsoft Windows 10 21h2
Microsoft Wind… 		Windows BitLocker セキュリティ機能バイパスの脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-50507 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
443 9.1 緊急
Network 		BINARY DataDog::DogStatsd BINARYのDataDog::DogStatsdにおける複数の脆弱性 New CWE-150
CWE-93
CVE-2026-46719
CVE-2026-46720
CVE-2026-46741
CVE-2026-9270 		2026-06-11 16:15 2026-06-5 Show GitHub Exploit DB Packet Storm
444 9.8 緊急
Network 		BINARY DataDog::DogStatsd BINARYのDataDog::DogStatsdにおける複数の脆弱性 New CWE-150
CWE-93
CVE-2026-11362
CVE-2026-46719
CVE-2026-46720
CVE-2026-46741 		2026-06-11 16:15 2026-06-5 Show GitHub Exploit DB Packet Storm
445 7.8 重要
Local 		Synology Inc. Active Backup for Business Recovery Media Creator Synology Inc.のActive Backup for Business Recovery Media Creatorにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 New CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2022-49036 2026-06-11 16:14 2026-06-3 Show GitHub Exploit DB Packet Storm
446 5.5 警告
Local 		cilium eBPF ciliumのeBPFにおける複数の脆弱性 New CWE-189
CWE-190
CVE-2026-10722 2026-06-11 16:14 2026-06-3 Show GitHub Exploit DB Packet Storm
447 7.5 重要
Network 		CRUX Protocol::HTTP2 CRUXのProtocol::HTTP2における高圧縮データの処理 (データ増幅)に関する脆弱性 New CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-10725 2026-06-11 16:14 2026-06-6 Show GitHub Exploit DB Packet Storm
448 6.1 警告
Network 		HCL Technologies Limited Digital Experience Compose
digital experience 		HCL Technologies Limitedのdigital experience等の複数製品におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-21825 2026-06-11 16:14 2026-06-5 Show GitHub Exploit DB Packet Storm
449 6.1 警告
Network 		HCL Technologies Limited Digital Experience Compose
digital experience 		HCL Technologies Limitedのdigital experience等の複数製品におけるオープンリダイレクトの脆弱性 New CWE-601
オープンリダイレクト 		CVE-2026-21826 2026-06-11 16:14 2026-06-5 Show GitHub Exploit DB Packet Storm
450 8.8 重要
Network 		HCL Technologies Limited Digital Experience Compose
digital experience 		HCL Technologies Limitedのdigital experience等の複数製品におけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-21837 2026-06-11 16:14 2026-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
481 6.5 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a cra… New CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-11658 2026-06-11 03:30 2026-06-9 Show GitHub Exploit DB Packet Storm
482 6.5 MEDIUM
Network 		google chrome Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page… New CWE-20
 Improper Input Validation  		CVE-2026-11653 2026-06-11 03:29 2026-06-9 Show GitHub Exploit DB Packet Storm
483 5.5 MEDIUM
Local 		cilium ebpf A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipul… Update CWE-189
CWE-190
Numeric Errors
 Integer Overflow or Wraparound 		CVE-2026-10722 2026-06-11 03:28 2026-06-3 Show GitHub Exploit DB Packet Storm
484 7.8 HIGH
Local 		synology active_backup_for_business_recovery_media_creator An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users t… Update CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2022-49036 2026-06-11 03:20 2026-06-3 Show GitHub Exploit DB Packet Storm
485 5.3 MEDIUM
Local 		lmsys sglang A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service.… Update CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-10775 2026-06-11 03:19 2026-06-4 Show GitHub Exploit DB Packet Storm
486 - - - An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to e… New CWE-78
OS Command  		CVE-2026-9151 2026-06-11 03:17 2026-06-11 Show GitHub Exploit DB Packet Storm
487 2.7 LOW
Network 		- - A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This… Update CWE-1220
 Insufficient Granularity of Access Control 		CVE-2026-9088 2026-06-11 03:17 2026-06-5 Show GitHub Exploit DB Packet Storm
488 8.5 HIGH
Network 		- - Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety val… New CWE-269
CWE-732
 Improper Privilege Management
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-50570 2026-06-11 03:17 2026-06-11 Show GitHub Exploit DB Packet Storm
489 4.3 MEDIUM
Network 		- - Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, HTTPTriggerSpec.Validate() valid… New CWE-20
 Improper Input Validation  		CVE-2026-50569 2026-06-11 03:17 2026-06-11 Show GitHub Exploit DB Packet Storm
490 3.6 LOW
Local 		- - Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/ut… New CWE-41
 Improper Resolution of Path Equivalence 		CVE-2026-50568 2026-06-11 03:17 2026-06-11 Show GitHub Exploit DB Packet Storm