NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月10日5:00

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
51	8.6	HIGH ネットワーク	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when … Update	NVD-CWE-noinfo	CVE-2026-46273	2026-06-10 02:31	2026-06-4	表示	GitHub Exploit DB Packet Storm

52	8.8	HIGH ローカル	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm_add_action_or_reset() failure the provided cleanup action will be run immedia… Update	CWE-416 解放済みメモリの使用	CVE-2026-46264	2026-06-10 02:26	2026-06-4	表示	GitHub Exploit DB Packet Storm

53	8.1	HIGH ネットワーク	google	chrome	Inappropriate implementation in Plugins in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (… New	CWE-346 同一生成元ポリシー違反	CVE-2026-11693	2026-06-10 02:26	2026-06-9	表示	GitHub Exploit DB Packet Storm

54	5.4	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) New	CWE-20 NVD-CWE-noinfo 不適切な入力確認	CVE-2026-11701	2026-06-10 02:24	2026-06-9	表示	GitHub Exploit DB Packet Storm

55	7.5	HIGH ネットワーク	perl	dbi	DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer wit… New	CWE-787 境界外書き込み	CVE-2026-9698	2026-06-10 02:20	2026-06-9	表示	GitHub Exploit DB Packet Storm

56	-	-	-	-	A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device. New	CWE-20 不適切な入力確認	CVE-2026-9213	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

57	-	-	-	-	Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting product's confidentiality or change certain conf… New	CWE-20 CWE-306 不適切な入力確認重要な機能に対する認証の欠如解説	CVE-2026-9212	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

58	-	-	-	-	An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation. New	CWE-20 不適切な入力確認	CVE-2026-9211	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

59	-	-	-	-	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu… New	CWE-20 不適切な入力確認	CVE-2026-9210	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

60	-	-	-	-	Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in… New	CWE-125 境界外読み取り	CVE-2026-9076	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

61	8.1	HIGH ネットワーク	-	-	Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may… New	CWE-787 境界外書き込み	CVE-2026-7383	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

62	9.8	CRITICAL ネットワーク	-	-	YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator (CalcField.php) of YesWiki. The application attempts to sa… New	CWE-94 CWE-1333 コード・インジェクション非効率的な正規表現の複雑さ	CVE-2026-52778	2026-06-10 02:17	2026-06-9	表示	GitHub Exploit DB Packet Storm

63	6.5	MEDIUM ネットワーク	-	-	Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. New	CWE-200 情報漏えい	CVE-2026-50508	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

64	6.8	MEDIUM 物理	-	-	Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. New	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-50507	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

65	7.5	HIGH ネットワーク	-	-	Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 … New	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-49975	2026-06-10 02:17	2026-06-9	表示	GitHub Exploit DB Packet Storm

66	8.8	HIGH ネットワーク	-	-	Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration… New	CWE-78 OSコマンド・インジェクション	CVE-2026-49959	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

67	5.0	MEDIUM ローカル	-	-	Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function within api/workspace_git.py that allows attackers to delete… New	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-49958	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

68	7.7	HIGH ネットワーク	-	-	Hermes WebUI before version 0.51.269 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the… New	CWE-22 パス・トラバーサル	CVE-2026-49957	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

69	5.3	MEDIUM ネットワーク	-	-	Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey option… New	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-49955	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

70	4.3	MEDIUM ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-287 不適切な認証	CVE-2026-49848	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

71	7.5	HIGH ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-674 不適切な再帰制御	CVE-2026-49847	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

72	5.3	MEDIUM ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-287 不適切な認証	CVE-2026-49843	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

73	7.5	HIGH ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-400 リソースの枯渇	CVE-2026-49842	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

74	9.8	CRITICAL ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-122 CWE-131 ヒープオーバーフロー正しくないバッファサイズ計算	CVE-2026-49841	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

75	9.1	CRITICAL ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-20 CWE-122 CWE-195 CWE-787 不適切な入力確認ヒープオーバーフロー符号付き型から符号無し型への変換エラー境界外書き込み	CVE-2026-49840	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

76	6.5	MEDIUM ネットワーク	-	-	The Apache Airflow Samba provider's `GCSToSambaOperator` joined GCS object names to the SMB destination path without a containment check, so an object named with `../` segments resolved a write path … New	CWE-22 パス・トラバーサル	CVE-2026-49818	2026-06-10 02:17	2026-06-9	表示	GitHub Exploit DB Packet Storm

77	7.5	HIGH ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-20 CWE-125 CWE-787 不適切な入力確認境界外読み取り境界外書き込み	CVE-2026-49475	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

78	5.3	MEDIUM ネットワーク	-	-	FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version… New	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-49472	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

79	7.8	HIGH ローカル	-	-	Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally. New	CWE-284 不適切なアクセス制御	CVE-2026-49161	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

80	7.5	HIGH ネットワーク	-	-	Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network. New	CWE-400 リソースの枯渇	CVE-2026-49160	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

81	7.8	HIGH ローカル	-	-	Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. New	CWE-416 解放済みメモリの使用	CVE-2026-48583	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

82	7.9	HIGH ローカル	-	-	Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New	CWE-284 不適切なアクセス制御	CVE-2026-48578	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

83	7.9	HIGH ローカル	-	-	Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New	CWE-1329 アップデートができないコンポーネントへの依存	CVE-2026-48576	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

84	7.9	HIGH ローカル	-	-	Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New	CWE-693 保護メカニズムの不具合	CVE-2026-48575	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

85	7.8	HIGH ローカル	-	-	Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. New	CWE-122 ヒープオーバーフロー	CVE-2026-48574	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

86	7.9	HIGH ローカル	-	-	Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New	CWE-1329 アップデートができないコンポーネントへの依存	CVE-2026-48573	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

87	7.9	HIGH ローカル	-	-	Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New	CWE-693 保護メカニズムの不具合	CVE-2026-48570	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

88	7.1	HIGH ローカル	-	-	Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. New	CWE-20 CWE-23 不適切な入力確認相対的パストラバーサル	CVE-2026-48569	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

89	7.9	HIGH ローカル	-	-	Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New	CWE-693 保護メカニズムの不具合	CVE-2026-48568	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

90	5.5	MEDIUM ローカル	-	-	Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally. New	CWE-125 境界外読み取り	CVE-2026-48566	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

91	7.8	HIGH ローカル	-	-	Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally. New	CWE-426 信頼性のない検索パス	CVE-2026-48565	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

92	7.5	HIGH ネットワーク	-	-	Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. New	CWE-416 解放済みメモリの使用	CVE-2026-48563	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

93	4.6	MEDIUM ネットワーク	-	-	Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48562	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

94	5.4	MEDIUM ネットワーク	-	-	Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-48560	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

95	5.4	MEDIUM ネットワーク	-	-	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48304	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

96	5.4	MEDIUM ネットワーク	-	-	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48301	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

97	5.4	MEDIUM ネットワーク	-	-	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48300	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

98	5.4	MEDIUM ネットワーク	-	-	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48299	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

99	5.4	MEDIUM ネットワーク	-	-	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma… New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48297	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm

100	3.5	LOW ネットワーク	-	-	Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged atta… New	CWE-20 不適切な入力確認	CVE-2026-48289	2026-06-10 02:17	2026-06-10	表示	GitHub Exploit DB Packet Storm