Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131621 6.5 警告
Adjacent 		D-Link Systems, Inc. DAP-2020 ファームウェア D-Link DAP-2020 におけるファイル名やパス名の外部制御に関する脆弱性 CWE-73
ファイル名やパス名の外部制御 		CVE-2021-27250 2021-12-20 18:15 2021-02-24 Show GitHub Exploit DB Packet Storm
131622 8.8 重要
Adjacent 		D-Link Systems, Inc. DAP-2020 ファームウェア D-Link DAP-2020 における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-27249 2021-12-20 18:15 2021-02-24 Show GitHub Exploit DB Packet Storm
131623 8.8 重要
Adjacent 		D-Link Systems, Inc. DAP-2020 ファームウェア D-Link DAP-2020 におけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2021-27248 2021-12-20 18:15 2021-02-24 Show GitHub Exploit DB Packet Storm
131624 6.5 警告
Network 		Tencent Wechat Tencent WeChat における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2021-27247 2021-12-20 18:15 2021-02-24 Show GitHub Exploit DB Packet Storm
131625 8 重要
Adjacent 		TP-LINK Technologies AC 1750 ファームウェア TP-Link Archer A7 AC1750 におけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2021-27246 2021-12-20 18:15 2021-02-24 Show GitHub Exploit DB Packet Storm
131626 5.5 警告
Local 		Razer Inc. Razer Synapse Razer Synapse における不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2021-30494 2021-12-20 18:15 2021-04-13 Show GitHub Exploit DB Packet Storm
131627 5.5 警告
Local 		Razer Inc. Razer Synapse Razer Synapse における不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2021-30493 2021-12-20 18:15 2021-04-13 Show GitHub Exploit DB Packet Storm
131628 9.8 緊急
Network 		Orchard Project Orchard Orchard における危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2020-29592 2021-12-20 18:15 2020-12-7 Show GitHub Exploit DB Packet Storm
131629 5.5 警告
Local 		Linux Linux Kernel Linux Kernel における不完全なクリーンアップに関する脆弱性 CWE-459
不完全なクリーンアップ 		CVE-2020-36322 2021-12-20 18:15 2020-12-10 Show GitHub Exploit DB Packet Storm
131630 6.8 警告
Network 		ScratchOAuth2 project ScratchOAuth2 ScratchOAuth2 における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2021-29437 2021-12-20 18:15 2021-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
771 4.3 MEDIUM
Network 		- - Gogs is an open source self-hosted Git service. In 0.14.3 and earlier, any authenticated user can watch a private repository they have no access to, because the access check in the Watch API handler … New CWE-863
 Incorrect Authorization 		CVE-2026-52795 2026-06-26 01:16 2026-06-25 Show GitHub Exploit DB Packet Storm
772 - - - Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, Appsmith's bundled supervisord exposes an XML-RPC interface on port 9001, reachable from outside the contai… New CWE-183
CWE-918
 Permissive List of Allowed Inputs
Server-Side Request Forgery (SSRF)  		CVE-2026-50189 2026-06-26 01:16 2026-06-25 Show GitHub Exploit DB Packet Storm
773 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase<T>.Deserialize reads an attacker-controlled byteLength from an extension payload and allocat… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-48514 2026-06-26 01:16 2026-06-23 Show GitHub Exploit DB Packet Storm
774 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, runtime-generated union deserializers emitted by DynamicUnionResolver do not call MessagePackSecurity.DepthStep(ref … New CWE-674
 Uncontrolled Recursion 		CVE-2026-48513 2026-06-26 01:16 2026-06-23 Show GitHub Exploit DB Packet Storm
775 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's JSON conversion helpers contain multiple recursion paths that do not consistently enforce a dep… New CWE-674
 Uncontrolled Recursion 		CVE-2026-48512 2026-06-26 01:16 2026-06-23 Show GitHub Exploit DB Packet Storm
776 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, ExpandoObjectFormatter.Deserialize populates System.Dynamic.ExpandoObject by calling IDictionary<string, object>.Add… New CWE-407
 Inefficient Algorithmic Complexity 		CVE-2026-48511 2026-06-26 01:16 2026-06-23 Show GitHub Exploit DB Packet Storm
777 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from… New CWE-409
CWE-770
 Improper Handling of Highly Compressed Data (Data Amplification)
 Allocation of Resources Without Limits or Throttling 		CVE-2026-48510 2026-06-26 01:16 2026-06-23 Show GitHub Exploit DB Packet Storm
778 9.1 CRITICAL
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, the parameterless MessagePackInputFormatter() constructor uses default serializer options, which resolve to MessageP… New CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-48509 2026-06-26 01:16 2026-06-23 Show GitHub Exploit DB Packet Storm
779 4.4 MEDIUM
Network 		- - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, the ImageElement component in packages/gazzodown renders user-controlled src values directly into <a… New CWE-79
Cross-site Scripting 		CVE-2026-47733 2026-06-26 01:16 2026-06-25 Show GitHub Exploit DB Packet Storm
780 - - - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat allows users deactivated through… New CWE-613
 Insufficient Session Expiration 		CVE-2026-45757 2026-06-26 01:16 2026-06-25 Show GitHub Exploit DB Packet Storm