Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
133591	4.8	警告 Network	シスコシステムズ	Cisco Web セキュリティ仮想アプライアンス	Cisco Web セキュリティ仮想アプライアンスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-1271	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133592	6.5	警告 Network	シスコシステムズ	Cisco Data Center Network Manager	Cisco Data Center Network Manager における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2021-1270	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133593	6.3	警告 Network	シスコシステムズ	Cisco Data Center Network Manager	Cisco Data Center Network Manager における不正な認証に関する脆弱性	CWE-863 CWE-noinfo	CVE-2021-1269	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133594	6.5	警告 Network	シスコシステムズ	Cisco DNA Center	Cisco DNA Center における重要な情報の平文保存に関する脆弱性	CWE-312 重要な情報の平文保存	CVE-2021-1265	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133595	8.8	重要 Network	シスコシステムズ	Cisco DNA Center	Cisco DNA Center における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2021-1264	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133596	8.8	重要 Network	シスコシステムズ	Cisco DNA Center	Cisco DNA Center ソフトウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2021-1257	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133597	5.4	警告 Network	シスコシステムズ	Cisco Data Center Network Manager	Cisco Data Center Network Manager における不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2021-1255	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133598	5.4	警告 Network	シスコシステムズ	Cisco Data Center Network Manager	Cisco Data Center Network Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-1253	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133599	7.3	重要 Network	シスコシステムズ	Cisco Data Center Network Manager	Cisco Data Center Network Manager における不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2021-1133	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

133600	5.3	警告 Network	シスコシステムズ	Cisco Web セキュリティアプライアンス Cisco コンテンツセキュリティ管理アプライアンス Cisco E メールセキュリティアプライアンス	複数の Cisco 製品における送信データへの重要な情報の挿入に関する脆弱性	CWE-201 送信データへの重要な情報の挿入	CVE-2021-1129	2021-09-27 18:05	2021-01-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
11	8.8	HIGH Network	google	chrome	Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox vi… Update	CWE-20 Improper Input Validation	CVE-2026-11235	2026-06-10 03:44	2026-06-5	Show	GitHub Exploit DB Packet Storm

12	8.3	HIGH Network	google	chrome	Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via… Update	CWE-602 Client-Side Enforcement of Server-Side Security	CVE-2026-11236	2026-06-10 03:42	2026-06-5	Show	GitHub Exploit DB Packet Storm

13	8.3	HIGH Network	google	chrome	Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTM… Update	CWE-20 Improper Input Validation	CVE-2026-11237	2026-06-10 03:41	2026-06-5	Show	GitHub Exploit DB Packet Storm

14	6.5	MEDIUM Network	google	chrome	Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) Update	CWE-457 Use of Uninitialized Variable	CVE-2026-11268	2026-06-10 03:38	2026-06-5	Show	GitHub Exploit DB Packet Storm

15	8.8	HIGH Network	google	chrome	Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform p… Update	CWE-20 Improper Input Validation	CVE-2026-11272	2026-06-10 03:34	2026-06-5	Show	GitHub Exploit DB Packet Storm

16	4.3	MEDIUM Network	google	chrome	Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security se… Update	CWE-284 Improper Access Control	CVE-2026-11274	2026-06-10 03:32	2026-06-5	Show	GitHub Exploit DB Packet Storm

17	9.3	CRITICAL Network	checkpoint	gaia_os gaia_embedded	A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish … New	CWE-287 Improper Authentication	CVE-2026-50751	2026-06-10 03:30	2026-06-8	Show	GitHub Exploit DB Packet Storm

18	4.3	MEDIUM Network	google	chrome	Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium se… Update	CWE-284 Improper Access Control	CVE-2026-11277	2026-06-10 03:26	2026-06-5	Show	GitHub Exploit DB Packet Storm

19	5.8	MEDIUM Network	-	-	On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is … Update	CWE-1023 Incomplete Comparison with Missing Factors	CVE-2026-7473	2026-06-10 03:17	2026-06-6	Show	GitHub Exploit DB Packet Storm

20	8.8	HIGH Network	-	-	The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid I… New	CWE-89 SQL Injection	CVE-2026-50636	2026-06-10 03:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed