Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2241 7.5 重要
Network 		マイクロソフト Microsoft Entra ID Microsoft Entra ID のスプーフィングの脆弱性 CWE-200
情報漏えい 		CVE-2026-40379 2026-05-25 10:22 2026-05-12 Show GitHub Exploit DB Packet Storm
2242 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-4055 2026-05-25 10:22 2026-05-21 Show GitHub Exploit DB Packet Storm
2243 7.8 重要
Local 		Samba Project rsync Samba Projectのrsyncにおけるレングスパラメーターの不整合による処理に関する脆弱性 CWE-130
レングスパラメーターの不整合による不適切な処理 		CVE-2026-41035 2026-05-25 10:22 2026-04-16 Show GitHub Exploit DB Packet Storm
2244 9.8 緊急
Network 		NASA F Prime NASAのF Primeにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-41144 2026-05-25 10:22 2026-04-22 Show GitHub Exploit DB Packet Storm
2245 7.8 重要
Local 		DevSpace DevSpace DevSpaceにおける複数の脆弱性 CWE-200
CWE-306
CVE-2026-42283 2026-05-25 10:22 2026-05-14 Show GitHub Exploit DB Packet Storm
2246 10 緊急
Network 		マイクロソフト
The Foreman		 Azure Resource Manager
Azure Local 		Azure Local 向けディスコネクテッド オペレーション サービスの特権昇格の脆弱性 CWE-287
CWE-noinfo
CVE-2026-42822 2026-05-25 10:22 2026-05-18 Show GitHub Exploit DB Packet Storm
2247 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不完全なクリーンアップに関する脆弱性 CWE-459
不完全なクリーンアップ 		CVE-2026-43395 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
2248 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-43396 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
2249 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-43397 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
2250 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-43398 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2931 8.3 HIGH
Network 		google chrome Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch… CWE-416
 Use After Free 		CVE-2026-9893 2026-06-3 11:24 2026-05-29 Show GitHub Exploit DB Packet Storm
2932 8.3 HIGH
Network 		google chrome Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr… CWE-416
 Use After Free 		CVE-2026-9894 2026-06-3 11:20 2026-05-29 Show GitHub Exploit DB Packet Storm
2933 8.3 HIGH
Network 		google chrome Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. … CWE-125
Out-of-bounds Read 		CVE-2026-9895 2026-06-3 11:20 2026-05-29 Show GitHub Exploit DB Packet Storm
2934 8.3 HIGH
Network 		google chrome Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… CWE-416
 Use After Free 		CVE-2026-9899 2026-06-3 11:20 2026-05-29 Show GitHub Exploit DB Packet Storm
2935 8.3 HIGH
Network 		google chrome Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… CWE-787
 Out-of-bounds Write 		CVE-2026-9900 2026-06-3 11:17 2026-05-29 Show GitHub Exploit DB Packet Storm
2936 8.3 HIGH
Network 		google chrome Use after free in Accessibility in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML … CWE-416
 Use After Free 		CVE-2026-9902 2026-06-3 11:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2937 5.0 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a… CWE-20
 Improper Input Validation  		CVE-2026-9903 2026-06-3 11:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2938 8.3 HIGH
Network 		google chrome Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-9904 2026-06-3 11:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2939 5.5 MEDIUM
Local 		element synapse Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing o… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-45078 2026-06-3 11:15 2026-05-29 Show GitHub Exploit DB Packet Storm
2940 6.5 MEDIUM
Network 		encode starlette Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP `Host` request header was not validated before being used to reconstruct `request.url`. Because the routing algorit… CWE-444
HTTP Request Smuggling 		CVE-2026-48710 2026-06-3 11:14 2026-05-27 Show GitHub Exploit DB Packet Storm