Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1 - - 横河電機株式会社 統合情報サーバ(CIサーバ)
FAST/TOOLS 		横河電機製FAST/TOOLSおよびCI Serverにおける重要情報の平文送信の脆弱性 New CWE-319
重要な情報の平文での送信 		CVE-2026-11833 2026-06-24 14:38 2026-06-23 Show GitHub Exploit DB Packet Storm
2 - - (複数のベンダ) (複数の製品) Microsoft Windows Recovery EnvironmentにおけるUEFI/BIOSパスワード制限回避の脆弱性 New - - 2026-06-24 14:38 2026-06-23 Show GitHub Exploit DB Packet Storm
3 - - (複数のベンダ) (複数の製品) FastStone Image Viewerにおけるファイル解析に関する複数の脆弱性 New - - 2026-06-24 14:38 2026-06-23 Show GitHub Exploit DB Packet Storm
4 9.8 緊急
Network 		InHand Networks IR915L-FQ39-S Firmware
IR912L-FQ58 Firmware 		InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-38714 2026-06-24 10:00 2026-06-18 Show GitHub Exploit DB Packet Storm
5 9.8 緊急
Network 		InHand Networks IR915L-FQ39-S Firmware
IR912L-FQ58 Firmware 		InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-38715 2026-06-24 10:00 2026-06-18 Show GitHub Exploit DB Packet Storm
6 9.8 緊急
Network 		InHand Networks IR915L-FQ39-S Firmware
IR912L-FQ58 Firmware 		InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-38716 2026-06-24 10:00 2026-06-18 Show GitHub Exploit DB Packet Storm
7 9.8 緊急
Network 		InHand Networks IR915L-FQ39-S Firmware
IR912L-FQ58 Firmware 		InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-38717 2026-06-24 10:00 2026-06-18 Show GitHub Exploit DB Packet Storm
8 7.5 重要
Network 		InHand Networks IR915L-FQ39-S Firmware
IR912L-FQ58 Firmware 		InHand NetworksのIR912L-FQ58 Firmware等の複数製品における古典的バッファオーバーフローの脆弱性 New CWE-120
古典的バッファオーバーフロー 		CVE-2026-38718 2026-06-24 10:00 2026-06-18 Show GitHub Exploit DB Packet Storm
9 6.5 警告
Network 		Palo Alto Networks Idira Identity Browser Extension Palo Alto NetworksのIdira Identity Browser Extensionにおける同一生成元ポリシー違反に関する脆弱性 New CWE-346
同一生成元ポリシー違反 		CVE-2026-45173 2026-06-24 10:00 2026-06-11 Show GitHub Exploit DB Packet Storm
10 7.8 重要
Local 		Palo Alto Networks Idira Endpoint Privilege Manager Palo Alto NetworksのIdira Endpoint Privilege Managerにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 New CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2026-45174 2026-06-24 10:00 2026-06-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191451 8.1 HIGH
Network 		google-it_project google-it Google-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using the 'Open in browser' option in versions up to 1.6.2, googl… CWE-78
OS Command  		CVE-2021-34083 2024-11-21 15:09 2022-06-2 Show GitHub Exploit DB Packet Storm
191452 9.8 CRITICAL
Network 		proctree_project proctree OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix fun… CWE-78
OS Command  		CVE-2021-34082 2024-11-21 15:09 2022-06-2 Show GitHub Exploit DB Packet Storm
191453 8.8 HIGH
Network 		gitsome_project gitsome OS Command Injection vulnerability in bbultman gitsome through 0.2.3 allows attackers to execute arbitrary commands via a crafted tag name of the target git repository. CWE-78
OS Command  		CVE-2021-34081 2024-11-21 15:09 2022-06-2 Show GitHub Exploit DB Packet Storm
191454 9.8 CRITICAL
Network 		ssl-utils_project ssl-utils OS Command Injection vulnerability in es128 ssl-utils 1.0.0 for Node.js allows attackers to execute arbitrary commands via unsanitized shell metacharacters provided to the createCertRequest() and the… CWE-78
OS Command  		CVE-2021-34080 2024-11-21 15:09 2022-06-2 Show GitHub Exploit DB Packet Storm
191455 9.8 CRITICAL
Network 		docker-tester_project docker-tester OS Command injection vulnerability in Mintzo Docker-Tester through 1.2.1 allows attackers to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml f… CWE-78
OS Command  		CVE-2021-34079 2024-11-21 15:09 2022-06-2 Show GitHub Exploit DB Packet Storm
191456 8.8 HIGH
Network 		adp lifion-verifiy-dependencies lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project's package.json file. CWE-78
OS Command  		CVE-2021-34078 2024-11-21 15:09 2022-06-2 Show GitHub Exploit DB Packet Storm
191457 7.5 HIGH
Network 		rsa archer RSA Archer 6.8.00500.1003 P5 allows Unrestricted Upload of a File with a Dangerous Type. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-33615 2024-11-21 15:09 2022-06-2 Show GitHub Exploit DB Packet Storm
191458 9.8 CRITICAL
Network 		thecus n4800eco_firmware Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php. CWE-78
OS Command  		CVE-2021-34111 2024-11-21 15:09 2022-05-20 Show GitHub Exploit DB Packet Storm
191459 9.8 CRITICAL
Network 		glensawyer mp3gain Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have… CWE-125
Out-of-bounds Read 		CVE-2021-34085 2024-11-21 15:09 2022-05-12 Show GitHub Exploit DB Packet Storm
191460 5.3 MEDIUM
Network 		splunk splunk The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress v… CWE-203
 Information Exposure Through Discrepancy 		CVE-2021-33845 2024-11-21 15:09 2022-05-7 Show GitHub Exploit DB Packet Storm