Security assessment and information provision

This site provides information on security and offers web audit tools.

Annoucement Show List

NVD Vulnerability Information NVD Vulnerability Search Top

Update Date":June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date
1	8.1	HIGH Network	zoom	meeting_software_development_kit workplace	Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access. New	CWE-939 Improper Authorization in Handler for Custom URL Scheme	CVE-2026-53408	2026-06-17 03:59	2026-06-13
2	7.2	HIGH Network	mariadb	mariadb	MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, a high-privileged MariaDB user could've used wsrep_sst_receive_address or wsrep_sst_donor global system va… New	CWE-78 OS Command	CVE-2026-48165	2026-06-17 03:58	2026-06-13
3	6.1	MEDIUM Local	docker mobyproject	engine moby moby\/v2	Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitrary… New	CWE-81 CWE-367 Improper Neutralization of Script in an Error Message Web Page Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-41568	2026-06-17 03:31	2026-06-13
4	7.2	HIGH Local	docker mobyproject	engine moby moby\/v2	Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary h… New	CWE-61 CWE-367 UNIX Symbolic Link (Symlink) Following Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-42306	2026-06-17 03:31	2026-06-13
5	5.5	MEDIUM Local	amd	uprof	Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability. New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-28237	2026-06-17 03:08	2026-06-10
6	5.5	MEDIUM Local	amd	uprof	Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service. New	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2026-0466	2026-06-17 03:05	2026-06-10
7	5.5	MEDIUM Local	gpac	gpac	A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. New	CWE-416 Use After Free	CVE-2025-55650	2026-06-17 02:39	2026-06-16
8	5.5	MEDIUM Local	gpac	gpac	A NULL pointer dereference in the gf_media_map_esd function (media_tools/isom_tools.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. New	CWE-476 NULL Pointer Dereference	CVE-2025-55649	2026-06-17 02:39	2026-06-16
9	5.5	MEDIUM Local	gpac	gpac	A heap buffer overflow in the gf_opus_parse_packet_header function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. New	CWE-122 Heap-based Buffer Overflow	CVE-2025-55648	2026-06-17 02:39	2026-06-16
10	5.5	MEDIUM Local	gpac	gpac	An Out-of-Memory in the mp4_mux_cenc_insert_pssh function (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. New	CWE-190 Integer Overflow or Wraparound	CVE-2025-55647	2026-06-17 02:38	2026-06-16

JVN Vulnerability Information JVN Vulnerability Search Top

Update Date:June 19, 2026, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date
1	-	-	（複数のベンダ）	（複数の製品）	SignalRGBカーネルドライバにおける不適切なアクセス制御およびIOCTLの脆弱性 New	-	-	2026-06-19 11:02	2026-06-18
2	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年06月16日） New	-	-	2026-06-18 11:35	2026-06-17
3	8.1	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における古典的バッファオーバーフローの脆弱性 New	CWE-120 古典的バッファオーバーフロー	CVE-2026-12328	2026-06-17 15:46	2026-06-16
4	5.3	警告 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 New	CWE-119 CWE-416 CWE-476	CVE-2026-12329	2026-06-17 15:46	2026-06-16
5	5.4	警告 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 New	CWE-119 バッファエラー	CVE-2026-12330	2026-06-17 15:46	2026-06-16
6	6.5	警告 Network		-	シスコシステムズのCisco Catalyst SD-WAN Managerにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-20262	2026-06-17 15:46	2026-06-15
7	7.8	重要 Local	NVIDIA	NeMo	NVIDIAのNeMoにおけるコードインジェクションの脆弱性 New	CWE-94 コード・インジェクション	CVE-2026-24155	2026-06-17 15:46	2026-06-16
8	7.8	重要 Local	NVIDIA	NeMo	NVIDIAのNeMoにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-24228	2026-06-17 15:46	2026-06-16
9	5.5	警告 Local	Advanced Micro Devices (AMD)	uprof	Advanced Micro Devices (AMD)のuprofにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-28237	2026-06-17 15:46	2026-06-9
10	6.5	警告 Network	Grafana Labs	Grafana	Grafana LabsのGrafanaにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 New	CWE-552 外部からアクセス可能なファイルまたはディレクトリ	CVE-2026-33380	2026-06-17 15:46	2026-05-13

Version update history excerpt Go To Version Update History

Target Period : 2026-06-12 〜 2026-06-19

No	Name	Genre	Version	Release date	Security Fix	Release Information
1	New!! Tailwind 1	framework	4.3.1	2026-06-13	Unknown	Show

Support Expiration Date Go to Support Expiration Information

Target Period : 2026-05-01 〜 2026-09-30

No	Name	Normal Support	Security Support	Extended Support
1	Red Hat OpenJDK 8 for Windows		2026-05-31
2	Red Hat OpenJDK 8		2026-05-31
3	Java 8 (LTS)		2026-05-31
4	MariaDB 10.6	2026-06-30
5	SQL Server 2016 Service Pack 2	2021-07-13		2026-07-14
6	Oracle JDK 11 (LTS)	2023-09-30		2026-09-30

Excerpts from security information sites updated in the past two days Go to the Provide Information Site

2026-6-19 JST

media_news

No	Name	URL	Excerpt Of Changes	Tag
1	Ars Technica	https://arstechnica.com/	bring out your dead,Hunter-gatherers in Siberia died of a plague outbreak 5,500 years ago,We can’t blame the Neolithic Transition for the plague anymore.,Kiona N. Smith,–,6/18/2026,\|,28,FDA advisors u ...	English News Foreign Country Blog Site Information Gathering
2	Bleeping Computer®	https://www.bleepingcomputer.com/	FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.,Microsoft working on Defender patch for RoguePlanet zero-day,Malicious JetBrains Marketplace plugins steal AI API keys from develop ...	English News Foreign Country Information Provision
3	cnet	https://www.cnet.com/	GTA 6: Preorders Start June 25,Ring’s 2026 Panic Button,HP OmniBook Ultra 14 Review,Subscriptions Cost $1,300 a Year, CNET Survey Finds,Laptops,HP OmniBook Ultra 14's Design and Performance Make It a ...	English News Foreign Country Blog
4	Cybersecurity News	https://securityonline.info/	Critical Alert,1 Active Exploit Detected Today,CVE-2026-20253,—,Splunk Enterprise Missing Authentication for Critical Function Vulnerability →,Powered by,CVE Watchtower,🔔 Enable Desktop Alerts,×,June ...	English News Foreign Country Information Provision
5	Engadget	https://www.engadget.com/	GTA 6 pre-orders open on June 25,Pre-orders for Grand Theft Auto 6 open in just one week.,By,Kris Holt,Read More,Wearables,XGIMI MemoMind One review: Smart glasses, creepy AI,XGIMI's MemoMind One is a ...	English News Foreign Country Blog
6	Gizmodo	https://gizmodo.com/	A Monolith Designed to Record Civilization’s Downfall Is Finally Taking Shape,The creators of this monolithic doomsday tracker say it is on track for installation in remote Tasmania by December.,Clima ...	English News Foreign Country Blog
7	HELPNETSECURITY	https://www.helpnetsecurity.com/	Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned,June 18, 2026,Malware attacks strip Roblox developers of entire games,June 18, 2026,74,000 Fortinet firewall credentials exposed ...	English News Foreign Country Information Provision
8	Krebs on Security	https://krebsonsecurity.com/	‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm,June 18, 2026,1 Comment,For the past four years, a sprawling Android-based botnet called,Popa,has forced millions of consumer TV boxes to relay Int ...	English News Foreign Country Blog
9	Mashable	https://mashable.com/	Say More,Creator Playbook,Mashable @Home,Tech,5 deals under $25 worth shopping before Prime Day,TVs,I track TV prices year-round, so I know that these 25+ TV deals ahead of Prime Day are actually wort ...	English News Foreign Country Blog
10	Schneier on Security	https://www.schneier.com/	Embedding Forbidden Text in Spyware to Discourage AI Analysis,At least one malware developer is,adding text,about nuclear and biological weapons to their spyware, in an effort to stop automatic AI ana ...	English News Foreign Country Blog
11	scmagazine	https://www.scmagazine.com/	Malware campaign uses VirusTotal manipulation, legitimate news sites to gain reputation,June 18, 2026,The clipboard hijacker campaign also uses “ghost networks” on social media to boost engagement.,Id ...	English News Foreign Country Information Provision
12	securityweek	https://www.securityweek.com/	Majority of Internet-Accessible REDCap Servers Outdated,These servers are regularly targeted by China-linked UNC6508 for initial access and backdoor deployment.,Accenture to Acquire Majority Stake in ...	English News Foreign Country Information Provision
13	TechCrunch	https://techcrunch.com/	AI,OpenAI is bringing on some big guns in the lead-up to its IPO,3 hours ago,Startups,The 11 standout startups from YC’s Demo Day, according to VCs,Marina Temkin,Dominic-Madori Davis,3 hours ago,Trans ...	English News Foreign Country Blog Site Information Gathering
14	TechNadu.com	https://www.technadu.com/	Amazon’s One Medical Senior Health Announces Data Breach, ShinyHunters Claims Stealing 8.8 TB,By,Lore Apostol,\|,Published,Dutch Police Arrest Six in Amsterdam Bank Helpdesk Fraud Raid,By,Lore Apostol, ...	English News Foreign Country Information Provision
15	TechRadar	https://www.techradar.com/	Prime Day 2026,New GTA 6 trailer officially reveals cover art — and it looks pretty great,Grand Theft Auto 6 cover art has been officially revealed.,House of the Dragon season 3 review: an almost triu ...	English News Foreign Country Blog
16	The Verge	https://www.theverge.com/	Amazon employees say they’re facing termination for backing data center limits,After speaking up for regulation on data centers, Seattle activists say they were called into meetings with HR.,Hayden Fi ...	English News Foreign Country Blog
17	wired	https://www.wired.com/	Grade Expectations,How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members,Leaked files show the invite-only network grades members by their money and fame, shaping who’s in, who’s out, and ...	English News Blog

security_company

No	Image	Name	URL	Excerpt Of Changes	Tag
1		Compass Security	https://www.compass-security.com/	Read more,Workshop: CySec in Public Transport,28.10.2026,The integrity and availability of data is crucial for the smooth operation of public transport. In this workshop, developed by onway ag and Com ...	English Web Audit Company CTF Education Incident Response Forensic E-Learning
2		Positive Technologies	https://www.ptsecurity.com/	ВЕБИНАР,Зарегистрироваться,Ландшафт киберугроз: от модного термина к рабочему инструменту,23 июня в 14:00,Зарегистрироваться,ПРОДУКТ,Оставить заявку,Готова ли ваша инфраструктура к реальной атаке?,Про ...	English News News Web Audit Network Audit Company Smartphone Audit WAF Forensic Pentest SIEM Vulnerability Management Vulnerability Management ERP Security ERP Security Infra Security

blog

No	Image	Name	URL	Excerpt Of Changes	Tag
1		Qualys Security Blog	https://blog.qualys.com/	Diksha Ojha,June 18, 2026,- 3 min read,Oracle Critical Patch Update, June 2026 Security Update Review,Posted in,Patch Tuesday,,,Vulnerabilities and Threat Research,1,3,4,25	English Major Foreign Country Blog Information Provision
2		Redhat's Official Blog	https://www.redhat.com/ja/blog	製品,プラットフォーム製品,Red Hat AI icon,artificial intelligence, Red Hat Enterprise Linux AI, Red Hat OpenShift AI, RHEL AI, machine learning,38,38,2025-03-12T19:43:40.963Z,image/svg+xml,Red Hat AI icon,artific ...	English Major Company Blog Information Provision

organization

No	Name	URL	Excerpt Of Changes	Tag
1	Center for Internet Security	https://www.cisecurity.org/	White Paper: You Have a Cybersecurity Incident.,Cyber incidents move fast, but outcomes depend on coordinated defense.,Download Now,White Paper,06.18.2026,Illicit Sports Betting and Match Integrity Ri ...	English Foreign Country Organization Information Provision
2	National Vulnerability Database	https://nvd.nist.gov/	CVE-2026-46859,- Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows ...	English Organization Government
3	OWASP	https://www.owasp.org/	Aikido and OWASP bring agentic Code Audit to the global AppSec community,Andrew van der Stock,, June 18, 2026,Aikido Security and OWASP launch a new individual member benefit: pentester-grade code au ...	English Organization

vulnerability_notification_site

No	Image	Name	URL	Excerpt Of Changes	Tag
1		VULNERABILITY LAB	https://www.vulnerability-lab.com/	[,MAGAZINE,][,GALLERY,][,BUG BOUNTY LIST,][,HACKTIVITY,],\|,\|,Account,:,[,Registration,],Role,:,[,Anonymous,],Researcher,:,1848,Advisories,:,1138,Documents,:,42,Videos,:,242,Date,:,19.06.2026,TZ,:,01:0 ...	English News Windows Linux/Unix Mac OS Information Provision Android iOS Exploit

Security Advisary

No	Image	Name	URL	Excerpt Of Changes	Tag
1		Drupal Security Information	https://www.drupal.org/security	JavaScript is disabled in your browser.,Please enable JavaScript to proceed.,A required part of this site couldn’t load. This may be due to a browser extension, network issues, or browser settin ...	English Foreign Country Security Advisories

2026-6-18 JST

media_news

No	Image	Name	URL	Excerpt Of Changes	Tag
1		securityledger.com	https://securityledger.com/	Wednesday, June 17, 2026,SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies,June 17, 2026,\|,cybernewswire,Austin, TX, USA, 17th June 2026,...,Cont ...	English News Foreign Country Information Provision

security_company

No	Image	Name	URL	Excerpt Of Changes	Tag
1		nVisium LLC	https://www.netspi.com/	I’m Just Asking Questions: Social Engineering as a Reporter,Rafael Seferyan,Dive into this real-world social engineering assessment where a fake anonymous tip and an adversary-in-the-middle framework ...	English Web Audit Network Audit Source Code Audit Smartphone Audit IoT Audit Consulting Education Cloud Security

tool

No	Image	Name	URL	Excerpt Of Changes	Tag
1		Parrot Security OS	https://github.com/ParrotSec	parrot-menu,Public,backup repository,https://dev.parrotsec.org/parrot/parrot-menu/,ParrotSec/parrot-menu’s past year of commit activity,Go,18,16,1,1,Updated,Jun 17, 2026,Jun 17, 2026,Jun 17, 2026,5,57 ...	English Web Audit Network Audit Tools Foreign Country Hacking Forensic Pentest Windows Linux/Unix Mac OS
2		Suricata	https://suricata.io/	We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.,Ok,Privacy policy	English Tools Open Source IDS/IPS Management

blog

No	Image	Name	URL	Excerpt Of Changes	Tag
1		Hacking Articles	https://www.hackingarticles.in/	Command and Control,,,Red Teaming,A Detailed Guide on Villain C2 Framework,June 17, 2026,by,raj,9 Min Reading,Overview Villain is an open-source command-and-control (C2) framework developed by t3l3mac ...	English Web Audit Foreign Country Hacking Education Blog Pentest Information Provision
2		Sentinel One Blog	https://jp.sentinelone.com/blog/	Company \| 6 minute read,The Agentic SOC: Solving Security’s Investigation Capacity Crisis in the Frontier AI Era,Company \| 8 minute read,The Agentic SOC: Solving Security’s Investigation C ...	English Foreign Country Company Blog Information Provision

Security Advisary

No	Image	Name	URL	Excerpt Of Changes	Tag
1		Debian Security Advisory	https://www.debian.org/security/	[17 Jun 2026],T,DSA-6350-1 firefox-esr,security update,[17 Jun 2026],T,DSA-6349-1 atril,security update,Last Modified: Sat, Oct 18 11:51:55 UTC 2025 Last Built: Wed, Jun 17 19:29:19 UTC 2026	English Linux/Unix Security Advisories