Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131351 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31758 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131352 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31757 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131353 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31756 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131354 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. AC11 ファームウェア Tenda AC11 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31755 2022-01-6 09:57 2021-04-21 Show GitHub Exploit DB Packet Storm
131355 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31460 2022-01-6 09:57 2021-05-6 Show GitHub Exploit DB Packet Storm
131356 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31459 2022-01-6 09:57 2021-05-6 Show GitHub Exploit DB Packet Storm
131357 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31458 2022-01-6 09:57 2021-05-6 Show GitHub Exploit DB Packet Storm
131358 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31457 2022-01-6 09:56 2021-05-6 Show GitHub Exploit DB Packet Storm
131359 7.8 重要
Local 		Foxit Software Inc Foxit Reader
Foxit PhantomPDF 		Foxit Reader における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-31456 2022-01-6 09:56 2021-05-6 Show GitHub Exploit DB Packet Storm
131360 9.8 緊急
Network 		Exim Development Exim Exim における引数の挿入または変更に関する脆弱性 CWE-88
引数の挿入または変更 		CVE-2020-28026 2022-01-6 09:56 2020-10-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
381 7.5 HIGH
Network 		- - In the Linux kernel, the following vulnerability has been resolved: fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling A SOFTIRQ-safe to SOFTIRQ-unsafe lock order deadlock can occur in sen… Update - CVE-2026-52946 2026-06-29 15:16 2026-06-25 Show GitHub Exploit DB Packet Storm
382 6.3 MEDIUM
Network 		joomlaworks k2 The K2 frontend article-attachment upload path accepts files whose extension is `.php`, and Apache's standard mod_php matches `\.php$` and executes them under the K2 web user. A K2 Author can upload … Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-48946 2026-06-29 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
383 5.3 MEDIUM
Network 		joomlaworks k2 The K2 article gallery upload path accepts a zip/tar archive, extracts it under `/media/k2/galleries/<id>/`, and only renames image files (gif/jpg/jpeg/png/webp) to safe names — non-image files (incl… Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-48945 2026-06-29 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
384 6.5 MEDIUM
Network 		joomlaworks k2 The K2 frontend article-save handler accepts an `attachment[N][existing]` POST field that is concatenated with `JPATH_SITE/` and passed to `JFile::copy()`. `JPath::clean` does NOT strip `..`, and the… Update CWE-22
Path Traversal 		CVE-2026-48944 2026-06-29 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
385 6.5 MEDIUM
Network 		joomlaworks k2 K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin `plg_user_k2`. A Registered Joomla user, by including the field `K2UserForm=1` in a standard `com_users` `profile.save` POST, … Update CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-48943 2026-06-29 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
386 6.1 MEDIUM
Network 		joomlaworks k2 K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping. Update CWE-79
Cross-site Scripting 		CVE-2026-48942 2026-06-29 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
387 6.5 MEDIUM
Network 		joomlaworks k2 The K2 frontend `item.checkin` task accepts an unauthenticated `sigProFolder` query parameter and uses it directly to address a `JFolder::delete()` call under `/media/k2/galleries/` Update CWE-862
 Missing Authorization 		CVE-2026-48941 2026-06-29 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
388 3.4 LOW
Network 		joomlaworks k2 A Joomla user with K2 "create item" rights (Author tier by default) can submit an article whose `embedVideo` POST field contains a raw `<script>` tag; K2 stores it verbatim and renders it unescaped t… Update CWE-79
Cross-site Scripting 		CVE-2026-48940 2026-06-29 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
389 8.8 HIGH
Local 		- - In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfio_pci_core_close_device() call vfio_pci_dma_buf_… New - CVE-2026-53322 2026-06-28 17:16 2026-06-27 Show GitHub Exploit DB Packet Storm
390 9.8 CRITICAL
Network 		- - In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison The local-vs-remote region comparison loop uses '<=' instead o… New - CVE-2026-53309 2026-06-28 17:16 2026-06-27 Show GitHub Exploit DB Packet Storm