Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2451	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-11148	2026-06-9 14:18	2026-06-4	Show	GitHub Exploit DB Packet Storm

2452	6.1	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-11150	2026-06-9 14:18	2026-06-4	Show	GitHub Exploit DB Packet Storm

2453	7.5	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-11151	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

2454	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-11152	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

2455	9.1	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける物理サイドチャネルの不適切な保護に関する脆弱性	CWE-1300 物理サイドチャネルの不適切な保護	CVE-2026-11153	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

2456	7.5	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-11154	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

2457	4.3	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-11155	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

2458	4.3	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-11156	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

2459	5.4	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-11157	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

2460	8.6	重要 Local	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-11158	2026-06-9 14:17	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
401	7.8	HIGH Local	anydesk	anydesk	AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert mal… New	CWE-428 Unquoted Search Path or Element	CVE-2016-20094	2026-06-26 22:02	2026-06-20	Show	GitHub Exploit DB Packet Storm

402	7.8	HIGH Local	malwarebytes	malwarebytes	Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root path… New	CWE-428 Unquoted Search Path or Element	CVE-2022-50971	2026-06-26 21:59	2026-06-20	Show	GitHub Exploit DB Packet Storm

403	6.5	MEDIUM Network	struktur	libheif	libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unit_offset + unit_size. Becau… New	CWE-125 Out-of-bounds Read	CVE-2026-49271	2026-06-26 21:33	2026-06-20	Show	GitHub Exploit DB Packet Storm

404	7.5	HIGH Network	sunnyadn	js-toml	js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written `parseBigI… New	CWE-400 CWE-407 CWE-1333 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity Inefficient Regular Expression Complexity	CVE-2026-49293	2026-06-26 21:11	2026-06-20	Show	GitHub Exploit DB Packet Storm

405	-		-	-	wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the … New	CWE-354 Improper Validation of Integrity Check Value	CVE-2026-8720	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

406	-		-	-	iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP addr… New	CWE-295 Improper Certificate Validation	CVE-2026-7532	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

407	-		-	-	PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted. New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-7511	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

408	5.4	MEDIUM Network	-	-	A vulnerability in jupyter/nbconvert versions <= 7.17.0 allows for Cross-site Scripting (XSS) via unsanitized `text/vnd.mermaid` output in HTML exports. The `data_mermaid` block in `share/templates/l… New	CWE-79 Cross-site Scripting	CVE-2026-6658	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

409	-		-	-	The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The consta… New	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2026-6330	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

410	-		-	-	PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the loc… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6329	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm