Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4621	7.5	重要 Network	getkirby	kirby	getkirbyのkirbyにおけるブラインド XPath インジェクションの脆弱性	CWE-91 ブラインド XPath インジェクション	CVE-2026-32870	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

4622	9.8	緊急 Network	Roxy-WI	Roxy-WI	Roxy-WIにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33076	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

4623	7.5	重要 Network	Roxy-WI	Roxy-WI	Roxy-WIにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33077	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

4624	9.8	緊急 Network	Roxy-WI	Roxy-WI	Roxy-WIにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-33078	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

4625	8.8	重要 Network	Roxy-WI	Roxy-WI	Roxy-WIにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-33208	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

4626	7.5	重要 Network	PowerDNS	dnsdist	PowerDNSのdnsdistにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-33254	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4627	7.5	重要 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS Recursorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-33256	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4628	7.5	重要 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS Recursorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-33258	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4629	5	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS Recursorにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-33259	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4630	5.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS Recursorにおける完全性チェックの欠如に関する脆弱性	CWE-353 完全性チェックの欠如	CVE-2026-33261	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
121	5.5	MEDIUM Local	samsung	android	Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. New	NVD-CWE-noinfo	CVE-2026-21028	2026-06-6 11:00	2026-06-5	Show	GitHub Exploit DB Packet Storm

122	7.8	HIGH Local	samsung	android	Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations. New	NVD-CWE-Other	CVE-2026-21029	2026-06-6 11:00	2026-06-5	Show	GitHub Exploit DB Packet Storm

123	7.8	HIGH Local	samsung	android	Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions. New	NVD-CWE-noinfo	CVE-2026-21030	2026-06-6 11:00	2026-06-5	Show	GitHub Exploit DB Packet Storm

124	7.8	HIGH Local	samsung	android	Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability. New	CWE-863 Incorrect Authorization	CVE-2026-21031	2026-06-6 10:59	2026-06-5	Show	GitHub Exploit DB Packet Storm

125	6.5	MEDIUM Network	google	chrome	Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity:… New	CWE-284 Improper Access Control	CVE-2026-11204	2026-06-6 10:59	2026-06-5	Show	GitHub Exploit DB Packet Storm

126	6.5	MEDIUM Network	google	chrome	Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medi… New	CWE-693 Protection Mechanism Failure	CVE-2026-11206	2026-06-6 10:59	2026-06-5	Show	GitHub Exploit DB Packet Storm

127	9.6	CRITICAL Network	google	chrome	Insufficient validation of untrusted input in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromi… New	CWE-20 Improper Input Validation	CVE-2026-11207	2026-06-6 10:59	2026-06-5	Show	GitHub Exploit DB Packet Storm

128	6.5	MEDIUM Network	google	chrome	Use after free in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security … New	CWE-416 Use After Free	CVE-2026-11208	2026-06-6 10:58	2026-06-5	Show	GitHub Exploit DB Packet Storm

129	6.5	MEDIUM Network	google	chrome	Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from p… New	CWE-200 Information Exposure	CVE-2026-11209	2026-06-6 10:58	2026-06-5	Show	GitHub Exploit DB Packet Storm

130	6.5	MEDIUM Network	google	chrome	Inappropriate implementation in Safe Browsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted RAR file. (Chromium security sever… New	CWE-284 Improper Access Control	CVE-2026-11210	2026-06-6 10:58	2026-06-5	Show	GitHub Exploit DB Packet Storm