Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
611 8 重要
Network 		Termix Termix Termixにおける証明書検証に関する脆弱性 New CWE-295
不正な証明書検証 		CVE-2026-45745 2026-06-9 14:14 2026-06-5 Show GitHub Exploit DB Packet Storm
612 9 緊急
Network 		Termix Termix Termixにおける複数の脆弱性 New CWE-284
CWE-639
CVE-2026-45746 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
613 9.8 緊急
Network 		Termix Termix TermixにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-45748 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
614 8.1 重要
Network 		Termix Termix Termixにおける単一要素認証の使用に関する脆弱性 New CWE-308
単一要素認証の使用 		CVE-2026-45749 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
615 9 緊急
Network 		Termix Termix Termixにおける複数の脆弱性 New CWE-639
CWE-78
CVE-2026-45750 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
616 7.5 重要
Network 		マイクロソフト Copilot Chat (Microsoft Edge) Copilot Chat (Microsoft Edge) の情報漏えいの脆弱性 New CWE-74
インジェクション 		CVE-2026-47644 2026-06-9 14:13 2026-06-4 Show GitHub Exploit DB Packet Storm
617 8.1 重要
Network 		7-Zip 7-Zip 7-Zipにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-48092 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
618 8.8 重要
Network 		7-Zip 7-Zip 7-Zipにおける複数の脆弱性 New CWE-190
CWE-787
CVE-2026-48095 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
619 6.5 警告
Network 		7-Zip 7-Zip 7-Zipにおける初期化されていないリソースの使用に関する脆弱性 New CWE-908
初期化されていないリソースの使用 		CVE-2026-48101 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
620 4.3 警告
Network 		7-Zip 7-Zip 7-Zipにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-48102 2026-06-9 14:13 2026-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
391 6.1 MEDIUM
Network 		- - OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embeddi… New CWE-79
Cross-site Scripting 		CVE-2026-25860 2026-06-11 04:41 2026-06-10 Show GitHub Exploit DB Packet Storm
392 6.1 MEDIUM
Network 		- - OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious content through th… New CWE-79
Cross-site Scripting 		CVE-2026-34417 2026-06-11 04:41 2026-06-10 Show GitHub Exploit DB Packet Storm
393 7.8 HIGH
Local 		microsoft windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025 		Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. New CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2026-42978 2026-06-11 04:38 2026-06-10 Show GitHub Exploit DB Packet Storm
394 7.0 HIGH
Local 		microsoft windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025 		Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. New CWE-416
 Use After Free 		CVE-2026-42984 2026-06-11 04:37 2026-06-10 Show GitHub Exploit DB Packet Storm
395 7.5 HIGH
Network 		apache
f5
debian 		http_server
nginx
debian_linux 		Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 … New CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2026-49975 2026-06-11 04:36 2026-06-9 Show GitHub Exploit DB Packet Storm
396 7.3 HIGH
Network 		apache http_server Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67. New CWE-416
 Use After Free 		CVE-2026-48913 2026-06-11 04:31 2026-06-9 Show GitHub Exploit DB Packet Storm
397 8.8 HIGH
Network 		hcltech digital_experience
digital_experience_compose 		HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API.  An attacker may execute arbitrary operating system commands, typically inheriting the… Update CWE-78
OS Command  		CVE-2026-21837 2026-06-11 04:25 2026-06-5 Show GitHub Exploit DB Packet Storm
398 6.1 MEDIUM
Network 		hcltech digital_experience_compose
digital_experience 		HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection.  An attacker can manipulate the Host header and cause the application to behave in unexpected … Update CWE-601
Open Redirect 		CVE-2026-21826 2026-06-11 04:24 2026-06-5 Show GitHub Exploit DB Packet Storm
399 6.1 MEDIUM
Network 		hcltech digital_experience_compose
digital_experience 		HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center.  An attacker could execute arbitrary JavaScript in the victim's browser. Update CWE-79
Cross-site Scripting 		CVE-2026-21825 2026-06-11 04:24 2026-06-5 Show GitHub Exploit DB Packet Storm
400 8.8 HIGH
Network 		google chrome Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) Update CWE-125
Out-of-bounds Read 		CVE-2026-11279 2026-06-11 04:22 2026-06-5 Show GitHub Exploit DB Packet Storm