Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
131261	9.8	緊急 Network	inxedu project	inxedu	Inxedu における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2020-35430	2021-12-27 12:27	2020-12-12	Show	GitHub Exploit DB Packet Storm

131262	6.1	警告 Network	emlog	emlog	emlog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-30227	2021-12-27 12:27	2021-04-5	Show	GitHub Exploit DB Packet Storm

131263	6.1	警告 Network	MERCUSYS Technologies Co., Ltd.	Mercury X18G ファームウェア	MERCUSYS Mercury X18G デバイスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-25810	2021-12-27 12:27	2021-04-29	Show	GitHub Exploit DB Packet Storm

131264	7.5	重要 Network	Debian レッドハット	Red Hat Ansible Engine Debian GNU/Linux Ansible Tower Ansible Automation Platform	Ansible Engine における認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2021-20228	2021-12-27 12:27	2021-02-4	Show	GitHub Exploit DB Packet Storm

131265	8.8	重要 Network	Rukovoditel	Rukovoditel	Rukovoditel におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2021-30224	2021-12-27 12:27	2021-03-10	Show	GitHub Exploit DB Packet Storm

131266	5.5	警告 Local	samurai project	samurai	samurai における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2021-30219	2021-12-27 12:27	2021-04-4	Show	GitHub Exploit DB Packet Storm

131267	5.5	警告 Local	samurai project	samurai	samurai における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2021-30218	2021-12-27 12:27	2021-04-3	Show	GitHub Exploit DB Packet Storm

131268	9.8	緊急 Network	Pegasystems Inc.	Pega Infinity	Pega Infinity におけるパスワード管理機能に関する脆弱性	CWE-287 CWE-640	CVE-2021-27651	2021-12-27 12:27	2021-02-5	Show	GitHub Exploit DB Packet Storm

131269	6.5	警告 Network	アバイア	Callback Assist	Callback Assist における XML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2020-7036	2021-12-27 11:08	2020-01-14	Show	GitHub Exploit DB Packet Storm

131270	6.5	警告 Network	アバイア	Avaya Aura Orchestration Designer	Avaya Aura Orchestration Designer における XML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2020-7035	2021-12-27 11:08	2020-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
101	-		-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is a DoS vulnerability in AITextSummarizerBlock. Mali… New	CWE-405 CWE-770 Asymmetric Resource Consumption (Amplification) Allocation of Resources Without Limits or Throttling	CVE-2025-32394	2026-06-27 03:13	2026-06-27	Show	GitHub Exploit DB Packet Storm

102	-		-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is a DoS vulnerability in ExtractTextInformationBlock… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2025-32423	2026-06-27 03:13	2026-06-27	Show	GitHub Exploit DB Packet Storm

103	8.5	HIGH Network	-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP prot… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-56663	2026-06-27 03:13	2026-06-27	Show	GitHub Exploit DB Packet Storm

104	5.4	MEDIUM Network	-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to , the `POST /api/integrations/webhooks/{webhook_id}/ping` endpoint … New	CWE-284 CWE-639 Improper Access Control Authorization Bypass Through User-Controlled Key	CVE-2026-56823	2026-06-27 03:13	2026-06-27	Show	GitHub Exploit DB Packet Storm

105	5.3	MEDIUM Network	-	-	Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership… New	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-55686	2026-06-27 03:13	2026-06-27	Show	GitHub Exploit DB Packet Storm

106	7.5	HIGH Network	-	-	Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that v… New	CWE-200 CWE-668 Information Exposure Exposure of Resource to Wrong Sphere	CVE-2026-57231	2026-06-27 03:13	2026-06-27	Show	GitHub Exploit DB Packet Storm

107	9.1	CRITICAL Network	deno	deno	Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tls compatibility layer could cause a TLS client to transmit application data in plaintext … New	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2026-44726	2026-06-27 03:11	2026-06-24	Show	GitHub Exploit DB Packet Storm

108	5.4	MEDIUM Network	gitlab	gitlab	GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticat… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-5309	2026-06-27 03:05	2026-06-25	Show	GitHub Exploit DB Packet Storm

109	8.1	HIGH Network	caddyserver	caddy	Caddy is an extensible server platform that uses TLS by default. From 2.7.0 until 2.11.3, the FastCGI transport's splitPos() in modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go misuses golang.org/x/… New	CWE-20 CWE-176 CWE-178 Improper Input Validation Improper Handling of Unicode Encoding Improper Handling of Case Sensitivity	CVE-2026-45135	2026-06-27 03:04	2026-06-24	Show	GitHub Exploit DB Packet Storm

110	3.8	LOW Network	caddyserver	caddy	Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In th… New	CWE-187 CWE-863 Partial String Comparison Incorrect Authorization	CVE-2026-45692	2026-06-27 03:01	2026-06-24	Show	GitHub Exploit DB Packet Storm