NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年6月12日4:20

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
851 7.8 HIGH
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler Using the `devm_` variant for requesting IRQ _before_ the… Update CWE-416
解放済みメモリの使用 		CVE-2026-46246 2026-06-10 05:36 2026-06-4 表示 GitHub Exploit DB Packet Storm
852 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dc_link NULL handling in HPD init amdgpu_dm_hpd_init() may see connectors without a valid dc_link. The code… Update CWE-476
NULL ポインタデリファレンス 		CVE-2026-46245 2026-06-10 05:36 2026-06-4 表示 GitHub Exploit DB Packet Storm
853 9.1 CRITICAL
ネットワーク 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff desync In nft_inner_parse_l2l3(), when processing inner IPv6 packets, ipv6_find_hdr() … Update NVD-CWE-noinfo
CVE-2026-46244 2026-06-10 05:35 2026-06-4 表示 GitHub Exploit DB Packet Storm
854 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthor_gpu_flush_caches() failures We have seen a few cases where the whole memory subsystem is blocke… Update NVD-CWE-noinfo
CVE-2025-71314 2026-06-10 05:35 2026-06-4 表示 GitHub Exploit DB Packet Storm
855 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for alloc_workqueue() alloc_workqueue() can return NULL on memory allocation failure. Witho… Update CWE-476
NULL ポインタデリファレンス 		CVE-2025-71313 2026-06-10 05:35 2026-06-4 表示 GitHub Exploit DB Packet Storm
856 7.5 HIGH
ネットワーク 		- - Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. This vulnerability allows att… New CWE-121
スタックオーバーフロー 		CVE-2026-36823 2026-06-10 05:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
857 7.5 HIGH
ネットワーク 		- - Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the wl_radio parameter of the formwrlSSIDset function. This vulnerability allo… New CWE-121
スタックオーバーフロー 		CVE-2026-36771 2026-06-10 05:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
858 7.5 HIGH
ネットワーク 		- - Shenzhen Tenda Technology Co., Ltd Tenda US_W3V1.0BR v1.0.0.3 was discovered to contain a stack overflow in the Go parameter of the ask_to_reboot function. This vulnerability allows attackers to caus… New CWE-121
スタックオーバーフロー 		CVE-2026-36770 2026-06-10 05:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
859 7.2 HIGH
ネットワーク 		- - A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This allows them to bypass Fine-Gr… Update CWE-863
不正な認証 		CVE-2026-11577 2026-06-10 05:16 2026-06-8 表示 GitHub Exploit DB Packet Storm
860 9.8 CRITICAL
ネットワーク 		- - Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. … New - CVE-2026-10045 2026-06-10 05:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
861 6.2 MEDIUM
ローカル 		- - An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). A large number of Firefox preference files can cause the parser to ignore other browser configuration files, lea… New CWE-755
例外的な状態における不適切な処理 		CVE-2023-43686 2026-06-10 05:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
862 8.2 HIGH
ローカル 		- - The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if t… New CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2023-29146 2026-06-10 05:16 2026-06-10 表示 GitHub Exploit DB Packet Storm
863 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: AppArmor: Allow apparmor to handle unaligned dfa tables The dfa tables can originate from kernel or userspace and 8-byte alignmen… Update NVD-CWE-noinfo
CVE-2026-46254 2026-06-10 05:10 2026-06-4 表示 GitHub Exploit DB Packet Storm
864 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove() The clocks in fsl_edma_engine::muxclk are allocated and enabled… Update NVD-CWE-noinfo
CVE-2026-46255 2026-06-10 05:10 2026-06-4 表示 GitHub Exploit DB Packet Storm
865 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages LOCALIO is an NFS loopback mount optimization that avoi… Update CWE-667
不適切なロック 		CVE-2026-46256 2026-06-10 05:10 2026-06-4 表示 GitHub Exploit DB Packet Storm
866 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when read_current_timer is called on ARM32 platforms where the SP804 is not registere… Update CWE-908
初期化されていないリソースの使用 		CVE-2026-46257 2026-06-10 05:10 2026-06-4 表示 GitHub Exploit DB Packet Storm
867 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle_create() In linehandle_create(), there is a statement like this: retain_and_nu… Update CWE-476
NULL ポインタデリファレンス 		CVE-2026-46258 2026-06-10 05:09 2026-06-4 表示 GitHub Exploit DB Packet Storm
868 7.8 HIGH
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in do_task_stat() When reading /proc/[pid]/stat, do_task_stat() acces… Update NVD-CWE-noinfo
CVE-2026-46259 2026-06-10 05:09 2026-06-4 表示 GitHub Exploit DB Packet Storm
869 7.8 HIGH
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6_add_rt2node(). syzbot reported out-of-bound read in fib6_add_rt2node(). [0] When IPv6 rout… Update CWE-125
境界外読み取り 		CVE-2026-46260 2026-06-10 05:09 2026-06-4 表示 GitHub Exploit DB Packet Storm
870 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() platform_get_resource_byname() can return NULL, which w… Update CWE-476
NULL ポインタデリファレンス 		CVE-2026-46261 2026-06-10 05:03 2026-06-4 表示 GitHub Exploit DB Packet Storm
871 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put() This reverts commit f51424872760 ("ASoC: fsl_xcvr: fix missing loc… Update CWE-667
不適切なロック 		CVE-2026-46262 2026-06-10 04:59 2026-06-4 表示 GitHub Exploit DB Packet Storm
872 7.8 HIGH
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 eng_id can be negative and that stream_enc_regs[] can be indexed out o… Update CWE-125
境界外読み取り 		CVE-2026-46263 2026-06-10 04:57 2026-06-4 表示 GitHub Exploit DB Packet Storm
873 4.7 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WAR… Update CWE-362
競合状態 		CVE-2026-46272 2026-06-10 04:52 2026-06-4 表示 GitHub Exploit DB Packet Storm
874 7.8 HIGH
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads… Update NVD-CWE-noinfo
CVE-2026-46271 2026-06-10 04:52 2026-06-4 表示 GitHub Exploit DB Packet Storm
875 8.4 HIGH
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in power_supply_changed() Using the `devm_` variant for requesting IRQ _before_ the `de… Update CWE-416
解放済みメモリの使用 		CVE-2026-46270 2026-06-10 04:52 2026-06-4 表示 GitHub Exploit DB Packet Storm
876 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel trig… Update CWE-476
NULL ポインタデリファレンス 		CVE-2026-46269 2026-06-10 04:51 2026-06-4 表示 GitHub Exploit DB Packet Storm
877 5.5 MEDIUM
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Fix p2pmem_alloc_mmap() warning condition Commit b7e282378773 has already changed the initial page refcount of p2pdma… Update NVD-CWE-noinfo
CVE-2026-46268 2026-06-10 04:48 2026-06-4 表示 GitHub Exploit DB Packet Storm
878 7.8 HIGH
ローカル 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llc_shdlc_deinit() purges SHDLC skb queues and frees the llc_shdlc s… Update CWE-416
解放済みメモリの使用 		CVE-2026-46267 2026-06-10 04:48 2026-06-4 表示 GitHub Exploit DB Packet Storm
879 9.1 CRITICAL
ネットワーク 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP Yizhou Zhao reported that simply having one RAW socket on protocol IP… Update NVD-CWE-noinfo
CVE-2026-46266 2026-06-10 04:47 2026-06-4 表示 GitHub Exploit DB Packet Storm
880 7.5 HIGH
ネットワーク 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQ_MEM_RECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: … Update NVD-CWE-noinfo
CVE-2026-46265 2026-06-10 04:46 2026-06-4 表示 GitHub Exploit DB Packet Storm
881 5.7 MEDIUM
物理 		- - Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of P… New CWE-261
パスワードの弱い暗号の使用 		CVE-2026-40639 2026-06-10 04:30 2026-06-10 表示 GitHub Exploit DB Packet Storm
882 8.8 HIGH
ネットワーク 		google chrome Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: … Update CWE-125
CWE-787
境界外読み取り
境界外書き込み 		CVE-2026-10941 2026-06-10 04:21 2026-06-5 表示 GitHub Exploit DB Packet Storm
883 8.8 HIGH
ネットワーク 		google chrome Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Update CWE-416
解放済みメモリの使用 		CVE-2026-10943 2026-06-10 04:02 2026-06-5 表示 GitHub Exploit DB Packet Storm
884 8.8 HIGH
ネットワーク 		google chrome Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted… Update CWE-416
解放済みメモリの使用 		CVE-2026-10945 2026-06-10 04:01 2026-06-5 表示 GitHub Exploit DB Packet Storm
885 4.7 MEDIUM
ネットワーク 		google chrome Insufficient policy enforcement in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted H… Update CWE-20
不適切な入力確認 		CVE-2026-11233 2026-06-10 03:58 2026-06-5 表示 GitHub Exploit DB Packet Storm
886 4.3 MEDIUM
ネットワーク 		google chrome Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Update CWE-451
ユーザインターフェースにおける重要情報の誤った表示 		CVE-2026-11294 2026-06-10 03:55 2026-06-5 表示 GitHub Exploit DB Packet Storm
887 4.3 MEDIUM
ネットワーク 		google chrome Inappropriate implementation in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pag… Update CWE-693
保護メカニズムの不具合 		CVE-2026-11234 2026-06-10 03:54 2026-06-5 表示 GitHub Exploit DB Packet Storm
888 7.5 HIGH
ネットワーク 		google chrome Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a… Update CWE-122
ヒープオーバーフロー 		CVE-2026-10946 2026-06-10 03:53 2026-06-5 表示 GitHub Exploit DB Packet Storm
889 8.8 HIGH
ネットワーク 		google chrome Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Update CWE-416
解放済みメモリの使用 		CVE-2026-10947 2026-06-10 03:53 2026-06-5 表示 GitHub Exploit DB Packet Storm
890 8.8 HIGH
ネットワーク 		google chrome Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Update CWE-416
解放済みメモリの使用 		CVE-2026-10948 2026-06-10 03:52 2026-06-5 表示 GitHub Exploit DB Packet Storm
891 8.3 HIGH
ネットワーク 		google chrome Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… Update CWE-122
ヒープオーバーフロー 		CVE-2026-10949 2026-06-10 03:52 2026-06-5 表示 GitHub Exploit DB Packet Storm
892 8.8 HIGH
ネットワーク 		google chrome Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Update CWE-416
解放済みメモリの使用 		CVE-2026-10954 2026-06-10 03:49 2026-06-5 表示 GitHub Exploit DB Packet Storm
893 8.8 HIGH
ネットワーク 		google chrome Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi… Update CWE-416
解放済みメモリの使用 		CVE-2026-10956 2026-06-10 03:48 2026-06-5 表示 GitHub Exploit DB Packet Storm
894 6.3 MEDIUM
ネットワーク 		google chrome Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medi… Update CWE-346
同一生成元ポリシー違反 		CVE-2026-11181 2026-06-10 03:47 2026-06-5 表示 GitHub Exploit DB Packet Storm
895 8.8 HIGH
ネットワーク 		google chrome Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox vi… Update CWE-20
不適切な入力確認 		CVE-2026-11235 2026-06-10 03:44 2026-06-5 表示 GitHub Exploit DB Packet Storm
896 8.3 HIGH
ネットワーク 		google chrome Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via… Update CWE-602
サーバ側のセキュリティのクライアント側での実施 		CVE-2026-11236 2026-06-10 03:42 2026-06-5 表示 GitHub Exploit DB Packet Storm
897 8.3 HIGH
ネットワーク 		google chrome Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTM… Update CWE-20
不適切な入力確認 		CVE-2026-11237 2026-06-10 03:41 2026-06-5 表示 GitHub Exploit DB Packet Storm
898 6.5 MEDIUM
ネットワーク 		google chrome Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) Update CWE-457
初期化されていない変数の使用 		CVE-2026-11268 2026-06-10 03:38 2026-06-5 表示 GitHub Exploit DB Packet Storm
899 8.8 HIGH
ネットワーク 		google chrome Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform p… Update CWE-20
不適切な入力確認 		CVE-2026-11272 2026-06-10 03:34 2026-06-5 表示 GitHub Exploit DB Packet Storm
900 4.3 MEDIUM
ネットワーク 		google chrome Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security se… Update CWE-284
不適切なアクセス制御 		CVE-2026-11274 2026-06-10 03:32 2026-06-5 表示 GitHub Exploit DB Packet Storm