Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131741 9.8 緊急
Network 		マイクロソフト Microsoft Defender for IoT Microsoft Defender for IoT におけるリモートでコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2021-43882 2021-12-24 16:35 2021-12-14 Show GitHub Exploit DB Packet Storm
131742 6.1 警告
Local 		マイクロソフト Microsoft Windows 11 Microsoft Windows 11 における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43880 2021-12-24 16:35 2021-12-14 Show GitHub Exploit DB Packet Storm
131743 7.8 重要
Local 		マイクロソフト ASP.NET Core
Microsoft Visual Studio 		ASP.NET Core および Microsoft Visual Studio における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43877 2021-12-24 16:35 2021-12-14 Show GitHub Exploit DB Packet Storm
131744 7.8 重要
Local 		マイクロソフト Microsoft Office
Microsoft 365 Apps 		Microsoft 365 Apps および Office におけるリモートでコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2021-43875 2021-12-24 16:35 2021-12-14 Show GitHub Exploit DB Packet Storm
131745 7.8 重要
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows Server 2019
Microsoft Windows Server
Mic… 		複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-269
不適切な権限管理 		CVE-2021-43226 2021-12-24 15:13 2021-12-14 Show GitHub Exploit DB Packet Storm
131746 9.8 緊急
Network 		マイクロソフト Bot Framework SDK Bot Framework SDK におけるリモートでコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2021-43225 2021-12-24 15:13 2021-12-14 Show GitHub Exploit DB Packet Storm
131747 5.5 警告
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows Server 2019
Microsoft Windows Server
Mic… 		複数の Microsoft Windows 製品における情報を公開される脆弱性 CWE-668
誤った領域へのリソースの漏えい 		CVE-2021-43224 2021-12-24 15:13 2021-12-14 Show GitHub Exploit DB Packet Storm
131748 7.5 重要
Network 		マイクロソフト Microsoft Windows 11
Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows Server 2019
Microsoft Windows Server
Mic… 		複数の Microsoft Windows 製品における情報を公開される脆弱性 CWE-668
誤った領域へのリソースの漏えい 		CVE-2021-43222 2021-12-24 15:13 2021-12-14 Show GitHub Exploit DB Packet Storm
131749 9.8 緊急
Network 		マイクロソフト Microsoft Windows 11
Microsoft Windows 7
Microsoft Windows RT 8.1
Microsoft Windows Server 2019
Microsoft Windows Server
Mic… 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2021-43217 2021-12-24 15:13 2021-12-14 Show GitHub Exploit DB Packet Storm
131750 3.5
Network 		マイクロソフト Microsoft SharePoint Enterprise Server
Microsoft SharePoint Server 		Microsoft SharePoint におけるなりすまされる脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2021-42320 2021-12-24 15:13 2021-12-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
971 7.8 HIGH
Local 		- - Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this… CWE-284
Improper Access Control 		CVE-2026-46733 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
972 6.7 MEDIUM
Local 		- - Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privi… CWE-362
Race Condition 		CVE-2026-46732 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
973 - - - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML service provider implemen… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-46423 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
974 9.1 CRITICAL
Network 		- - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains … CWE-943
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-45689 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
975 9.1 CRITICAL
Network 		- - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the… CWE-943
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-45688 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
976 9.8 CRITICAL
Network 		- - Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker with remote access could poten… CWE-349
 Acceptance of Extraneous Untrusted Data With Trusted Data 		CVE-2026-41120 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
977 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php. This issue… CWE-89
SQL Injection 		CVE-2026-39955 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
978 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request parameter is retrieved via the raw accessor grv() (rather than gfrv() with FILTER… CWE-89
SQL Injection 		CVE-2026-39948 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
979 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdtool IPC serialization hardening. This issue has been… CWE-22
CWE-78
Path Traversal
OS Command  		CVE-2026-39938 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
980 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated into a RLIKE SQL clause without sanitization. The endpo… CWE-89
SQL Injection 		CVE-2026-39893 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm