Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4191	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-8001	2026-05-8 12:14	2026-05-6	Show	GitHub Exploit DB Packet Storm

4192	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-8002	2026-05-8 12:14	2026-05-6	Show	GitHub Exploit DB Packet Storm

4193	5.4	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-8003	2026-05-8 12:14	2026-05-6	Show	GitHub Exploit DB Packet Storm

4194	4.3	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-8004	2026-05-8 12:14	2026-05-6	Show	GitHub Exploit DB Packet Storm

4195	4.3	警告 Adjacent	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-8005	2026-05-8 12:14	2026-05-6	Show	GitHub Exploit DB Packet Storm

4196	9.1	緊急 Network	日立ヴァンタラ	Pentaho Data Integration and Analytics	日立ヴァンタラのPentaho Data Integration and Analyticsにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-11158	2026-05-8 12:12	2026-03-10	Show	GitHub Exploit DB Packet Storm

4197	7.8	重要 Local	Mobatek	MobaXterm	MobatekのMobaXtermにおける引用されない検索パスまたは要素に関する脆弱性	CWE-428 引用されない検索パスまたは要素	CVE-2026-25866	2026-05-8 12:12	2026-03-9	Show	GitHub Exploit DB Packet Storm

4198	8.8	重要 Network	Quantum Networks	QN-I-470 Firmware	Quantum NetworksのQN-I-470 FirmwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-41036	2026-05-8 12:11	2026-04-21	Show	GitHub Exploit DB Packet Storm

4199	8.8	重要 Adjacent	Quantum Networks	QN-I-470 Firmware	Quantum NetworksのQN-I-470 Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-41037	2026-05-8 12:11	2026-04-21	Show	GitHub Exploit DB Packet Storm

4200	8.8	重要 Adjacent	Quantum Networks	QN-I-470 Firmware	Quantum NetworksのQN-I-470 Firmwareにおける脆弱なパスワードの要求に関する脆弱性	CWE-521 脆弱なパスワードポリシー	CVE-2026-41038	2026-05-8 12:11	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313741	6.4	MEDIUM Network	-	-	The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.0 due to insufficient input sanitizat…	CWE-79 Cross-site Scripting	CVE-2024-8960	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313742	-		-	-	The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.0 via the 'ce_template' shortcode due to insufficient restriction…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-10779	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313743	4.3	MEDIUM Network	-	-	The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info() function in all versions up to, and including, 2.2. This makes it poss…	CWE-862 Missing Authorization	CVE-2024-10588	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313744	6.5	MEDIUM Network	-	-	The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21_single_sign_on_save_api_settings' function in versions up to, and…	CWE-862 Missing Authorization	CVE-2024-10294	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313745	9.8	CRITICAL Network	-	-	The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attack…	CWE-200 Information Exposure	CVE-2024-10285	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313746	-		-	-	A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log…	-	CVE-2024-52314	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313747	-		-	-	An authenticated data.all user is able to manipulate a getDataset query to fetch additional information regarding the parent Environment resource that the user otherwise would not able to fetch by di…	-	CVE-2024-52313	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313748	-		-	-	Due to inconsistent authorization permissions, data.all may allow an external actor with an authenticated account to perform restricted operations against DataSets and Environments.	-	CVE-2024-52312	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313749	-		-	-	Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired.	-	CVE-2024-52311	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

313750	-		-	-	An authenticated data.all user is able to perform mutating UPDATE operations on persisted Notification records in data.all for group notifications that their user is not a member of.	-	CVE-2024-10953	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm