Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2811	8.8	重要 Network	Lawnchair	Lawnchair	Lawnchairにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-39866	2026-04-27 11:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

2812	6.1	警告 Network	NetFoundry	zrok	NetFoundryのzrokにおける複数の脆弱性	CWE-116 CWE-79	CVE-2026-40302	2026-04-27 11:27	2026-04-17	Show	GitHub Exploit DB Packet Storm

2813	7.5	重要 Network	NetFoundry	zrok	NetFoundryのzrokにおける複数の脆弱性	CWE-400 CWE-789	CVE-2026-40303	2026-04-27 11:27	2026-04-17	Show	GitHub Exploit DB Packet Storm

2814	5.3	警告 Network	NetFoundry	zrok	NetFoundryのzrokにおける複数の脆弱性	CWE-284 CWE-863	CVE-2026-40304	2026-04-27 11:27	2026-04-17	Show	GitHub Exploit DB Packet Storm

2815	8.8	重要 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-40502	2026-04-27 11:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

2816	6.5	警告 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40503	2026-04-27 11:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

2817	8.8	重要 Network	FreePBX	API Module	FreePBXのAPI ModuleにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-40520	2026-04-27 11:26	2026-04-21	Show	GitHub Exploit DB Packet Storm

2818	6.1	警告 Network	Yusuke Inuzuka (yuin)	goldmark	Yusuke Inuzuka (yuin)のgoldmarkにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-5160	2026-04-27 11:26	2026-04-15	Show	GitHub Exploit DB Packet Storm

2819	6.5	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-0186	2026-04-27 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

2820	6.5	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-3922	2026-04-27 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
521	8.3	HIGH Network	-	-	Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:… New	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-8573	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

522	8.3	HIGH Network	-	-	Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v… New	CWE-693 Protection Mechanism Failure	CVE-2026-8571	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

523	6.5	MEDIUM Network	-	-	Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security sev… New	CWE-843 Type Confusion	CVE-2026-8570	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

524	8.3	HIGH Network	-	-	Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: … New	CWE-787 Out-of-bounds Write	CVE-2026-8569	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

525	4.3	MEDIUM Network	-	-	Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: … New	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-8567	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

526	4.7	MEDIUM Network	-	-	Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafte… New	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-8565	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

527	4.2	MEDIUM Network	-	-	Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: M… New	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-8564	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

528	5.4	MEDIUM Network	-	-	Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) New	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-8561	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

529	4.3	MEDIUM Network	-	-	Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium securi… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-8560	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

530	4.3	MEDIUM Network	-	-	Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium secu… New	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-8559	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm