Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131281 4.3 警告
Network 		Strategy11 Business Directory Plugin - Easy Listing Directories WordPress 用 Business Directory プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2021-24251 2022-01-6 17:29 2021-04-12 Show GitHub Exploit DB Packet Storm
131282 6.5 警告
Network 		Strategy11 Business Directory Plugin - Easy Listing Directories WordPress 用 Business Directory プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2021-24249 2022-01-6 17:29 2021-04-12 Show GitHub Exploit DB Packet Storm
131283 7.2 重要
Network 		Strategy11 Business Directory Plugin - Easy Listing Directories WordPress 用 Business Directory プラグインにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2021-24248 2022-01-6 17:29 2021-04-11 Show GitHub Exploit DB Packet Storm
131284 5.4 警告
Network 		MooveAgency contact-form-check-tester WordPress 用 Contact Form Check Tester プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-24247 2022-01-6 17:28 2021-04-10 Show GitHub Exploit DB Packet Storm
131285 9.8 緊急
Network 		imagements project imagements WordPress 用 Imagements プラグインにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2021-24236 2022-01-6 17:28 2021-04-8 Show GitHub Exploit DB Packet Storm
131286 7.5 重要
Network 		Schneider Electric PowerLogic ION8650 ファームウェア
PowerLogic ION8600 ファームウェア
PowerLogic ION7650 ファームウェア
PowerLogic ION7550 ファームウェア
PowerLogic ION7700 ファームウェア 		PowerLogic におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2021-22713 2022-01-6 17:15 2021-03-15 Show GitHub Exploit DB Packet Storm
131287 6.1 警告
Network 		Acexy Wireless-N WiFI Repeater project Acexy Wireless-N WIFI Repeater ファームウェア Acexy Wireless-N WIFI Repeater ファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-28160 2022-01-6 17:15 2021-03-19 Show GitHub Exploit DB Packet Storm
131288 8.8 重要
Network 		Cygwin Cygwin Git Cygwin Git における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2021-29468 2022-01-6 17:15 2021-04-24 Show GitHub Exploit DB Packet Storm
131289 4.3 警告
Network 		WordPress.org
Debian		 Debian GNU/Linux
WordPress 		WordPress における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2021-29450 2022-01-6 17:01 2021-04-15 Show GitHub Exploit DB Packet Storm
131290 6.1 警告
Network 		Ghost Foundation Ghost Ghost におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-29484 2022-01-6 17:00 2021-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
371 7.8 HIGH
Local 		imagemagick imagemagick ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger acc… New CWE-125
Out-of-bounds Read 		CVE-2026-56370 2026-06-27 06:50 2026-06-24 Show GitHub Exploit DB Packet Storm
372 7.5 HIGH
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, a Denial of Service (DoS) vu… New CWE-400
CWE-1333
 Uncontrolled Resource Consumption
 Inefficient Regular Expression Complexity 		CVE-2026-54268 2026-06-27 06:36 2026-06-23 Show GitHub Exploit DB Packet Storm
373 9.8 CRITICAL
Network 		langflow langflow IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Stream… New CWE-287
NVD-CWE-noinfo
Improper Authentication 		CVE-2026-7664 2026-06-27 06:29 2026-06-23 Show GitHub Exploit DB Packet Storm
374 6.1 MEDIUM
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary J… New CWE-79
Cross-site Scripting 		CVE-2026-8059 2026-06-27 06:27 2026-06-23 Show GitHub Exploit DB Packet Storm
375 7.5 HIGH
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys … New CWE-316
 Cleartext Storage of Sensitive Information in Memory 		CVE-2026-8636 2026-06-27 06:20 2026-06-23 Show GitHub Exploit DB Packet Storm
376 5.3 MEDIUM
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, … New CWE-425
 Direct Request ('Forced Browsing') 		CVE-2026-9610 2026-06-27 06:19 2026-06-23 Show GitHub Exploit DB Packet Storm
377 8.5 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist through DNS rebinding. The outbound fetch flow vali… New CWE-367
CWE-918
 Time-of-check Time-of-use (TOCTOU) Race Condition
Server-Side Request Forgery (SSRF)  		CVE-2026-54353 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm
378 8.2 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution paramete… New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-54351 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm
379 10.0 CRITICAL
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB… New CWE-89
CWE-943
SQL Injection
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-54350 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm
380 - - - Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires (Time-of-Check). However, the… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-52885 2026-06-27 06:16 2026-06-27 Show GitHub Exploit DB Packet Storm