Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 26, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131281 7.8 重要
Local 		Horner Automation Cscape Cscape における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2021-22678 2021-12-27 11:07 2021-04-22 Show GitHub Exploit DB Packet Storm
131282 6.5 警告
Network 		Fedora Project
Wireshark
オラクル		 Fedora
Wireshark
Oracle ZFS Storage Appliance Kit 		Wireshark における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2021-22207 2021-12-27 11:07 2021-04-21 Show GitHub Exploit DB Packet Storm
131283 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows 10
Microsoft Windows Server 2019
Microsoft Windows 11
Microsoft Windows Server 		複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43247 2021-12-24 18:09 2021-12-14 Show GitHub Exploit DB Packet Storm
131284 8.8 重要
Network 		npupnp project npupnp npupnp における同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2021-31718 2021-12-24 18:04 2021-04-25 Show GitHub Exploit DB Packet Storm
131285 6.1 警告
Network 		Directum Directum Directum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-31794 2021-12-24 18:04 2021-04-24 Show GitHub Exploit DB Packet Storm
131286 4.9 警告
Network 		Sonatype Inc. Nexus Repository Manager 3 Sonatype Nexus Repository Manager 3 における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2021-29158 2021-12-24 18:04 2021-04-22 Show GitHub Exploit DB Packet Storm
131287 7.8 重要
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows Server
Microsoft Windows RT 8.1
Microsoft Windows Server 2022
Microsoft Windows 8.1
M… 		複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43248 2021-12-24 17:48 2021-12-14 Show GitHub Exploit DB Packet Storm
131288 5.3 警告
Network 		PostCSS PostCSS postcss パッケージにおける脆弱性 CWE-Other
その他 		CVE-2021-23382 2021-12-24 17:21 2021-04-26 Show GitHub Exploit DB Packet Storm
131289 5.9 警告
Network 		The Foreman Foreman Foreman における重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2021-3494 2021-12-24 17:21 2021-04-9 Show GitHub Exploit DB Packet Storm
131290 5.3 警告
Network 		OrangeHRM OrangeHRM OrangeHRM における脆弱性 CWE-noinfo
情報不足 		CVE-2021-28399 2021-12-24 17:21 2021-04-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 26, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 8.1 HIGH
Network 		zoom meeting_software_development_kit
workplace 		Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privi… CWE-939
 Improper Authorization in Handler for Custom URL Scheme 		CVE-2026-53408 2026-06-17 03:59 2026-06-13 Show GitHub Exploit DB Packet Storm
2 7.2 HIGH
Network 		mariadb mariadb MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, a high… CWE-78
OS Command  		CVE-2026-48165 2026-06-17 03:58 2026-06-13 Show GitHub Exploit DB Packet Storm
3 6.1 MEDIUM
Local 		docker
mobyproject 		engine
moby
moby\/v2 		Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during … CWE-81
CWE-367
 Improper Neutralization of Script in an Error Message Web Page
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-41568 2026-06-17 03:31 2026-06-13 Show GitHub Exploit DB Packet Storm
4 7.2 HIGH
Local 		docker
mobyproject 		engine
moby
moby\/v2 		Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during … CWE-61
CWE-367
 UNIX Symbolic Link (Symlink) Following
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-42306 2026-06-17 03:31 2026-06-13 Show GitHub Exploit DB Packet Storm
5 5.5 MEDIUM
Local 		amd uprof Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-28237 2026-06-17 03:08 2026-06-10 Show GitHub Exploit DB Packet Storm
6 5.5 MEDIUM
Local 		amd uprof Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service. CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-0466 2026-06-17 03:05 2026-06-10 Show GitHub Exploit DB Packet Storm
7 5.5 MEDIUM
Local 		gpac gpac A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. CWE-416
 Use After Free 		CVE-2025-55650 2026-06-17 02:39 2026-06-16 Show GitHub Exploit DB Packet Storm
8 5.5 MEDIUM
Local 		gpac gpac A NULL pointer dereference in the gf_media_map_esd function (media_tools/isom_tools.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. CWE-476
 NULL Pointer Dereference 		CVE-2025-55649 2026-06-17 02:39 2026-06-16 Show GitHub Exploit DB Packet Storm
9 5.5 MEDIUM
Local 		gpac gpac A heap buffer overflow in the gf_opus_parse_packet_header function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. CWE-122
Heap-based Buffer Overflow 		CVE-2025-55648 2026-06-17 02:39 2026-06-16 Show GitHub Exploit DB Packet Storm
10 5.5 MEDIUM
Local 		gpac gpac An Out-of-Memory in the mp4_mux_cenc_insert_pssh function (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. CWE-190
 Integer Overflow or Wraparound 		CVE-2025-55647 2026-06-17 02:38 2026-06-16 Show GitHub Exploit DB Packet Storm