Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3821	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	CX12L Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.のCX12L Pro Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-8138	2026-05-12 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

3822	7.8	重要 Local	NAVER Corp.	NAVER MYBOX Explorer for Windows	NAVER Corp.のNAVER MYBOX Explorer for Windowsにおける不適切な権限設定に関する脆弱性	CWE-266 不適切な権限設定	CVE-2026-8148	2026-05-12 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

3823	7.3	重要 Network	Project Jupyter	Jupyter Server	Project JupyterのJupyter Serverにおけるアンカーのない正規表現に関する脆弱性	CWE-777 アンカーのない正規表現	CVE-2026-40110	2026-05-12 10:19	2026-05-5	Show	GitHub Exploit DB Packet Storm

3824	6.1	警告 Network	HCL Technologies Limited	unica HCL Unica Plan HCL Unica Segment Central HCL Unica Centralized Offer Management HCL Unica Audience Campaign HCL U…	HCL Technologies Limitedのunica等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-62320	2026-05-12 10:19	2026-03-17	Show	GitHub Exploit DB Packet Storm

3825	5.5	警告 Local	ヒューレット・パッカード	Samsung Print Service Plugin	ヒューレット・パッカードのSamsung Print Service PluginにおけるAndroid アプリケーションコンポーネントの不適切なエクスポートの脆弱性	CWE-926 CWE-noinfo	CVE-2026-3291	2026-05-12 10:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

3826	8.8	重要 Network	langflow	langflow Langflow-base	langflowのLangflow-base等の複数製品における複数の脆弱性	CWE-639 CWE-862	CVE-2026-34046	2026-05-12 10:19	2026-03-27	Show	GitHub Exploit DB Packet Storm

3827	7.5	重要 Network	Gazelle project	Gazelle	KazeburoのGazelleにおけるHTTP リクエストスマグリングに関する脆弱性	CWE-444 HTTP リクエストスマグリング	CVE-2026-40562	2026-05-12 10:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

3828	5.3	警告 Network	opentelemetry	OpenTelemetry.Exporter.Zipkin	opentelemetryのOpenTelemetry.Exporter.Zipkinにおける複数の脆弱性	CWE-400 CWE-770	CVE-2026-41310	2026-05-12 10:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

3829	7.5	重要 Network	uuidjs	uuid	uuidjsのuuidにおける複数の脆弱性	CWE-787 CWE-823	CVE-2026-41907	2026-05-12 10:19	2026-04-24	Show	GitHub Exploit DB Packet Storm

3830	7.5	重要 Network	Amazon.com, Inc.	Bedrock Agentcore Starter Toolkit	Amazon.com, Inc.のBedrock Agentcore Starter Toolkitにおける複数の脆弱性	CWE-283 CWE-340	CVE-2026-4269	2026-05-12 10:19	2026-03-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
901	8.8	HIGH Network	google	chrome	Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-11699	2026-06-9 23:51	2026-06-9	Show	GitHub Exploit DB Packet Storm

902	9.6	CRITICAL Network	google	chrome	Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security… New	CWE-20 Improper Input Validation	CVE-2026-11697	2026-06-9 23:51	2026-06-9	Show	GitHub Exploit DB Packet Storm

903	5.3	MEDIUM Network	google	chrome	Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proc… New	CWE-457 Use of Uninitialized Variable	CVE-2026-11696	2026-06-9 23:51	2026-06-9	Show	GitHub Exploit DB Packet Storm

904	4.3	MEDIUM Network	google	chrome	Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) New	CWE-693 Protection Mechanism Failure	CVE-2026-11695	2026-06-9 23:50	2026-06-9	Show	GitHub Exploit DB Packet Storm

905	8.8	HIGH Network	google	chrome	Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-11698	2026-06-9 23:50	2026-06-9	Show	GitHub Exploit DB Packet Storm

906	5.3	MEDIUM Network	checkmk	checkmk	Incorrect authorization in the User Messages dashboard widget in Checkmk <2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather than the viewer's, allowing a… New	CWE-863 Incorrect Authorization	CVE-2026-7765	2026-06-9 23:49	2026-06-8	Show	GitHub Exploit DB Packet Storm

907	5.4	MEDIUM Network	checkmk	checkmk	Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validati… New	CWE-79 Cross-site Scripting	CVE-2026-8833	2026-06-9 23:49	2026-06-8	Show	GitHub Exploit DB Packet Storm

908	-		-	-	The Electron preload script in Logseq exposes an API method that allows the renderer process to invoke IPC handlers without proper path validation. An attacker with JavaScript execution in the render… New	CWE-749 Exposed Dangerous Method or Function	CVE-2026-47899	2026-06-9 23:47	2026-06-9	Show	GitHub Exploit DB Packet Storm

909	-		-	-	Logseq is vulnerable to a stored cross-site scripting (XSS). A malicious plugin can include a JavaScript payload in the "name" field of its "package.json" file, which is rendered using "innerHTML" wi… New	CWE-79 Cross-site Scripting	CVE-2026-47900	2026-06-9 23:47	2026-06-9	Show	GitHub Exploit DB Packet Storm

910	-		-	-	Logseq is vulnerable to a sandbox escape flaw where plugins running in sandboxed iframes can inject arbitrary HTML attributes, such as event handlers, into their container element in the host DOM. Du… New	CWE-79 Cross-site Scripting	CVE-2026-47901	2026-06-9 23:47	2026-06-9	Show	GitHub Exploit DB Packet Storm