Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
101	5.4	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-5139	2026-06-26 11:56	2026-06-22	Show	GitHub Exploit DB Packet Storm

102	7.5	重要 Network	VoidZero Inc. vitejs	Vite+ vite	vitejs等の複数ベンダの製品における複数の脆弱性 New	CWE-200 CWE-22	CVE-2026-53571	2026-06-26 11:56	2026-06-22	Show	GitHub Exploit DB Packet Storm

103	7.5	重要 Network	vLLM	vLLM	vLLMにおける複数の脆弱性 New	CWE-200 CWE-681	CVE-2026-53923	2026-06-26 11:56	2026-06-22	Show	GitHub Exploit DB Packet Storm

104	4.3	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-54006	2026-06-26 11:56	2026-06-23	Show	GitHub Exploit DB Packet Storm

105	6.5	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける同一生成元ポリシー違反に関する脆弱性 New	CWE-346 同一生成元ポリシー違反	CVE-2026-54007	2026-06-26 11:56	2026-06-23	Show	GitHub Exploit DB Packet Storm

106	8.5	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-54008	2026-06-26 11:56	2026-06-23	Show	GitHub Exploit DB Packet Storm

107	6.5	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-54009	2026-06-26 11:56	2026-06-23	Show	GitHub Exploit DB Packet Storm

108	8.3	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性 New	CWE-284 CWE-639 CWE-862	CVE-2026-54010	2026-06-26 11:55	2026-06-23	Show	GitHub Exploit DB Packet Storm

109	5.4	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-54011	2026-06-26 11:55	2026-06-23	Show	GitHub Exploit DB Packet Storm

110	7.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性 New	CWE-284 CWE-285 CWE-862	CVE-2026-54012	2026-06-26 11:55	2026-06-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191531	7.5	HIGH Network	suse	rancher	A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Ranche…	-	CVE-2021-36778	2024-11-21 15:14	2022-05-2	Show	GitHub Exploit DB Packet Storm

191532	6.1	MEDIUM Network	tripetto	tripetto	Unauthenticated Cross-Site Scripting (XSS) vulnerability in Tripetto's Tripetto plugin <= 5.1.4 on WordPress via SVG image upload.	-	CVE-2021-36895	2024-11-21 15:14	2022-04-27	Show	GitHub Exploit DB Packet Storm

191533	5.4	MEDIUM Network	psychological_tests_\&_quizzes_project	psychological_tests_\&_quizzes	Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher user rights.	-	CVE-2021-36867	2024-11-21 15:14	2022-04-27	Show	GitHub Exploit DB Packet Storm

191534	4.8	MEDIUM Network	wp_maintenance_project	wp_maintenance	Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin <= 6.0.7 versions.	-	CVE-2021-36828	2024-11-21 15:14	2022-04-16	Show	GitHub Exploit DB Packet Storm

191535	6.1	MEDIUM Network	claderaform	calderawp_license_manager	Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected Cross-Site Scripting (XSS) in CalderaWP License Manager (WordPress plugin) <= 1.2.11.	CWE-352 Origin Validation Error	CVE-2021-36914	2024-11-21 15:14	2022-04-13	Show	GitHub Exploit DB Packet Storm

191536	4.8	MEDIUM Network	wp-appbox_project	wp-appbox	Authenticated (admin user role) Stored Cross-Site Scripting (XSS) in WP-Appbox (WordPress plugin) <= 4.3.20.	CWE-79 Cross-site Scripting	CVE-2021-36910	2024-11-21 15:14	2022-04-12	Show	GitHub Exploit DB Packet Storm

191537	4.8	MEDIUM Network	w3eden	pricing_table	Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Pricing Table (WordPress plugin) versions <= 1.5.2	CWE-79 Cross-site Scripting	CVE-2021-36896	2024-11-21 15:14	2022-04-12	Show	GitHub Exploit DB Packet Storm

191538	4.8	MEDIUM Network	wpdarko	responsive_tabs	Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Responsive Tabs (WordPress plugin) <= 4.0.5	CWE-79 Cross-site Scripting	CVE-2021-36893	2024-11-21 15:14	2022-04-12	Show	GitHub Exploit DB Packet Storm

191539	4.8	MEDIUM Network	sharethis	social_media_feather	Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Feather (WordPress plugin) versions <= 2.0.4	CWE-79 Cross-site Scripting	CVE-2021-36848	2024-11-21 15:14	2022-04-12	Show	GitHub Exploit DB Packet Storm

191540	4.8	MEDIUM Network	premio	chaty	Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Premio Chaty (WordPress plugin) <= 2.8.3	CWE-79 Cross-site Scripting	CVE-2021-36846	2024-11-21 15:14	2022-04-12	Show	GitHub Exploit DB Packet Storm