Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5391 6.1 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-20070 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
5392 5.8 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-20073 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
5393 7.7 重要
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-20100 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
5394 8.6 重要
Network 		NVIDIA NemoClaw NVIDIAのNemoClawにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性 CWE-497
認可されていない制御領域への重要情報の漏えい 		CVE-2026-24222 2026-05-7 11:30 2026-04-28 Show GitHub Exploit DB Packet Storm
5395 6.3 警告
Local 		NVIDIA NemoClaw NVIDIAのNemoClawにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-24231 2026-05-7 11:30 2026-04-28 Show GitHub Exploit DB Packet Storm
5396 6.5 警告
Network 		SAP Manage Reference Structures SAPのManage Reference Structuresにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-27679 2026-05-7 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
5397 7.5 重要
Network 		Mercurycom MIPC252W Firmware MercurycomのMIPC252W FirmwareにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-31256 2026-05-7 11:30 2026-04-27 Show GitHub Exploit DB Packet Storm
5398 4.9 警告
Network 		Anviz Global Anviz CX7 Firmware Anviz GlobalのAnviz CX7 Firmwareにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-31927 2026-05-7 11:30 2026-04-17 Show GitHub Exploit DB Packet Storm
5399 7.7 重要
Local 		Anviz Global Anviz CX7 Firmware Anviz GlobalのAnviz CX7 Firmwareにおけるハードコードされた暗号鍵の使用に関する脆弱性 CWE-321
ハードコードされた暗号鍵の使用 		CVE-2026-32324 2026-05-7 11:30 2026-04-17 Show GitHub Exploit DB Packet Storm
5400 5.3 警告
Network 		Anviz Global Anviz CX7 Firmware
Anviz CX2 Lite Firmware 		Anviz GlobalのAnviz CX2 Lite Firmware等の複数製品における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-32648 2026-05-7 11:30 2026-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1731 - - - In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkm_device leak on aperture removal failure When aperture_remove_conflicting_pci_devices() fails during probe, … - CVE-2026-52904 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm
1732 5.3 MEDIUM
Network 		- - The WPForms WordPress plugin before 1.10.0.5 does not verify the authenticity of incoming PayPal webhook events before processing them, allowing unauthenticated attackers to forge webhook payloads a… CWE-862
 Missing Authorization 		CVE-2026-4986 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm
1733 - - - In the Linux kernel, the following vulnerability has been resolved: erofs: handle end of filesystem properly for file-backed mounts I/O requests beyond the end of the filesystem should be zeroed ou… - CVE-2026-46329 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm
1734 6.1 MEDIUM
Network 		- - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in damasac thaipalliative_lte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parame… CWE-79
Cross-site Scripting 		CVE-2026-38579 2026-06-9 23:16 2026-06-6 Show GitHub Exploit DB Packet Storm
1735 - - - A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve pr… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-2638 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm
1736 8.3 HIGH
Network 		- - Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.… CWE-472
 External Control of Assumed-Immutable Web Parameter 		CVE-2026-11640 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm
1737 8.8 HIGH
Network 		- - Versions of the package degit before 2.8.6, from 3.0.0 and before 3.3.1 are vulnerable to Command Injection due to improper sanitisation of user input for git shell commands directly invoked with exe… CWE-78
CWE-77
OS Command 
Command Injection 		CVE-2026-11572 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm
1738 6.5 MEDIUM
Network 		google chrome Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) CWE-693
 Protection Mechanism Failure 		CVE-2026-11288 2026-06-9 22:59 2026-06-5 Show GitHub Exploit DB Packet Storm
1739 6.5 MEDIUM
Network 		google chrome Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) CWE-1300
CWE-203
 Improper Protection of Physical Side Channels
 Information Exposure Through Discrepancy 		CVE-2026-11289 2026-06-9 22:58 2026-06-5 Show GitHub Exploit DB Packet Storm
1740 7.5 HIGH
Network 		- - Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulne… CWE-121
Stack-based Buffer Overflow 		CVE-2026-36789 2026-06-9 22:57 2026-06-9 Show GitHub Exploit DB Packet Storm