Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2711	6.3	警告 Network	neutrinolabs	xrdp	neutrinolabsのxrdpにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-33145	2026-04-28 10:13	2026-04-17	Show	GitHub Exploit DB Packet Storm

2712	9.1	緊急 Network	neutrinolabs	xrdp	neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-33516	2026-04-28 10:13	2026-04-17	Show	GitHub Exploit DB Packet Storm

2713	9.1	緊急 Network	neutrinolabs	xrdp	neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-33689	2026-04-28 10:13	2026-04-17	Show	GitHub Exploit DB Packet Storm

2714	2.9	低 Local	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-34268	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2715	9.8	緊急 Network	オラクル	Oracle Advanced Inbound Telephony	オラクルのOracle Advanced Inbound Telephonyにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-34275	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2716	7.5	重要 Network	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-34282	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2717	2.4	低 Network	オラクル	Oracle Database	オラクルのOracle Databaseにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-34312	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2718	5.3	警告 Network	Electron	electron	Electronのelectronにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34776	2026-04-28 10:13	2026-04-4	Show	GitHub Exploit DB Packet Storm

2719	5.4	警告 Network	オラクル	Oracle Fusion Middleware	オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35232	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2720	6.4	警告 Network	オラクル	Oracle Fusion Middleware	オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35252	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
571	8.8	HIGH Network	-	-	Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Hig… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-8529	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

572	8.8	HIGH Network	-	-	Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-8532	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

573	8.8	HIGH Network	-	-	Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New	CWE-843 Type Confusion	CVE-2026-8540	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

574	8.8	HIGH Network	-	-	Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-8544	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

575	7.5	HIGH Network	-	-	Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via… New	CWE-862 Missing Authorization	CVE-2026-8547	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

576	8.8	HIGH Network	-	-	Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-8549	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

577	8.8	HIGH Network	-	-	Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page… New	CWE-416 Use After Free	CVE-2026-8551	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

578	8.8	HIGH Network	-	-	Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-8555	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

579	7.5	HIGH Network	-	-	Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (C… New	CWE-416 Use After Free	CVE-2026-8557	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

580	8.8	HIGH Network	-	-	Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) New	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-8577	2026-05-15 06:19	2026-05-15	Show	GitHub Exploit DB Packet Storm