Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131351 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31758 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131352 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31757 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131353 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31756 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131354 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31755 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131355 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31460 2022-01-6 09:57 2021-05-6 Show GitHub Exploit DB Packet Storm
131356 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31459 2022-01-6 09:57 2021-05-6 Show GitHub Exploit DB Packet Storm
131357 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31458 2022-01-6 09:57 2021-05-6 Show GitHub Exploit DB Packet Storm
131358 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31457 2022-01-6 09:56 2021-05-6 Show GitHub Exploit DB Packet Storm
131359 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31456 2022-01-6 09:56 2021-05-6 Show GitHub Exploit DB Packet Storm
131360 9.8 緊急
Network 		Exim Development Exim Exim における引数の挿入または変更に関する脆弱性 CWE-88
引数の挿入または変更 		CVE-2020-28026 2022-01-6 09:56 2020-10-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
281 5.3 MEDIUM
Network 		- - Unauthenticated Content Injection in Auros Core <= 5.3.1 versions. Update CWE-80
Basic XSS 		CVE-2025-64637 2026-06-30 01:16 2026-06-27 Show GitHub Exploit DB Packet Storm
282 9.8 CRITICAL
Network 		rclone rclone Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requ… Update CWE-306
CWE-78
Missing Authentication for Critical Function
OS Command  		CVE-2026-49980 2026-06-30 01:11 2026-06-25 Show GitHub Exploit DB Packet Storm
283 2.7 LOW
Network 		appsmith appsmith Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values a… Update CWE-209
CWE-918
Information Exposure Through an Error Message
Server-Side Request Forgery (SSRF)  		CVE-2026-49979 2026-06-30 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
284 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2024-11171 (commit bb58a2d0) added limits: { fileSize } to createMulterInstance() in th… Update CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-54024 2026-06-30 01:03 2026-06-26 Show GitHub Exploit DB Packet Storm
285 5.4 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, there is a vulnerability in LibreChat's markdown artifact preview pipeline. The marked library v15.0.12… Update CWE-79
Cross-site Scripting 		CVE-2026-54025 2026-06-30 01:02 2026-06-26 Show GitHub Exploit DB Packet Storm
286 7.1 HIGH
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/auth/2fa/backup/regenerate endpoint regenerates all 2FA backup codes without requiring an… Update CWE-306
Missing Authentication for Critical Function 		CVE-2026-54040 2026-06-30 01:00 2026-06-26 Show GitHub Exploit DB Packet Storm
287 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2025-7105 added forkIpLimiter and forkUserLimiter rate limiters to POST /api/convos/for… Update CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-54037 2026-06-30 00:54 2026-06-26 Show GitHub Exploit DB Packet Storm
288 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This U… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-54033 2026-06-30 00:39 2026-06-26 Show GitHub Exploit DB Packet Storm
289 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete an… Update CWE-862
 Missing Authorization 		CVE-2026-54029 2026-06-30 00:36 2026-06-26 Show GitHub Exploit DB Packet Storm
290 5.4 MEDIUM
Network 		- - nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and … New CWE-444
HTTP Request Smuggling 		CVE-2026-58055 2026-06-30 00:16 2026-06-28 Show GitHub Exploit DB Packet Storm