Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131501 9.8 緊急
Network 		Hame Technology Co., Limited Hame SD1 Wi-Fi ファームウェア Hame SD1 Wi-Fi ファームウェアにおける脆弱なパスワードの要求に関する脆弱性 CWE-521
脆弱なパスワードポリシー 		CVE-2021-26797 2022-01-4 12:02 2021-04-22 Show GitHub Exploit DB Packet Storm
131502 9.8 緊急
Network 		safe-flat project safe-flat safe-flat における脆弱性 CWE-Other
その他 		CVE-2021-25927 2022-01-4 12:02 2021-01-24 Show GitHub Exploit DB Packet Storm
131503 6.1 警告
Network 		cPanel cPanel cPanel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-31803 2022-01-4 12:02 2021-03-15 Show GitHub Exploit DB Packet Storm
131504 9.8 緊急
Network 		Akuvox C315 ファームウェア Akuvox C315 におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2021-31726 2022-01-4 12:02 2021-04-24 Show GitHub Exploit DB Packet Storm
131505 7 重要
Local 		pvrsrvkm.ko project pvrsrvkm.ko pvrsrvkm.ko における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-31795 2022-01-4 12:02 2021-03-31 Show GitHub Exploit DB Packet Storm
131506 7.5 重要
Network 		VOID Sistemas Aural Rec Monitor Void Aural Rec Monitor における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2021-25899 2022-01-4 12:02 2021-04-21 Show GitHub Exploit DB Packet Storm
131507 7.5 重要
Network 		VOID Sistemas Aural Rec Monitor Void Aural Rec Monitor における重要な情報の平文保存に関する脆弱性 CWE-312
CWE-798
CVE-2021-25898 2022-01-4 12:02 2021-04-21 Show GitHub Exploit DB Packet Storm
131508 7.8 重要
Local 		SUSE hawk2 複数の SUSE Linux Enterprise High Availability 用 hawk2 におけるアクセスパーミションでの一時ファイル作成に関する脆弱性 CWE-378
不適切なアクセスパーミションでの一時ファイル作成 		CVE-2021-25314 2022-01-4 12:02 2021-02-12 Show GitHub Exploit DB Packet Storm
131509 7.5 重要
Network 		シスコシステムズ Cisco Firepower Threat Defense ソフトウェア
Cisco Adaptive Security Appliance ソフトウェア 		Cisco Adaptive Security Appliance ソフトウェアおよび Cisco Firepower Threat Defense ソフトウェアにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2021-1501 2022-01-4 12:02 2021-04-28 Show GitHub Exploit DB Packet Storm
131510 5.3 警告
Network 		Snort.org
シスコシステムズ		 Cisco IOS XE
Cisco Firepower Threat Defense ソフトウェア
Snort 		複数の Cisco 製品における例外的な状態の処理に関する脆弱性 CWE-755
例外的な状態における不適切な処理 		CVE-2021-1495 2022-01-4 12:02 2021-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
641 6.5 MEDIUM
Network 		- - Unauthenticated Broken Access Control in User Registration <= 5.2.2 versions. New CWE-862
 Missing Authorization 		CVE-2026-52701 2026-06-27 03:17 2026-06-27 Show GitHub Exploit DB Packet Storm
642 7.5 HIGH
Network 		- - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete a… New CWE-444
HTTP Request Smuggling 		CVE-2026-48743 2026-06-27 03:17 2026-06-27 Show GitHub Exploit DB Packet Storm
643 5.9 MEDIUM
Network 		- - Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink (TcpSta… New CWE-120
Classic Buffer Overflow 		CVE-2026-48706 2026-06-27 03:17 2026-06-27 Show GitHub Exploit DB Packet Storm
644 5.9 MEDIUM
Network 		- - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution … New CWE-480
 Use of Incorrect Operator 		CVE-2026-48497 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm
645 7.5 HIGH
Network 		- - Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability has been identified in Envoy's zstd deco… New CWE-409
 Improper Handling of Highly Compressed Data (Data Amplification) 		CVE-2026-48044 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm
646 7.5 HIGH
Network 		- - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O(… New CWE-1124
CVE-2026-48042 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm
647 6.8 MEDIUM
Network 		- - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt()/decrypt() functions use AES-256… New CWE-209
CWE-327
Information Exposure Through an Error Message
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2026-47775 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm
648 - - - Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.9, Dragonfly has a RESP Protocol Injection via Lua redis.error_reply() in EvalSerializer. An authenticated u… New CWE-116
 Improper Encoding or Escaping of Output 		CVE-2026-47206 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm
649 9.6 CRITICAL
Network 		- - mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.3.10, mise processes .tool-versions files through the Tera template engine during parsing, with the exec() function regis… New CWE-94
Code Injection 		CVE-2026-33646 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm
650 5.0 MEDIUM
Network 		- - In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery (SSRF) vulnerability in the image import functionality allows authenticated users with the can_create_images entitlement to i… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-28385 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm