Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 26, 2026, 4:01 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 101 | 5.4 |
警告
Network |
Mattermost, Inc. | Mattermost Server | Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 New |
CWE-862
認証の欠如 |
CVE-2026-5139 | 2026-06-26 11:56 | 2026-06-22 | Show | GitHub Exploit DB Packet Storm |
| 102 | 7.5 |
重要
Network |
VoidZero Inc. vitejs |
Vite+ vite |
vitejs等の複数ベンダの製品における複数の脆弱性 New |
CWE-200 CWE-22 |
CVE-2026-53571 | 2026-06-26 11:56 | 2026-06-22 | Show | GitHub Exploit DB Packet Storm |
| 103 | 7.5 |
重要
Network |
vLLM | vLLM | vLLMにおける複数の脆弱性 New |
CWE-200 CWE-681 |
CVE-2026-53923 | 2026-06-26 11:56 | 2026-06-22 | Show | GitHub Exploit DB Packet Storm |
| 104 | 4.3 |
警告
Network |
openwebui | open webui | openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New |
CWE-639
ユーザ制御の鍵による認証回避 |
CVE-2026-54006 | 2026-06-26 11:56 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 105 | 6.5 |
警告
Network |
openwebui | open webui | openwebuiのopen webuiにおける同一生成元ポリシー違反に関する脆弱性 New |
CWE-346
同一生成元ポリシー違反 |
CVE-2026-54007 | 2026-06-26 11:56 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 106 | 8.5 |
重要
Network |
openwebui | open webui | openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 New |
CWE-918
サーバサイドリクエストフォージェリ |
CVE-2026-54008 | 2026-06-26 11:56 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 107 | 6.5 |
警告
Network |
openwebui | open webui | openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New |
CWE-639
ユーザ制御の鍵による認証回避 |
CVE-2026-54009 | 2026-06-26 11:56 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 108 | 8.3 |
重要
Network |
openwebui | open webui | openwebuiのopen webuiにおける複数の脆弱性 New |
CWE-284 CWE-639 CWE-862 |
CVE-2026-54010 | 2026-06-26 11:55 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 109 | 5.4 |
警告
Network |
openwebui | open webui | openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 New |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2026-54011 | 2026-06-26 11:55 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 110 | 7.1 |
重要
Network |
openwebui | open webui | openwebuiのopen webuiにおける複数の脆弱性 New |
CWE-284 CWE-285 CWE-862 |
CVE-2026-54012 | 2026-06-26 11:55 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 26, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 190701 | 7.8 |
HIGH
Local |
qualcomm |
apq8096au_firmware ar6003_firmware mdm8215_firmware mdm8215m_firmware mdm8615m_firmware mdm9215_firmware mdm9310_firmware mdm9615_firmware mdm9615m_firmware msm8996au_firmw… |
Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile |
CWE-416
Use After Free |
CVE-2021-35115 | 2024-11-21 15:11 | 2022-04-1 | Show | GitHub Exploit DB Packet Storm |
| 190702 | 8.8 |
HIGH
Local |
qualcomm |
sd_8_gen1_5g_firmware wcd9380_firmware wcn6855_firmware wcn6856_firmware wsa8830_firmware wsa8835_firmware |
Possible buffer overflow to improper validation of hash segment of file while allocating memory in Snapdragon Connectivity, Snapdragon Mobile |
CWE-704
Incorrect Type Conversion or Cast |
CVE-2021-35110 | 2024-11-21 15:11 | 2022-04-1 | Show | GitHub Exploit DB Packet Storm |
| 190703 | 7.8 |
HIGH
Local |
qualcomm |
qca6696_firmware sa8155p_firmware qca6574au_firmware |
Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto |
CWE-120
Classic Buffer Overflow |
CVE-2021-35089 | 2024-11-21 15:11 | 2022-04-1 | Show | GitHub Exploit DB Packet Storm |
| 190704 | 7.8 |
HIGH
Local |
qualcomm |
aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmware csrb31024_firmware fsm10055_firmware fsm10056_firmware qca6175a_firmware qca6390_firmwa… |
Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap… |
CWE-125
Out-of-bounds Read |
CVE-2021-35106 | 2024-11-21 15:11 | 2022-04-1 | Show | GitHub Exploit DB Packet Storm |
| 190705 | 7.8 |
HIGH
Local |
qualcomm |
apq8009w_firmware apq8017_firmware apq8053_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmware csrb31024_firmwa… |
Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industria… |
CWE-704
Incorrect Type Conversion or Cast |
CVE-2021-35105 | 2024-11-21 15:11 | 2022-04-1 | Show | GitHub Exploit DB Packet Storm |
| 190706 | 7.8 |
HIGH
Local |
qualcomm |
ar8035_firmware ar9380_firmware csr8811_firmware csrb31024_firmware ipq4018_firmware ipq4019_firmware ipq4028_firmware ipq4029_firmware ipq5010_firmware ipq5018_firmware
Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrago…
|
CWE-787
|
Out-of-bounds Write
CVE-2021-35103
|
2024-11-21 15:11 |
2022-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 190707 | 9.1 |
CRITICAL
Network |
qualcomm |
aqt1000_firmware ar8035_firmware ar9380_firmware csr8811_firmware csrb31024_firmware fsm10055_firmware fsm10056_firmware ipq4018_firmware ipq4019_firmware ipq4028_firmware<… |
Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, S… |
CWE-125
Out-of-bounds Read |
CVE-2021-35088 | 2024-11-21 15:11 | 2022-04-1 | Show | GitHub Exploit DB Packet Storm |
| 190708 | 6.5 |
MEDIUM
Network |
zyxel |
ax7501-b0_firmware dx3301-t0_firmware dx5401-b0_firmware emg3525-t50b_firmware emg5523-t50b_firmware emg5723-t50k_firmware ep240p_firmware ex5401-b0_firmware ex5501-b0_firmwar… |
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configurati… |
CWE-312
Cleartext Storage of Sensitive Information |
CVE-2021-35036 | 2024-11-21 15:11 | 2022-03-1 | Show | GitHub Exploit DB Packet Storm |
| 190709 | 7.8 |
HIGH
Local |
qualcomm |
ar8035_firmware qca6174a_firmware qca6390_firmware qca6391_firmware qca6574_firmware qca6574a_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware qca8081_firmwa… |
Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Sn… |
CWE-416
Use After Free |
CVE-2021-35077 | 2024-11-21 15:11 | 2022-02-11 | Show | GitHub Exploit DB Packet Storm |
| 190710 | 7.8 |
HIGH
Local |
qualcomm |
ar8035_firmware qca6174a_firmware qca6391_firmware qca6574_firmware qca6574a_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware qca8081_firmware qca8337_firmwa… |
Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |
CWE-476
NULL Pointer Dereference |
CVE-2021-35075 | 2024-11-21 15:11 | 2022-02-11 | Show | GitHub Exploit DB Packet Storm |