Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131441 5.8 警告
Network 		HedgeDoc HedgeDoc HedgeDoc におけるパストラバーサルの脆弱性 CWE-20
CWE-22
CVE-2021-29474 2022-01-4 18:05 2021-04-26 Show GitHub Exploit DB Packet Storm
131442 2.5
Local 		Exiv2 project
Debian
Fedora Project		 Debian GNU/Linux
Exiv2
Fedora 		Exiv2 における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2021-29473 2022-01-4 18:05 2021-04-25 Show GitHub Exploit DB Packet Storm
131443 5.4 警告
Network 		TYPO3 Association TYPO3 TYPO3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-21365 2022-01-4 17:58 2021-04-27 Show GitHub Exploit DB Packet Storm
131444 9.8 緊急
Network 		Kenneth Reitz Requests Requests における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2021-29476 2022-01-4 17:37 2021-04-27 Show GitHub Exploit DB Packet Storm
131445 3.3
Local 		Google Exposure Notifications API for Android Android 用 GAEN における重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2021-31815 2022-01-4 17:37 2021-04-27 Show GitHub Exploit DB Packet Storm
131446 7.2 重要
Network 		Prisma Prisma Prisma における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-21414 2022-01-4 17:28 2021-03-26 Show GitHub Exploit DB Packet Storm
131447 7.5 重要
Network 		miraheze ManageWiki ManageWiki における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2021-29483 2022-01-4 17:28 2021-04-29 Show GitHub Exploit DB Packet Storm
131448 7.5 重要
Network 		アバイア Equinox Conferencing Avaya Equinox Conferencing における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2020-7038 2022-01-4 17:28 2020-01-14 Show GitHub Exploit DB Packet Storm
131449 8.1 重要
Network 		アバイア Equinox Conferencing Avaya Equinox Conferencing における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2020-7037 2022-01-4 17:28 2020-01-14 Show GitHub Exploit DB Packet Storm
131450 3.3
Local 		OpenAPI-Generator Contributors OpenAPI Generator OpenAPI Generator における外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2021-21429 2022-01-4 17:27 2021-02-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
511 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, Angular's HttpTransferCache … New CWE-328
CWE-345
 Use of Weak Hash
 Insufficient Verification of Data Authenticity 		CVE-2026-54266 2026-06-27 04:37 2026-06-23 Show GitHub Exploit DB Packet Storm
512 7.5 HIGH
Network 		aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, if an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-54274 2026-06-27 04:37 2026-06-23 Show GitHub Exploit DB Packet Storm
513 7.5 HIGH
Network 		aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the server_hostname TLS SNI check can be bypassed when an existing connection is reused. If an applica… New CWE-297
 Improper Validation of Certificate with Host Mismatch 		CVE-2026-54275 2026-06-27 04:36 2026-06-23 Show GitHub Exploit DB Packet Storm
514 7.5 HIGH
Network 		aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() l… New CWE-665
 Improper Initialization 		CVE-2026-54279 2026-06-27 04:36 2026-06-23 Show GitHub Exploit DB Packet Storm
515 7.5 HIGH
Network 		aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a pa… New CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-54280 2026-06-27 04:35 2026-06-23 Show GitHub Exploit DB Packet Storm
516 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side boot… New CWE-79
CWE-471
Cross-site Scripting
 Modification of Assumed-Immutable Data (MAID) 		CVE-2026-54267 2026-06-27 04:35 2026-06-23 Show GitHub Exploit DB Packet Storm
517 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an issue in the @angular/com… New CWE-79
Cross-site Scripting 		CVE-2026-54265 2026-06-27 04:35 2026-06-23 Show GitHub Exploit DB Packet Storm
518 6.1 MEDIUM
Network 		angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in th… New CWE-79
Cross-site Scripting 		CVE-2026-52725 2026-06-27 04:34 2026-06-23 Show GitHub Exploit DB Packet Storm
519 5.8 MEDIUM
Network 		guzzlephp guzzle Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain() removes lea… New CWE-346
CWE-1286
 Origin Validation Error
 Improper Validation of Syntactic Correctness of Input 		CVE-2026-55767 2026-06-27 04:34 2026-06-24 Show GitHub Exploit DB Packet Storm
520 5.9 MEDIUM
Network 		guzzlephp guzzle Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the proxy is transmitted in cleartext. Proxy authentication … New CWE-311
CWE-319
CWE-636
Missing Encryption of Sensitive Data
Cleartext Transmission of Sensitive Information
 Not Failing Securely ('Failing Open') 		CVE-2026-55568 2026-06-27 04:34 2026-06-24 Show GitHub Exploit DB Packet Storm