NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月25日4:04

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
2701	8.1	HIGH ネットワーク	google	chrome	Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)	CWE-125 境界外読み取り	CVE-2026-11111	2026-06-8 23:44	2026-06-5	表示	GitHub Exploit DB Packet Storm

2702	4.3	MEDIUM ネットワーク	google	chrome	Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-457 初期化されていない変数の使用	CVE-2026-11159	2026-06-8 23:40	2026-06-5	表示	GitHub Exploit DB Packet Storm

2703	6.5	MEDIUM ネットワーク	google	chrome	Out of bounds read in Input in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi…	CWE-125 境界外読み取り	CVE-2026-11160	2026-06-8 23:39	2026-06-5	表示	GitHub Exploit DB Packet Storm

2704	4.3	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-346 同一生成元ポリシー違反	CVE-2026-11161	2026-06-8 23:39	2026-06-5	表示	GitHub Exploit DB Packet Storm

2705	8.8	HIGH ネットワーク	google	chrome	Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. (Chromium sec…	CWE-20 不適切な入力確認	CVE-2026-11079	2026-06-8 23:38	2026-06-5	表示	GitHub Exploit DB Packet Storm

2706	4.3	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-200 情報漏えい	CVE-2026-11162	2026-06-8 23:38	2026-06-5	表示	GitHub Exploit DB Packet Storm

2707	8.8	HIGH ネットワーク	google	chrome	Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Med…	CWE-416 解放済みメモリの使用	CVE-2026-11080	2026-06-8 23:36	2026-06-5	表示	GitHub Exploit DB Packet Storm

2708	8.8	HIGH ローカル	redhat	openshift_container_platform	The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was…	CWE-15 システム構成または設定の外部制御	CVE-2026-1784	2026-06-8 23:36	2026-06-2	表示	GitHub Exploit DB Packet Storm

2709	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)	CWE-346 同一生成元ポリシー違反	CVE-2026-11081	2026-06-8 23:35	2026-06-5	表示	GitHub Exploit DB Packet Storm

2710	9.6	CRITICAL ネットワーク	google	chrome	Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…	CWE-416 解放済みメモリの使用	CVE-2026-11082	2026-06-8 23:35	2026-06-5	表示	GitHub Exploit DB Packet Storm

2711	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medi…	CWE-346 CWE-352 同一生成元ポリシー違反同一生成元ポリシー違反	CVE-2026-11083	2026-06-8 23:35	2026-06-5	表示	GitHub Exploit DB Packet Storm

2712	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medi…	CWE-346 CWE-352 同一生成元ポリシー違反同一生成元ポリシー違反	CVE-2026-11084	2026-06-8 23:35	2026-06-5	表示	GitHub Exploit DB Packet Storm

2713	8.8	HIGH ネットワーク	google	chrome	Integer overflow in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev…	CWE-472 CWE-190 不変と仮定される Web パラメータの外部制御整数オーバーフローまたはラップアラウンド	CVE-2026-11085	2026-06-8 23:35	2026-06-5	表示	GitHub Exploit DB Packet Storm

2714	6.5	MEDIUM ネットワーク	google	chrome	Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium secu…	CWE-457 初期化されていない変数の使用	CVE-2026-11087	2026-06-8 23:35	2026-06-5	表示	GitHub Exploit DB Packet Storm

2715	6.5	MEDIUM ネットワーク	google	chrome	Uninitialized Use in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory v…	CWE-457 CWE-908 初期化されていない変数の使用初期化されていないリソースの使用	CVE-2026-11089	2026-06-8 23:34	2026-06-5	表示	GitHub Exploit DB Packet Storm

2716	6.5	MEDIUM ネットワーク	google	chrome	Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-457 CWE-125 CWE-787 初期化されていない変数の使用境界外読み取り境界外書き込み	CVE-2026-11090	2026-06-8 23:34	2026-06-5	表示	GitHub Exploit DB Packet Storm

2717	8.8	HIGH ネットワーク	google	chrome	Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security s…	CWE-125 CWE-787 境界外読み取り境界外書き込み	CVE-2026-11091	2026-06-8 23:34	2026-06-5	表示	GitHub Exploit DB Packet Storm

2718	8.8	HIGH ネットワーク	google	chrome	Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a cra…	CWE-602 サーバ側のセキュリティのクライアント側での実施	CVE-2026-11092	2026-06-8 23:34	2026-06-5	表示	GitHub Exploit DB Packet Storm

2719	9.6	CRITICAL ネットワーク	google	chrome	Use after free in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: M…	CWE-416 解放済みメモリの使用	CVE-2026-11163	2026-06-8 23:33	2026-06-5	表示	GitHub Exploit DB Packet Storm

2720	8.8	HIGH ネットワーク	google	chrome	Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)	CWE-472 不変と仮定される Web パラメータの外部制御	CVE-2026-11211	2026-06-8 23:33	2026-06-5	表示	GitHub Exploit DB Packet Storm

2721	9.8	CRITICAL ネットワーク	amd	aiter	AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv() function within shm_broadcast.py that allows unauthenticate…	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-49121	2026-06-8 23:29	2026-06-2	表示	GitHub Exploit DB Packet Storm

2722	5.3	MEDIUM ネットワーク	google	chrome	Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory …	CWE-125 境界外読み取り	CVE-2026-11004	2026-06-8 23:27	2026-06-5	表示	GitHub Exploit DB Packet Storm

2723	6.5	MEDIUM ネットワーク	google	chrome	Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)	CWE-125 境界外読み取り	CVE-2026-11006	2026-06-8 23:27	2026-06-5	表示	GitHub Exploit DB Packet Storm

2724	9.6	CRITICAL ネットワーク	google	chrome	Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)	CWE-416 解放済みメモリの使用	CVE-2026-11009	2026-06-8 23:27	2026-06-5	表示	GitHub Exploit DB Packet Storm

2725	8.3	HIGH ネットワーク	google	chrome	Use after free in WebShare in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …	CWE-416 解放済みメモリの使用	CVE-2026-11010	2026-06-8 23:26	2026-06-5	表示	GitHub Exploit DB Packet Storm

2726	8.3	HIGH ネットワーク	google	chrome	Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…	CWE-416 解放済みメモリの使用	CVE-2026-11012	2026-06-8 23:26	2026-06-5	表示	GitHub Exploit DB Packet Storm

2727	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a cr…	CWE-284 不適切なアクセス制御	CVE-2026-11026	2026-06-8 23:26	2026-06-5	表示	GitHub Exploit DB Packet Storm

2728	4.3	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Browser in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)	CWE-284 不適切なアクセス制御	CVE-2026-11257	2026-06-8 23:25	2026-06-5	表示	GitHub Exploit DB Packet Storm

2729	7.3	HIGH ローカル	google	chrome	Use after free in Updater in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Mediu…	CWE-416 解放済みメモリの使用	CVE-2026-11115	2026-06-8 23:25	2026-06-5	表示	GitHub Exploit DB Packet Storm

2730	8.8	HIGH ネットワーク	google	chrome	Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Medium)	CWE-416 解放済みメモリの使用	CVE-2026-11116	2026-06-8 23:25	2026-06-5	表示	GitHub Exploit DB Packet Storm

2731	9.6	CRITICAL ネットワーク	google	chrome	Inappropriate implementation in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a…	CWE-20 不適切な入力確認	CVE-2026-11119	2026-06-8 23:25	2026-06-5	表示	GitHub Exploit DB Packet Storm

2732	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-352 同一生成元ポリシー違反	CVE-2026-11129	2026-06-8 23:25	2026-06-5	表示	GitHub Exploit DB Packet Storm

2733	9.6	CRITICAL ネットワーク	google	chrome	Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …	CWE-416 解放済みメモリの使用	CVE-2026-11131	2026-06-8 23:24	2026-06-5	表示	GitHub Exploit DB Packet Storm

2734	6.5	MEDIUM ネットワーク	google	chrome	Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)	CWE-346 同一生成元ポリシー違反	CVE-2026-11132	2026-06-8 23:24	2026-06-5	表示	GitHub Exploit DB Packet Storm

2735	6.5	MEDIUM ネットワーク	google	chrome	Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)	CWE-346 同一生成元ポリシー違反	CVE-2026-11133	2026-06-8 23:24	2026-06-5	表示	GitHub Exploit DB Packet Storm

2736	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-352 同一生成元ポリシー違反	CVE-2026-11134	2026-06-8 23:24	2026-06-5	表示	GitHub Exploit DB Packet Storm

2737	6.5	MEDIUM ネットワーク	google	chrome	Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severi…	CWE-284 不適切なアクセス制御	CVE-2026-11135	2026-06-8 23:24	2026-06-5	表示	GitHub Exploit DB Packet Storm

2738	6.5	MEDIUM ネットワーク	google	chrome	Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit…	CWE-457 初期化されていない変数の使用	CVE-2026-11137	2026-06-8 23:24	2026-06-5	表示	GitHub Exploit DB Packet Storm

2739	6.5	MEDIUM 隣接	ericsson	packet_core_controller	Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation.	CWE-228 不正な構文構造の不適切な処理	CVE-2025-59174	2026-06-8 23:24	2026-06-6	表示	GitHub Exploit DB Packet Storm

2740	6.5	MEDIUM ネットワーク	google	chrome	Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-457 初期化されていない変数の使用	CVE-2026-11138	2026-06-8 23:24	2026-06-5	表示	GitHub Exploit DB Packet Storm

2741	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CWE-352 同一生成元ポリシー違反	CVE-2026-11139	2026-06-8 23:23	2026-06-5	表示	GitHub Exploit DB Packet Storm

2742	6.5	MEDIUM ネットワーク	google	chrome	Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process me…	CWE-20 不適切な入力確認	CVE-2026-11140	2026-06-8 23:23	2026-06-5	表示	GitHub Exploit DB Packet Storm

2743	6.5	MEDIUM ネットワーク	google	chrome	Uninitialized Use in Audio in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory v…	CWE-457 初期化されていない変数の使用	CVE-2026-11141	2026-06-8 23:23	2026-06-5	表示	GitHub Exploit DB Packet Storm

2744	6.5	MEDIUM ネットワーク	google	chrome	Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-11142	2026-06-8 23:23	2026-06-5	表示	GitHub Exploit DB Packet Storm

2745	6.8	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: …	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-11166	2026-06-8 23:22	2026-06-5	表示	GitHub Exploit DB Packet Storm

2746	9.6	CRITICAL ネットワーク	google	chrome	Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v…	CWE-250 不要な特権による実行	CVE-2026-11167	2026-06-8 23:22	2026-06-5	表示	GitHub Exploit DB Packet Storm

2747	6.5	MEDIUM 隣接	ericsson	packet_core_gateway	Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can…	CWE-230 欠損値の不適切な処理	CVE-2026-25659	2026-06-8 23:22	2026-06-5	表示	GitHub Exploit DB Packet Storm

2748	6.5	MEDIUM 隣接	ericsson	packet_core_gateway	Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can…	CWE-230 欠損値の不適切な処理	CVE-2026-25658	2026-06-8 23:22	2026-06-5	表示	GitHub Exploit DB Packet Storm

2749	6.5	MEDIUM ネットワーク	google	chrome	Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from …	CWE-200 情報漏えい	CVE-2026-11168	2026-06-8 23:22	2026-06-5	表示	GitHub Exploit DB Packet Storm

2750	8.1	HIGH ネットワーク	google	chrome	Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted XML file. (Chromium security severity: M…	CWE-91 ブラインド XPath インジェクション	CVE-2026-11169	2026-06-8 23:21	2026-06-5	表示	GitHub Exploit DB Packet Storm