Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131631 7.8 重要
Local 		Quarkus
Gradle Inc.		 Quarkus
Gradle 		Unix 系システム上で稼動する Gradle におけるアクセスパーミションでの一時ファイル作成に関する脆弱性 CWE-378
CWE-379
CVE-2021-29428 2021-12-20 18:15 2021-03-10 Show GitHub Exploit DB Packet Storm
131632 7.5 重要
Network 		HCC Embedded NicheStack HCC Embedded InterNiche NicheStack における削除された特権に対する不適切なチェックに関する脆弱性 CWE-273
削除された特権に対する不適切なチェック 		CVE-2021-36762 2021-12-20 18:11 2021-08-10 Show GitHub Exploit DB Packet Storm
131633 7.5 重要
Network 		HCC Embedded
シーメンス		 SENTRON 3WA COM190 ファームウェア
NicheStack
SENTRON 3WL COM35 ファームウェア 		HCC embedded InterNiche における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2021-31401 2021-12-20 18:11 2021-08-4 Show GitHub Exploit DB Packet Storm
131634 9.3 緊急
Local 		Xylem Inc. AquaView Xylem 社製 AquaView においてハードコードされた認証情報の使用の脆弱性 - CVE-2021-42833 2021-12-20 17:46 2021-12-17 Show GitHub Exploit DB Packet Storm
131635 7.1 重要
Local 		Wibu-Systems AG CodeMeter Runtime Wibu-Systems 製 CodeMeter Runtime における不適切な権限管理の脆弱性 CWE-269
不適切な権限管理 		CVE-2021-41057 2021-12-20 17:31 2021-12-17 Show GitHub Exploit DB Packet Storm
131636 6.1 警告
Local 		Delta Electronics CNCSoft Delta Electronics 製 CNCSoft に境域外読み取りの脆弱性 CWE-125
境界外読み取り 		CVE-2021-44768 2021-12-20 17:24 2021-12-17 Show GitHub Exploit DB Packet Storm
131637 6.1 警告
Network 		ADTRAN Personal Phone Manager AdTran Personal Phone Manager ソフトウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-25680 2021-12-20 15:42 2021-04-18 Show GitHub Exploit DB Packet Storm
131638 7.5 重要
Network 		ADTRAN Personal Phone Manager AdTran Personal Phone Manager における脆弱性 CWE-noinfo
情報不足 		CVE-2021-25681 2021-12-20 14:58 2021-04-18 Show GitHub Exploit DB Packet Storm
131639 5.7 警告
Network 		Telegram Telegram iOS 用 Telegram app における脆弱性 CWE-noinfo
情報不足 		CVE-2021-30496 2021-12-20 14:56 2021-04-9 Show GitHub Exploit DB Packet Storm
131640 5.5 警告
Local 		Linux
Fedora Project		 Fedora
Linux Kernel 		Linux Kernel における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2021-29155 2021-12-20 14:56 2021-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
721 7.5 HIGH
Network 		- - Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2.74.0, the USPTO patent XML parser used the standard … New CWE-776
XML Entity Expansion 		CVE-2026-44020 2026-06-26 03:16 2026-06-25 Show GitHub Exploit DB Packet Storm
722 - - - Gogs is an open source self-hosted Git service. Prior to 0.14.3, when ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled, Gogs accepts the configured authentication header (default: X-WEBAUTH-USER) direc… New CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-25119 2026-06-26 03:16 2026-06-25 Show GitHub Exploit DB Packet Storm
723 7.5 HIGH
Network 		- - An issue in the t_set_push component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. New CWE-89
SQL Injection 		CVE-2025-61027 2026-06-26 03:16 2026-06-24 Show GitHub Exploit DB Packet Storm
724 7.5 HIGH
Network 		google chrome Use after free in Web Authentication in Google Chrome prior to 149.0.7827.197 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a cr… New CWE-416
 Use After Free 		CVE-2026-13029 2026-06-26 03:12 2026-06-25 Show GitHub Exploit DB Packet Storm
725 5.3 MEDIUM
Network 		google chrome Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi… New CWE-457
 Use of Uninitialized Variable 		CVE-2026-13030 2026-06-26 03:12 2026-06-25 Show GitHub Exploit DB Packet Storm
726 8.8 HIGH
Network 		google chrome Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New CWE-416
 Use After Free 		CVE-2026-13031 2026-06-26 03:12 2026-06-25 Show GitHub Exploit DB Packet Storm
727 9.6 CRITICAL
Network 		google chrome Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Cri… New CWE-416
 Use After Free 		CVE-2026-13032 2026-06-26 03:12 2026-06-25 Show GitHub Exploit DB Packet Storm
728 8.8 HIGH
Network 		google chrome Out of bounds read and write in Blink>InterestGroups in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity:… New CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2026-13033 2026-06-26 03:11 2026-06-25 Show GitHub Exploit DB Packet Storm
729 8.8 HIGH
Network 		- - Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the J… New CWE-862
 Missing Authorization 		CVE-2026-56115 2026-06-26 02:17 2026-06-24 Show GitHub Exploit DB Packet Storm
730 5.4 MEDIUM
Network 		- - Gogs is an open source self-hosted Git service. Prior to 0.14.3, an open redirect vulnerability exists in Gogs where attacker-controlled redirect_to parameters can bypass validation, allowing redirec… New CWE-601
Open Redirect 		CVE-2026-52802 2026-06-26 02:16 2026-06-25 Show GitHub Exploit DB Packet Storm