Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1171	6.4	警告 Local	レッドハット	Red Hat OpenShift Data Foundation	レッドハットのRed Hat OpenShift Data Foundationにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2025-8766	2026-06-8 12:27	2026-03-13	Show	GitHub Exploit DB Packet Storm

1172	8.8	重要 Network	Amazon.com, Inc.	Kiro IDE	Amazon.com, Inc.のKiro IDEにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-10591	2026-06-8 12:27	2026-06-2	Show	GitHub Exploit DB Packet Storm

1173	4.3	警告 Network	MISP	MISP	MISPにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-10854	2026-06-8 12:27	2026-06-4	Show	GitHub Exploit DB Packet Storm

1174	8.8	重要 Network	D-Link Systems, Inc.	DWR-M920 ファームウェア	D-Link CorporationのDWR-M920 ファームウェアにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-10878	2026-06-8 12:27	2026-06-5	Show	GitHub Exploit DB Packet Storm

1175	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける複数の脆弱性	CWE-125 CWE-787	CVE-2026-10881	2026-06-8 12:27	2026-06-4	Show	GitHub Exploit DB Packet Storm

1176	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-10882	2026-06-8 12:27	2026-06-4	Show	GitHub Exploit DB Packet Storm

1177	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-10883	2026-06-8 12:27	2026-06-4	Show	GitHub Exploit DB Packet Storm

1178	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-10884	2026-06-8 12:27	2026-06-4	Show	GitHub Exploit DB Packet Storm

1179	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-10885	2026-06-8 12:27	2026-06-4	Show	GitHub Exploit DB Packet Storm

1180	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-10886	2026-06-8 12:26	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
319721	8.8	HIGH Network	mindsdb	mindsdb	An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases crea…	CWE-94 Code Injection	CVE-2024-45849	2024-09-17 02:34	2024-09-12	Show	GitHub Exploit DB Packet Storm

319722	8.8	HIGH Network	mindsdb	mindsdb	An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT…	CWE-94 Code Injection	CVE-2024-45848	2024-09-17 02:33	2024-09-12	Show	GitHub Exploit DB Packet Storm

319723	8.8	HIGH Network	mindsdb	mindsdb	An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPD…	CWE-94 Code Injection	CVE-2024-45847	2024-09-17 02:31	2024-09-12	Show	GitHub Exploit DB Packet Storm

319724	8.8	HIGH Network	mindsdb	mindsdb	An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted ‘SELECT…	CWE-94 Code Injection	CVE-2024-45846	2024-09-17 02:30	2024-09-12	Show	GitHub Exploit DB Packet Storm

319725	5.4	MEDIUM Network	rocket.chat	rocket.chat	The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external acti…	CWE-79 Cross-site Scripting	CVE-2024-45621	2024-09-17 02:28	2024-09-3	Show	GitHub Exploit DB Packet Storm

319726	5.4	MEDIUM Network	elabftw	elabftw	eLabFTW is an open source electronic lab notebook for research labs. By uploading specially crafted files, a regular user can create a circumstance where a visitor's browser runs arbitrary JavaScript…	CWE-79 Cross-site Scripting	CVE-2024-28100	2024-09-17 02:28	2024-09-3	Show	GitHub Exploit DB Packet Storm

319727	-		-	-	Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.	CWE-1245	CVE-2024-24968	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

319728	-		-	-	Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.	CWE-203 Information Exposure Through Discrepancy	CVE-2024-23984	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

319729	-		-	-	Race condition in Seamless Firmware Updates for some Intel(R) reference platforms may allow a privileged user to potentially enable denial of service via local access.	-	CVE-2024-23599	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

319730	-		-	-	Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.	CWE-20 Improper Input Validation	CVE-2024-21871	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm