Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
131421	6.5	警告 Network	MikroTik	RouterOS	Mikrotik RouterOs におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2020-20247	2022-01-5 12:25	2020-05-10	Show	GitHub Exploit DB Packet Storm

131422	6.5	警告 Network	MikroTik	RouterOS	Mikrotik RouterOs におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2020-20218	2022-01-5 12:25	2020-05-10	Show	GitHub Exploit DB Packet Storm

131423	6.1	警告 Network	Apache Software Foundation Python Software Foundation	Python Apache Airflow	Apache Airflow におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-28359	2022-01-5 12:25	2021-05-2	Show	GitHub Exploit DB Packet Storm

131424	2.7	低 Network	デル	iDRAC9 ファームウェア	Dell EMC iDRAC9 における領域間での誤ったリソース移動に関する脆弱性	CWE-669 領域間での誤ったリソース移動	CVE-2021-21544	2022-01-5 12:25	2021-04-14	Show	GitHub Exploit DB Packet Storm

131425	4.8	警告 Network	デル	iDRAC9 ファームウェア	Dell EMC iDRAC9 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-21543	2022-01-5 12:25	2021-04-14	Show	GitHub Exploit DB Packet Storm

131426	4.8	警告 Network	デル	iDRAC9 ファームウェア	Dell EMC iDRAC9 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-21542	2022-01-5 12:25	2021-04-14	Show	GitHub Exploit DB Packet Storm

131427	6.1	警告 Network	デル	iDRAC9 ファームウェア	Dell EMC iDRAC9 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-21541	2022-01-5 12:24	2021-04-14	Show	GitHub Exploit DB Packet Storm

131428	8.1	重要 Network	デル	iDRAC9 ファームウェア	Dell EMC iDRAC9 における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-21540	2022-01-5 12:24	2021-04-14	Show	GitHub Exploit DB Packet Storm

131429	7.1	重要 Network	デル	iDRAC9 ファームウェア	Dell EMC iDRAC9 における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2021-21539	2022-01-5 12:24	2021-04-14	Show	GitHub Exploit DB Packet Storm

131430	6.1	警告 Network	LivingLogic	XIST4C	LivingLogic XIST4C におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-26122	2022-01-5 12:08	2021-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	6.5	MEDIUM Network	wolfssl	wolfssl	PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the loc… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6329	2026-06-28 04:51	2026-06-26	Show	GitHub Exploit DB Packet Storm

602	6.5	MEDIUM Network	wolfssl	wolfssl	The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The consta… New	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2026-6330	2026-06-28 04:50	2026-06-26	Show	GitHub Exploit DB Packet Storm

603	7.5	HIGH Network	wolfssl	wolfssl	HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signatur… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6331	2026-06-28 04:48	2026-06-26	Show	GitHub Exploit DB Packet Storm

604	7.5	HIGH Network	wolfssl	wolfssl	PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted. New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-7511	2026-06-28 04:48	2026-06-26	Show	GitHub Exploit DB Packet Storm

605	7.5	HIGH Network	wolfssl	wolfssl	iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP addr… New	CWE-295 Improper Certificate Validation	CVE-2026-7532	2026-06-28 04:46	2026-06-26	Show	GitHub Exploit DB Packet Storm

606	7.5	HIGH Network	wolfssl	wolfssl	wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the … New	CWE-354 Improper Validation of Integrity Check Value	CVE-2026-8720	2026-06-28 04:43	2026-06-26	Show	GitHub Exploit DB Packet Storm

607	10.0	CRITICAL Network	wso2	api_manager	The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled input within these headers. This omission allows an at… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-2053	2026-06-28 04:38	2026-06-26	Show	GitHub Exploit DB Packet Storm

608	9.8	CRITICAL Network	jetbrains	kotlin	In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata New	CWE-502 Deserialization of Untrusted Data	CVE-2026-53914	2026-06-28 04:36	2026-06-26	Show	GitHub Exploit DB Packet Storm

609	7.5	HIGH Network	jetbrains	youtrack	In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint New	CWE-862 Missing Authorization	CVE-2026-57921	2026-06-28 04:35	2026-06-26	Show	GitHub Exploit DB Packet Storm

610	5.3	MEDIUM Network	jetbrains	youtrack	In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible New	CWE-862 Missing Authorization	CVE-2026-57922	2026-06-28 04:33	2026-06-26	Show	GitHub Exploit DB Packet Storm