Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131411 7.5 重要
Local 		Parallels parallels desktop Parallels Desktop における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
CWE-667
CVE-2021-31422 2022-01-5 15:28 2021-04-14 Show GitHub Exploit DB Packet Storm
131412 6 警告
Local 		Parallels parallels desktop Parallels Desktop におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-31421 2022-01-5 15:28 2021-04-14 Show GitHub Exploit DB Packet Storm
131413 9.1 緊急
Network 		FOSSASIA SUSI.AI SUSI.AI における相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2020-4039 2022-01-5 15:28 2020-10-16 Show GitHub Exploit DB Packet Storm
131414 6.1 警告
Network 		Dogtag PKI Dogtag PKI pki-core におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-1721 2022-01-5 15:28 2020-11-4 Show GitHub Exploit DB Packet Storm
131415 6.5 警告
Network 		django-filter project
Fedora Project		 Fedora
django-filter 		django-filter における数値型間の変換の誤りに関する脆弱性 CWE-681
数値型間の変換の誤り 		CVE-2020-15225 2022-01-5 15:28 2020-09-27 Show GitHub Exploit DB Packet Storm
131416 8.6 重要
Network 		シスコシステムズ Cisco Firepower Threat Defense ソフトウェア Cisco Firepower Threat Defense ソフトウェアにおけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2021-1402 2022-01-5 15:28 2021-04-28 Show GitHub Exploit DB Packet Storm
131417 7.8 重要
Local 		Esri ArcGIS Earth Esri ArcGIS Earth におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-29100 2022-01-5 15:07 2021-05-3 Show GitHub Exploit DB Packet Storm
131418 4.9 警告
Network 		Chamilo Association Chamilo LMS Chamilo LMS における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2020-23128 2022-01-5 15:00 2020-04-22 Show GitHub Exploit DB Packet Storm
131419 8.8 重要
Network 		OpenEMR OpenEMR OpenEMR における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2021-32104 2022-01-5 14:47 2021-05-7 Show GitHub Exploit DB Packet Storm
131420 6.1 警告
Network 		LocalStack LocalStack StackLift LocalStack におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-32091 2022-01-5 14:25 2021-03-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
601 6.5 MEDIUM
Network 		wolfssl wolfssl PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the loc… Update CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-6329 2026-06-28 04:51 2026-06-26 Show GitHub Exploit DB Packet Storm
602 6.5 MEDIUM
Network 		wolfssl wolfssl The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The consta… Update CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2026-6330 2026-06-28 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
603 7.5 HIGH
Network 		wolfssl wolfssl HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signatur… Update CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-6331 2026-06-28 04:48 2026-06-26 Show GitHub Exploit DB Packet Storm
604 7.5 HIGH
Network 		wolfssl wolfssl PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted. Update CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-7511 2026-06-28 04:48 2026-06-26 Show GitHub Exploit DB Packet Storm
605 7.5 HIGH
Network 		wolfssl wolfssl iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP addr… Update CWE-295
Improper Certificate Validation  		CVE-2026-7532 2026-06-28 04:46 2026-06-26 Show GitHub Exploit DB Packet Storm
606 7.5 HIGH
Network 		wolfssl wolfssl wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the … Update CWE-354
 Improper Validation of Integrity Check Value 		CVE-2026-8720 2026-06-28 04:43 2026-06-26 Show GitHub Exploit DB Packet Storm
607 10.0 CRITICAL
Network 		wso2 api_manager The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled input within these headers. This omission allows an at… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-2053 2026-06-28 04:38 2026-06-26 Show GitHub Exploit DB Packet Storm
608 9.8 CRITICAL
Network 		jetbrains kotlin In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata Update CWE-502
 Deserialization of Untrusted Data 		CVE-2026-53914 2026-06-28 04:36 2026-06-26 Show GitHub Exploit DB Packet Storm
609 7.5 HIGH
Network 		jetbrains youtrack In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint Update CWE-862
 Missing Authorization 		CVE-2026-57921 2026-06-28 04:35 2026-06-26 Show GitHub Exploit DB Packet Storm
610 5.3 MEDIUM
Network 		jetbrains youtrack In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible Update CWE-862
 Missing Authorization 		CVE-2026-57922 2026-06-28 04:33 2026-06-26 Show GitHub Exploit DB Packet Storm