Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
871	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける型の取り違えに関する脆弱性	CWE-843 型の取り違え	CVE-2026-11052	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

872	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-11056	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

873	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける初期化されていない変数の使用に関する脆弱性	CWE-457 初期化されていない変数の使用	CVE-2026-11057	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

874	4.3	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるサーバ側のセキュリティのクライアント側での実施に関する脆弱性	CWE-602 サーバ側のセキュリティのクライアント側での実施	CVE-2026-11062	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

875	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-11063	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

876	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける初期化されていない変数の使用に関する脆弱性	CWE-457 初期化されていない変数の使用	CVE-2026-11064	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

877	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける初期化されていない変数の使用に関する脆弱性	CWE-457 初期化されていない変数の使用	CVE-2026-11067	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

878	6.5	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-11069	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

879	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-11070	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

880	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-11071	2026-06-9 14:20	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
255661	6.1	MEDIUM Network	mantisbt	source_integration	An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by cr…	CWE-79 Cross-site Scripting	CVE-2017-6958	2024-11-21 12:30	2017-03-17	Show	GitHub Exploit DB Packet Storm

255662	5.3	MEDIUM Network	teleogistic	invite_anyone	An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immut…	CWE-20 Improper Input Validation	CVE-2017-6955	2024-11-21 12:30	2017-03-17	Show	GitHub Exploit DB Packet Storm

255663	4.3	MEDIUM Network	buddypress	buddypress	An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper perm…	CWE-269 Improper Privilege Management	CVE-2017-6954	2024-11-21 12:30	2017-03-17	Show	GitHub Exploit DB Packet Storm

255664	8.8	HIGH Network	capstone-engine	capstone	Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or p…	CWE-190 Integer Overflow or Wraparound	CVE-2017-6952	2024-11-21 12:30	2017-03-17	Show	GitHub Exploit DB Packet Storm

255665	5.5	MEDIUM Local	linux	linux_kernel	The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key sy…	CWE-476 NULL Pointer Dereference	CVE-2017-6951	2024-11-21 12:30	2017-03-17	Show	GitHub Exploit DB Packet Storm

255666	8.1	HIGH Network	call-cc	chicken	An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsani…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-6949	2024-11-21 12:30	2017-03-17	Show	GitHub Exploit DB Packet Storm

255667	4.3	MEDIUM Network	bigtreecms	bigtree_cms	CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the admin/settings/update/ page. The Navigation Social can be changed.	CWE-352 Origin Validation Error	CVE-2017-6918	2024-11-21 12:30	2017-03-16	Show	GitHub Exploit DB Packet Storm

255668	4.3	MEDIUM Network	bigtreecms	bigtree_cms	CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed.	CWE-352 Origin Validation Error	CVE-2017-6917	2024-11-21 12:30	2017-03-16	Show	GitHub Exploit DB Packet Storm

255669	4.3	MEDIUM Network	bigtreecms	bigtree_cms	CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to the admin/settings/update/ page. The Navigation Social can be changed.	CWE-352 Origin Validation Error	CVE-2017-6916	2024-11-21 12:30	2017-03-16	Show	GitHub Exploit DB Packet Storm

255670	4.3	MEDIUM Network	bigtreecms	bigtree_cms	CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed.	CWE-352 Origin Validation Error	CVE-2017-6915	2024-11-21 12:30	2017-03-16	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed