Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
131741	9.8	緊急 Network	マイクロソフト	Microsoft Defender for IoT	Microsoft Defender for IoT におけるリモートでコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2021-43882	2021-12-24 16:35	2021-12-14	Show	GitHub Exploit DB Packet Storm

131742	6.1	警告 Local	マイクロソフト	Microsoft Windows 11	Microsoft Windows 11 における権限を昇格される脆弱性	CWE-269 不適切な権限管理	CVE-2021-43880	2021-12-24 16:35	2021-12-14	Show	GitHub Exploit DB Packet Storm

131743	7.8	重要 Local	マイクロソフト	ASP.NET Core Microsoft Visual Studio	ASP.NET Core および Microsoft Visual Studio における権限を昇格される脆弱性	CWE-269 不適切な権限管理	CVE-2021-43877	2021-12-24 16:35	2021-12-14	Show	GitHub Exploit DB Packet Storm

131744	7.8	重要 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps	Microsoft 365 Apps および Office におけるリモートでコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2021-43875	2021-12-24 16:35	2021-12-14	Show	GitHub Exploit DB Packet Storm

131745	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows 7 Microsoft Windows RT 8.1 Microsoft Windows Server 2019 Microsoft Windows Server Mic…	複数の Microsoft Windows 製品における権限を昇格される脆弱性	CWE-269 不適切な権限管理	CVE-2021-43226	2021-12-24 15:13	2021-12-14	Show	GitHub Exploit DB Packet Storm

131746	9.8	緊急 Network	マイクロソフト	Bot Framework SDK	Bot Framework SDK におけるリモートでコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2021-43225	2021-12-24 15:13	2021-12-14	Show	GitHub Exploit DB Packet Storm

131747	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows 7 Microsoft Windows RT 8.1 Microsoft Windows Server 2019 Microsoft Windows Server Mic…	複数の Microsoft Windows 製品における情報を公開される脆弱性	CWE-668 誤った領域へのリソースの漏えい	CVE-2021-43224	2021-12-24 15:13	2021-12-14	Show	GitHub Exploit DB Packet Storm

131748	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 Microsoft Windows 7 Microsoft Windows RT 8.1 Microsoft Windows Server 2019 Microsoft Windows Server Mic…	複数の Microsoft Windows 製品における情報を公開される脆弱性	CWE-668 誤った領域へのリソースの漏えい	CVE-2021-43222	2021-12-24 15:13	2021-12-14	Show	GitHub Exploit DB Packet Storm

131749	9.8	緊急 Network	マイクロソフト	Microsoft Windows 11 Microsoft Windows 7 Microsoft Windows RT 8.1 Microsoft Windows Server 2019 Microsoft Windows Server Mic…	複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2021-43217	2021-12-24 15:13	2021-12-14	Show	GitHub Exploit DB Packet Storm

131750	3.5	低 Network	マイクロソフト	Microsoft SharePoint Enterprise Server Microsoft SharePoint Server	Microsoft SharePoint におけるなりすまされる脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2021-42320	2021-12-24 15:13	2021-12-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
941	9.8	CRITICAL Network	wolfssl	wolfssl	Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still…	CWE-416 Use After Free	CVE-2026-7531	2026-06-27 01:53	2026-06-26	Show	GitHub Exploit DB Packet Storm

942	7.5	HIGH Network	wolfssl	wolfssl	The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19…	CWE-682 Incorrect Calculation	CVE-2026-10512	2026-06-27 01:53	2026-06-26	Show	GitHub Exploit DB Packet Storm

943	6.5	MEDIUM Network	rtklib	rtklib	RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count va…	CWE-122 Heap-based Buffer Overflow	CVE-2026-56789	2026-06-27 01:53	2026-06-26	Show	GitHub Exploit DB Packet Storm

944	7.5	HIGH Network	rtklib	rtklib	RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via craft…	CWE-193 Off-by-one Error	CVE-2026-56787	2026-06-27 01:53	2026-06-26	Show	GitHub Exploit DB Packet Storm

945	9.8	CRITICAL Network	rtklib	rtklib	RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fi…	CWE-787 Out-of-bounds Write	CVE-2026-56786	2026-06-27 01:52	2026-06-26	Show	GitHub Exploit DB Packet Storm

946	9.8	CRITICAL Network	anysphere	cursor	Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default. Before a Write, the agent canonicalizes the target path to confirm it…	CWE-59 Link Following	CVE-2026-50549	2026-06-27 01:51	2026-06-26	Show	GitHub Exploit DB Packet Storm

947	9.8	CRITICAL Network	anysphere	cursor	Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working director…	CWE-22 Path Traversal	CVE-2026-50548	2026-06-27 01:51	2026-06-26	Show	GitHub Exploit DB Packet Storm

948	6.5	MEDIUM Network	wolfssl	wolfssl	Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData using RSA PKCS#1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RS…	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-6291	2026-06-27 01:51	2026-06-26	Show	GitHub Exploit DB Packet Storm

949	9.1	CRITICAL Network	wolfssl	wolfssl	Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS.	CWE-125 Out-of-bounds Read	CVE-2026-6094	2026-06-27 01:51	2026-06-26	Show	GitHub Exploit DB Packet Storm

950	6.5	MEDIUM Network	wolfssl	wolfssl	Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that end…	CWE-295 Improper Certificate Validation	CVE-2026-6091	2026-06-27 01:50	2026-06-26	Show	GitHub Exploit DB Packet Storm