Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3041	9.8	緊急 Network	Shenzhen Tenda Technology Co.,Ltd.	i6 ファームウェア	Shenzhen Tenda Technology Co.,Ltd.のi6 ファームウェアにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-6024	2026-05-1 10:42	2026-04-10	Show	GitHub Exploit DB Packet Storm

3042	8.8	重要 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-352 CWE-862	CVE-2026-6109	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3043	9.8	緊急 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-6110	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3044	6.5	警告 Network	MetaGPT	MetaGPT	MetaGPTにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-6111	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3045	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F451 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF451 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-6120	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3046	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F451 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF451 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-6121	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3047	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F451 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF451 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-6122	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3048	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F451 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF451 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-6123	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3049	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F451 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF451 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-6124	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

3050	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F451 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF451 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-6133	2026-05-1 10:42	2026-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
871	7.5	HIGH Network	google	chrome	Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (C…	CWE-416 Use After Free	CVE-2026-8557	2026-05-19 10:31	2026-05-15	Show	GitHub Exploit DB Packet Storm

872	8.8	HIGH Network	google	chrome	Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-787 Out-of-bounds Write	CVE-2026-8558	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

873	4.3	MEDIUM Network	google	chrome	Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: H…	CWE-942 Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-8537	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

874	8.8	HIGH Network	google	chrome	Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-8532	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

875	8.3	HIGH Network	google	chrome	Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …	CWE-416 Use After Free	CVE-2026-8533	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

876	5.3	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a craf…	CWE-20 Improper Input Validation	CVE-2026-8538	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

877	8.8	HIGH Network	google	chrome	Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-843 Type Confusion	CVE-2026-8540	2026-05-19 10:29	2026-05-15	Show	GitHub Exploit DB Packet Storm

878	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef is accessible without authentication and executes request.ap…	CWE-862 Missing Authorization	CVE-2026-45667	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

879	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/{note_id} endpoint lacks proper authorization checks, allowin…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45666	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

880	8.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Banner component due…	CWE-79 Cross-site Scripting	CVE-2026-45665	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm