Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
133281 6.1 警告
Network 		株式会社アクティブフュージョンズ 注文ステータス一括変更プラグイン EC-CUBE 用プラグイン「注文ステータス一括変更プラグイン」におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-20828 2021-09-16 12:04 2021-09-16 Show GitHub Exploit DB Packet Storm
133282 8.8 重要
Network 		アドビシステムズ Adobe Acrobat
Adobe Acrobat DC
Adobe Acrobat Reader DC 		Adobe Reader および Acrobat における境界外読み取りの脆弱性 CWE-125
境界外読み取り 		CVE-2021-28565 2021-09-16 11:31 2021-05-11 Show GitHub Exploit DB Packet Storm
133283 9.9 緊急
Network 		Express Tech Quiz And Survey Master WordPress 用 Quiz and Survey Master プラグインにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2020-35951 2021-09-15 18:01 2020-08-13 Show GitHub Exploit DB Packet Storm
133284 7.4 重要
Network 		Electron Technologies FZC Pagelayer WordPress 用 PageLayer プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35947 2021-09-15 18:01 2020-05-28 Show GitHub Exploit DB Packet Storm
133285 5.4 警告
Network 		Semper Fi Web Design All in One SEO Pack WordPress 用 All in One SEO Pack プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35946 2021-09-15 18:01 2020-07-16 Show GitHub Exploit DB Packet Storm
133286 8.8 重要
Network 		Electron Technologies FZC Pagelayer WordPress 用 PageLayer プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-352
CWE-79
CVE-2020-35944 2021-09-15 18:01 2020-05-28 Show GitHub Exploit DB Packet Storm
133287 8.8 重要
Network 		PickPlugins Post Grid
Team Showcase 		WordPress 用 Team Showcase プラグインにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2020-35939 2021-09-15 18:01 2020-10-5 Show GitHub Exploit DB Packet Storm
133288 8.8 重要
Network 		PickPlugins Post Grid
Team Showcase 		WordPress 用 Post Grid プラグインにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2020-35938 2021-09-15 18:01 2020-10-5 Show GitHub Exploit DB Packet Storm
133289 8 重要
Network 		PickPlugins Post Grid
Team Showcase 		WordPress 用 Team Showcase プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35937 2021-09-15 18:01 2020-10-5 Show GitHub Exploit DB Packet Storm
133290 8 重要
Network 		PickPlugins Post Grid
Team Showcase 		WordPress 用 Post Grid プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35936 2021-09-15 18:00 2020-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
131 8.8 HIGH
Network 		google chrome Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High) New CWE-472
 External Control of Assumed-Immutable Web Parameter 		CVE-2026-10986 2026-06-6 10:48 2026-06-5 Show GitHub Exploit DB Packet Storm
132 8.8 HIGH
Network 		google chrome Use after free in WebXR in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New CWE-416
 Use After Free 		CVE-2026-10982 2026-06-6 10:45 2026-06-5 Show GitHub Exploit DB Packet Storm
133 8.8 HIGH
Network 		google chrome Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High) New CWE-416
 Use After Free 		CVE-2026-10978 2026-06-6 10:45 2026-06-5 Show GitHub Exploit DB Packet Storm
134 8.8 HIGH
Network 		google chrome Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New CWE-416
 Use After Free 		CVE-2026-10975 2026-06-6 10:45 2026-06-5 Show GitHub Exploit DB Packet Storm
135 8.3 HIGH
Network 		google chrome Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr… New CWE-416
 Use After Free 		CVE-2026-10967 2026-06-6 10:44 2026-06-5 Show GitHub Exploit DB Packet Storm
136 8.3 HIGH
Network 		google chrome Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte… New CWE-416
 Use After Free 		CVE-2026-10961 2026-06-6 10:44 2026-06-5 Show GitHub Exploit DB Packet Storm
137 6.5 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a … New CWE-20
 Improper Input Validation  		CVE-2026-10912 2026-06-6 10:43 2026-06-5 Show GitHub Exploit DB Packet Storm
138 6.1 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (… New CWE-20
 Improper Input Validation  		CVE-2026-10916 2026-06-6 10:43 2026-06-5 Show GitHub Exploit DB Packet Storm
139 8.8 HIGH
Network 		google chrome Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: High) New CWE-416
 Use After Free 		CVE-2026-10923 2026-06-6 10:43 2026-06-5 Show GitHub Exploit DB Packet Storm
140 6.3 MEDIUM
Network 		google chrome Inappropriate implementation in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) New CWE-284
Improper Access Control 		CVE-2026-11187 2026-06-6 10:42 2026-06-5 Show GitHub Exploit DB Packet Storm