Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
51	5.5	警告 Local	Google	Android	GoogleのAndroidにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-0067	2026-06-5 10:50	2026-06-1	Show	GitHub Exploit DB Packet Storm

52	5.9	警告 Local	Google	Android	GoogleのAndroidにおけるSQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2026-0075	2026-06-5 10:50	2026-06-1	Show	GitHub Exploit DB Packet Storm

53	7.8	重要 Local	Google	Android	GoogleのAndroidにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-0078	2026-06-5 10:50	2026-06-1	Show	GitHub Exploit DB Packet Storm

54	5.5	警告 Local	Google	Android	GoogleのAndroidにおける整数オーバーフローの脆弱性 New	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-0079	2026-06-5 10:49	2026-06-1	Show	GitHub Exploit DB Packet Storm

55	6.5	警告 Network	Google	Android	GoogleのAndroidにおける整数オーバーフローの脆弱性 New	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-0080	2026-06-5 10:49	2026-06-1	Show	GitHub Exploit DB Packet Storm

56	5.5	警告 Local	Google	Android	GoogleのAndroidにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-0085	2026-06-5 10:49	2026-06-1	Show	GitHub Exploit DB Packet Storm

57	6.8	警告 Local	Google	Android	GoogleのAndroidにおける権限管理に関する脆弱性 New	CWE-269 不適切な権限管理	CVE-2026-0086	2026-06-5 10:49	2026-06-1	Show	GitHub Exploit DB Packet Storm

58	7.8	重要 Local	Google	Android	GoogleのAndroidにおける保護メカニズムの不具合に関する脆弱性 New	CWE-693 保護メカニズムの不具合	CVE-2026-0087	2026-06-5 10:49	2026-06-1	Show	GitHub Exploit DB Packet Storm

59	7.8	重要 Local	Google	Android	GoogleのAndroidにおけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性 New	CWE-451 ユーザインターフェースにおける重要情報の誤った表示	CVE-2026-0088	2026-06-5 10:49	2026-06-1	Show	GitHub Exploit DB Packet Storm

60	7.8	重要 Local	Google	Android	GoogleのAndroidにおける権限管理に関する脆弱性 New	CWE-269 不適切な権限管理	CVE-2026-0089	2026-06-5 10:49	2026-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251	-		-	-	HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an OS command injection vulnerability exists in the Git.php library of the HAXcms PHP backend. The applic… New	CWE-78 OS Command	CVE-2026-46394	2026-06-6 04:20	2026-06-6	Show	GitHub Exploit DB Packet Storm

252	-		-	-	HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an attack chain utilizing Stored XSS alongside dynamic token exposure in the `/system/api/connectionSetti… New	CWE-79 CWE-522 CWE-922 Cross-site Scripting Insufficiently Protected Credentials Insecure Storage of Sensitive Information	CVE-2026-46511	2026-06-6 04:20	2026-06-6	Show	GitHub Exploit DB Packet Storm

253	8.8	HIGH Network	-	-	The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and includ… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-5411	2026-06-6 04:20	2026-06-6	Show	GitHub Exploit DB Packet Storm

254	8.8	HIGH Network	-	-	The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and includ… New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-5415	2026-06-6 04:20	2026-06-6	Show	GitHub Exploit DB Packet Storm

255	8.8	HIGH Network	-	-	Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename … New	CWE-78 OS Command	CVE-2026-49492	2026-06-6 03:59	2026-06-6	Show	GitHub Exploit DB Packet Storm

256	8.8	HIGH Network	-	-	Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(), which evaluates the block content as code via vm.runInNewContext(), allowing arbitrary code execution. A… New	CWE-94 Code Injection	CVE-2026-49493	2026-06-6 03:59	2026-06-6	Show	GitHub Exploit DB Packet Storm

257	8.8	HIGH Network	-	-	Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary JavaScript execution. The flaw affects every render path - th… New	CWE-95 Eval Injection	CVE-2026-50733	2026-06-6 03:59	2026-06-6	Show	GitHub Exploit DB Packet Storm

258	4.3	MEDIUM Network	strawberry	strawberry_graphql	Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.288.4 through 0.315.3, Strawberry's bundled GraphiQL template wrote values from the GraphiQL headers editor into the browser U… New	CWE-200 CWE-201 Information Exposure Insertion of Sensitive Information Into Sent Data	CVE-2026-45739	2026-06-6 03:43	2026-06-5	Show	GitHub Exploit DB Packet Storm

259	4.3	MEDIUM Network	synology	hyper_backup	An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated use… New	CWE-22 Path Traversal	CVE-2024-47273	2026-06-6 03:32	2026-06-3	Show	GitHub Exploit DB Packet Storm

260	4.1	MEDIUM Network	synology	hyper_backup	An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenti… New	CWE-22 Path Traversal	CVE-2024-47263	2026-06-6 03:31	2026-06-3	Show	GitHub Exploit DB Packet Storm