Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
133291 6.5 警告
Network 		Tribulant Software Newsletters WordPress 用 Newsletter プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35933 2021-09-15 18:00 2020-08-3 Show GitHub Exploit DB Packet Storm
133292 8.8 重要
Network 		Tribulant Software Newsletters WordPress 用 Newsletter プラグインにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2020-35932 2021-09-15 18:00 2020-08-3 Show GitHub Exploit DB Packet Storm
133293 6.1 警告
Network 		HGiga MSR45 iSherlock-user
MSR45 iSherlock-antispam 		HGiga MailSherlock におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35741 2021-09-15 18:00 2020-12-30 Show GitHub Exploit DB Packet Storm
133294 6.1 警告
Network 		HGiga MSR45 iSherlock-user
MSR45 iSherlock-antispam 		HGiga MailSherlock におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-35740 2021-09-15 18:00 2020-12-30 Show GitHub Exploit DB Packet Storm
133295 7.5 重要
Network 		HGiga MSR45 iSherlock-user HGiga MailSherlock における脆弱性 CWE-noinfo
情報不足 		CVE-2020-25850 2021-09-15 18:00 2020-12-30 Show GitHub Exploit DB Packet Storm
133296 8.8 重要
Network 		Sunhater KCFinder Durupal 用 KCFinder integration プロジェクトにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2018-25002 2021-09-15 18:00 2018-05-9 Show GitHub Exploit DB Packet Storm
133297 7.7 重要
Network 		Combodo iTop Combodo iTop における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2020-4079 2021-09-15 17:58 2021-01-12 Show GitHub Exploit DB Packet Storm
133298 6.1 警告
Network 		RailsAdmin project RailsAdmin RailsAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-36190 2021-09-15 17:58 2020-03-14 Show GitHub Exploit DB Packet Storm
133299 5.4 警告
Network 		Carbonite, Inc. Server Backup Portal Server Backup Portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-13116 2021-09-15 17:58 2020-05-16 Show GitHub Exploit DB Packet Storm
133300 7.1 重要
Network 		TIBCO Software TIBCO EBX Add-ons TIBCO Software Inc. TIBCO EBX Add-ons における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2020-27148 2021-09-15 17:58 2020-10-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
71 6.5 MEDIUM
Network 		- - Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security… New CWE-457
 Use of Uninitialized Variable 		CVE-2026-11067 2026-06-6 03:16 2026-06-5 Show GitHub Exploit DB Packet Storm
72 8.8 HIGH
Network 		- - Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… New CWE-20
 Improper Input Validation  		CVE-2026-11041 2026-06-6 03:16 2026-06-5 Show GitHub Exploit DB Packet Storm
73 6.5 MEDIUM
Network 		- - Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) New CWE-125
Out-of-bounds Read 		CVE-2026-10985 2026-06-6 03:16 2026-06-5 Show GitHub Exploit DB Packet Storm
74 5.4 MEDIUM
Network 		- - Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity:… New CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-10984 2026-06-6 03:16 2026-06-5 Show GitHub Exploit DB Packet Storm
75 9.6 CRITICAL
Network 		- - Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit… New CWE-20
 Improper Input Validation  		CVE-2026-10983 2026-06-6 03:16 2026-06-5 Show GitHub Exploit DB Packet Storm
76 9.8 CRITICAL
Network 		- - NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages (such as administration.html… New CWE-306
Missing Authentication for Critical Function 		CVE-2025-71318 2026-06-6 03:16 2026-06-6 Show GitHub Exploit DB Packet Storm
77 9.8 CRITICAL
Network 		- - NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/log… New CWE-798
 Use of Hard-coded Credentials 		CVE-2025-71317 2026-06-6 03:16 2026-06-6 Show GitHub Exploit DB Packet Storm
78 8.8 HIGH
Network 		amazon kiro_ide Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions… Update CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-10591 2026-06-6 02:45 2026-06-3 Show GitHub Exploit DB Packet Storm
79 9.6 CRITICAL
Network 		google chrome Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) New CWE-416
 Use After Free 		CVE-2026-10886 2026-06-6 02:42 2026-06-5 Show GitHub Exploit DB Packet Storm
80 8.8 HIGH
Network 		google chrome Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) New CWE-416
 Use After Free 		CVE-2026-10885 2026-06-6 02:42 2026-06-5 Show GitHub Exploit DB Packet Storm