Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131331 7.8 重要
Local 		マイクロソフト Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2… 		複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43229 2021-12-24 14:43 2021-12-14 Show GitHub Exploit DB Packet Storm
131332 7.8 重要
Local 		マイクロソフト Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2… 		複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43230 2021-12-24 14:43 2021-12-14 Show GitHub Exploit DB Packet Storm
131333 5.3 警告
Network 		三菱電機 GX Works2 三菱電機製 GX Works2 における長さパラメータの不整合時の不適切な取り扱いに関する脆弱性 CWE-130
レングスパラメーターの不整合による不適切な処理 		CVE-2021-20608 2021-12-24 14:32 2021-12-16 Show GitHub Exploit DB Packet Storm
131334 - - Saviynt Saviynt IGA Release Saviynt 製 Enterprise Identity Cloud における複数の脆弱性 - - 2021-12-24 14:25 2021-12-23 Show GitHub Exploit DB Packet Storm
131335 5.5 警告
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2022
Microsoft Windows Server
Microsoft Windows Server 2016
Microsoft Windows Ser… 		複数の Microsoft Windows 製品における情報を公開される脆弱性 CWE-668
誤った領域へのリソースの漏えい 		CVE-2021-43235 2021-12-24 14:24 2021-12-14 Show GitHub Exploit DB Packet Storm
131336 7.8 重要
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows 10
Microsoft Windows Server
Microsoft Windows Server 2022 		複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43237 2021-12-24 14:24 2021-12-14 Show GitHub Exploit DB Packet Storm
131337 7.8 重要
Local 		マイクロソフト Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2… 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2021-43234 2021-12-24 14:24 2021-12-14 Show GitHub Exploit DB Packet Storm
131338 7.5 重要
Network 		マイクロソフト Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2… 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2021-43233 2021-12-24 14:24 2021-12-14 Show GitHub Exploit DB Packet Storm
131339 7.8 重要
Local 		マイクロソフト Microsoft Windows RT 8.1
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2022
Microsoft Windows&nbs… 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2021-43232 2021-12-24 14:24 2021-12-14 Show GitHub Exploit DB Packet Storm
131340 7.5 重要
Network 		マイクロソフト Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2… 		複数の Microsoft Windows 製品における情報を公開される脆弱性 CWE-noinfo
情報不足 		CVE-2021-43236 2021-12-24 14:24 2021-12-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 5.3 MEDIUM
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XP… New CWE-416
 Use After Free 		CVE-2026-57437 2026-06-27 01:47 2026-06-26 Show GitHub Exploit DB Packet Storm
172 5.3 MEDIUM
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Document#root= validated only that the new root was a Nokogiri::XML::Node, allowing … New CWE-416
 Use After Free 		CVE-2026-57436 2026-06-27 01:47 2026-06-26 Show GitHub Exploit DB Packet Storm
173 3.8 LOW
Network 		mattermost mattermost_server Mattermost versions 11.7.x <= 11.7.0, 10.11.x <= 10.11.17 fail to validate bot targets when demoting users to guests which allows a lower-privileged administrator to degrade arbitrary bot accounts vi… New CWE-863
 Incorrect Authorization 		CVE-2026-8823 2026-06-27 01:39 2026-06-23 Show GitHub Exploit DB Packet Storm
174 10.0 CRITICAL
Network 		traefik traefik Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS configuration selection that allows unauthenticated clients to byp… New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-53622 2026-06-27 01:39 2026-06-24 Show GitHub Exploit DB Packet Storm
175 7.1 HIGH
Network 		traefik traefik Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces al… New CWE-284
CWE-863
Improper Access Control
 Incorrect Authorization 		CVE-2026-54761 2026-06-27 01:37 2026-06-24 Show GitHub Exploit DB Packet Storm
176 8.6 HIGH
Network 		traefik traefik Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to… New CWE-636
CWE-693
 Not Failing Securely ('Failing Open')
 Protection Mechanism Failure 		CVE-2026-54762 2026-06-27 01:37 2026-06-24 Show GitHub Exploit DB Packet Storm
177 7.5 HIGH
Network 		- - Parse Server before 4.10.0 contains a supply chain vulnerability where incorrect version tags were pushed to the repository linking to unreviewed code in a personal fork. Attackers could exploit this… New CWE-494
 Download of Code Without Integrity Check 		CVE-2021-47986 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm
178 7.5 HIGH
Network 		- - Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is no… New CWE-73
 External Control of File Name or Path 		CVE-2025-71324 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm
179 9.1 CRITICAL
Network 		- - Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint that allows unauthenticated attackers to create user accounts. Remote attackers can exploi… New CWE-306
Missing Authentication for Critical Function 		CVE-2025-71327 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm
180 8.3 HIGH
Network 		- - Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings (Security) section without supplying t… New CWE-620
 Unverified Password Change 		CVE-2025-71328 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm