NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年6月12日4:20

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
701 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47981 2026-06-10 22:08 2026-06-10 表示 GitHub Exploit DB Packet Storm
702 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47980 2026-06-10 22:08 2026-06-10 表示 GitHub Exploit DB Packet Storm
703 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47978 2026-06-10 22:08 2026-06-10 表示 GitHub Exploit DB Packet Storm
704 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47977 2026-06-10 22:08 2026-06-10 表示 GitHub Exploit DB Packet Storm
705 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47975 2026-06-10 22:07 2026-06-10 表示 GitHub Exploit DB Packet Storm
706 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47973 2026-06-10 22:07 2026-06-10 表示 GitHub Exploit DB Packet Storm
707 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47972 2026-06-10 22:07 2026-06-10 表示 GitHub Exploit DB Packet Storm
708 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47970 2026-06-10 22:06 2026-06-10 表示 GitHub Exploit DB Packet Storm
709 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47966 2026-06-10 22:06 2026-06-10 表示 GitHub Exploit DB Packet Storm
710 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47962 2026-06-10 22:06 2026-06-10 表示 GitHub Exploit DB Packet Storm
711 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47958 2026-06-10 22:05 2026-06-10 表示 GitHub Exploit DB Packet Storm
712 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47957 2026-06-10 22:04 2026-06-10 表示 GitHub Exploit DB Packet Storm
713 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47956 2026-06-10 22:04 2026-06-10 表示 GitHub Exploit DB Packet Storm
714 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47954 2026-06-10 22:04 2026-06-10 表示 GitHub Exploit DB Packet Storm
715 5.4 MEDIUM
ネットワーク 		adobe experience_manager Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-47953 2026-06-10 22:04 2026-06-10 表示 GitHub Exploit DB Packet Storm
716 7.8 HIGH
ローカル 		adobe incopy InCopy versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t… New CWE-122
ヒープオーバーフロー 		CVE-2026-34707 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
717 7.8 HIGH
ローカル 		adobe incopy InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this is… New CWE-787
境界外書き込み 		CVE-2026-34706 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
718 5.5 MEDIUM
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability… New CWE-125
境界外読み取り 		CVE-2026-34705 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
719 5.5 MEDIUM
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulne… New CWE-476
NULL ポインタデリファレンス 		CVE-2026-34704 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
720 5.5 MEDIUM
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulne… New CWE-476
NULL ポインタデリファレンス 		CVE-2026-34703 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
721 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploi… New CWE-121
スタックオーバーフロー 		CVE-2026-34702 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
722 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit… New CWE-122
ヒープオーバーフロー 		CVE-2026-34701 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
723 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation … New CWE-787
境界外書き込み 		CVE-2026-34700 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
724 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit… New CWE-122
ヒープオーバーフロー 		CVE-2026-34699 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
725 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit… New CWE-122
ヒープオーバーフロー 		CVE-2026-34698 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
726 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploi… New CWE-121
スタックオーバーフロー 		CVE-2026-34697 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
727 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi… New CWE-416
解放済みメモリの使用 		CVE-2026-34696 2026-06-10 22:01 2026-06-10 表示 GitHub Exploit DB Packet Storm
728 7.8 HIGH
ローカル 		adobe indesign InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploi… New CWE-121
スタックオーバーフロー 		CVE-2026-34695 2026-06-10 22:00 2026-06-10 表示 GitHub Exploit DB Packet Storm
729 7.8 HIGH
ローカル 		adobe incopy InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of … New CWE-121
スタックオーバーフロー 		CVE-2026-34708 2026-06-10 22:00 2026-06-10 表示 GitHub Exploit DB Packet Storm
730 7.8 HIGH
ローカル 		cisco catalyst_sd-wan_manager
sd-wan_vsmart_controller 		A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vB… Update CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-20245 2026-06-10 21:59 2026-06-5 表示 GitHub Exploit DB Packet Storm
731 6.5 MEDIUM
ネットワーク 		google chrome Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted … Update CWE-346
CWE-352
同一生成元ポリシー違反
同一生成元ポリシー違反 		CVE-2026-11195 2026-06-10 21:32 2026-06-5 表示 GitHub Exploit DB Packet Storm
732 6.5 MEDIUM
ネットワーク 		google chrome Inappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Update CWE-346
CWE-352
同一生成元ポリシー違反
同一生成元ポリシー違反 		CVE-2026-11194 2026-06-10 21:31 2026-06-5 表示 GitHub Exploit DB Packet Storm
733 6.5 MEDIUM
ネットワーク 		google chrome Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Update CWE-200
情報漏えい 		CVE-2026-11182 2026-06-10 21:29 2026-06-5 表示 GitHub Exploit DB Packet Storm
734 5.3 MEDIUM
ネットワーク 		google chrome Out of bounds read in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proc… Update CWE-125
境界外読み取り 		CVE-2026-11005 2026-06-10 21:26 2026-06-5 表示 GitHub Exploit DB Packet Storm
735 - -
- - An HTML injection vulnerability in the "fetch links" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTM… New CWE-74
インジェクション 		CVE-2026-11859 2026-06-10 21:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
736 - -
- - NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address… New CWE-346
同一生成元ポリシー違反 		CVE-2026-10846 2026-06-10 21:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
737 - -
- - A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrato… New CWE-119
バッファエラー 		CVE-2026-0409 2026-06-10 21:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
738 9.1 CRITICAL
ネットワーク 		- - The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded … New CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-9067 2026-06-10 20:17 2026-06-10 表示 GitHub Exploit DB Packet Storm
739 3.5 LOW
ネットワーク 		- - The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, all… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-9060 2026-06-10 20:17 2026-06-10 表示 GitHub Exploit DB Packet Storm
740 8.8 HIGH
ネットワーク 		- - The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated atta… New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-8071 2026-06-10 20:17 2026-06-10 表示 GitHub Exploit DB Packet Storm
741 8.6 HIGH
ネットワーク 		- - The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL in… New CWE-89
SQLインジェクション 		CVE-2026-3326 2026-06-10 20:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
742 4.3 MEDIUM
ネットワーク 		7-zip 7-zip 7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parse… Update CWE-125
境界外読み取り 		CVE-2026-48102 2026-06-10 19:45 2026-06-6 表示 GitHub Exploit DB Packet Storm
743 - -
- - Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages (.dsc) and upload artifacts (.changes) are manifest files that name the files … New - CVE-2026-11853 2026-06-10 19:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
744 - -
- - Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relation… New - CVE-2026-11852 2026-06-10 19:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
745 7.5 HIGH
ネットワーク 		- - Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in… New CWE-125
境界外読み取り 		CVE-2026-9076 2026-06-10 17:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
746 8.1 HIGH
ネットワーク 		- - Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may… New CWE-787
境界外書き込み 		CVE-2026-7383 2026-06-10 17:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
747 4.8 MEDIUM
ネットワーク 		- - Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of … New CWE-325
暗号化処理の不備 		CVE-2026-45446 2026-06-10 17:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
748 7.5 HIGH
ネットワーク 		- - Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact sum… New CWE-325
暗号化処理の不備 		CVE-2026-45445 2026-06-10 17:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
749 6.2 MEDIUM
ローカル 		- - Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Imp… New CWE-125
境界外読み取り 		CVE-2026-42771 2026-06-10 17:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
750 3.7 LOW
ネットワーク 		- - Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which present… New CWE-325
暗号化処理の不備 		CVE-2026-42770 2026-06-10 17:16 2026-06-10 表示 GitHub Exploit DB Packet Storm