Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131851 6.1 警告
Network 		FecMall FecMall yii2_fecshop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-22808 2021-12-22 18:03 2020-05-26 Show GitHub Exploit DB Packet Storm
131852 9.8 緊急
Network 		Vtiger Vtiger CRM vtiger crm における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2020-22807 2021-12-22 18:03 2020-04-10 Show GitHub Exploit DB Packet Storm
131853 9.8 緊急
Network 		Sebastian Hildebrandt systeminformation systeminformation における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-21388 2021-12-22 18:03 2021-03-15 Show GitHub Exploit DB Packet Storm
131854 7.5 重要
Network 		シスコシステムズ Cisco Adaptive Security Appliance ソフトウェア
Cisco Firepower Threat Defense ソフトウェア 		Cisco Adaptive Security Appliance および Firepower Threat Defense ソフトウェアにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-1504 2021-12-22 18:03 2021-04-28 Show GitHub Exploit DB Packet Storm
131855 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. G1 ファームウェア
G3 ファームウェア 		Tenda G1 および G3 ルータのファームウェアにおける OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-27692 2021-12-22 17:59 2021-02-23 Show GitHub Exploit DB Packet Storm
131856 7.5 重要
Network 		HashiCorp Vault HashiCorp Vault および Vault Enterprise Cassandra integrations における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2021-27400 2021-12-22 17:58 2021-04-21 Show GitHub Exploit DB Packet Storm
131857 6.5 警告
Network 		FusionAuth fusionauth-samlv2 FusionAuth fusionauth-samlv2 における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2021-27736 2021-12-22 17:58 2021-02-7 Show GitHub Exploit DB Packet Storm
131858 7.8 重要
Local 		Matthias Wandel jhead jhead における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-3496 2021-12-22 17:58 2021-04-13 Show GitHub Exploit DB Packet Storm
131859 8.1 重要
Network 		チェック・ポイント・ソフトウェア・テクノロジーズ Identity Agent Check Point Identity Agent における脆弱性 CWE-noinfo
情報不足 		CVE-2021-30356 2021-12-22 17:58 2021-04-22 Show GitHub Exploit DB Packet Storm
131860 7.5 重要
Network 		ABUS Secvest Wireless Alarm System FUAA50000 ファームウェア ABUS Secvest wireless alarm system FUAA50000 における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2020-28973 2021-12-22 17:58 2020-11-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1111 9.8 CRITICAL
Network 		kidocode crawl4ai Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentic… CWE-798
 Use of Hard-coded Credentials 		CVE-2026-56265 2026-06-26 22:52 2026-06-21 Show GitHub Exploit DB Packet Storm
1112 9.1 CRITICAL
Network 		imagemagick imagemagick ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on … CWE-125
Out-of-bounds Read 		CVE-2026-56367 2026-06-26 22:50 2026-06-21 Show GitHub Exploit DB Packet Storm
1113 8.2 HIGH
Network 		imagemagick imagemagick ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during… CWE-125
Out-of-bounds Read 		CVE-2026-56378 2026-06-26 22:41 2026-06-21 Show GitHub Exploit DB Packet Storm
1114 7.8 HIGH
Local 		langflow langflow A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to … CWE-74
CWE-94
Injection
Code Injection 		CVE-2026-12822 2026-06-26 22:35 2026-06-22 Show GitHub Exploit DB Packet Storm
1115 7.5 HIGH
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri’s CRuby native extension could leave a Ruby wrapper pointing to freed memory when replacin… CWE-416
CWE-825
 Use After Free
 Expired Pointer Dereference 		CVE-2026-57435 2026-06-26 22:32 2026-06-26 Show GitHub Exploit DB Packet Storm
1116 7.5 HIGH
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper … CWE-476
 NULL Pointer Dereference 		CVE-2026-57434 2026-06-26 22:32 2026-06-26 Show GitHub Exploit DB Packet Storm
1117 8.2 HIGH
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., a non-string, or a string containing a n… CWE-416
 Use After Free 		CVE-2026-57236 2026-06-26 22:32 2026-06-26 Show GitHub Exploit DB Packet Storm
1118 8.2 HIGH
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice) checked the requested index against the node set's… CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2026-57235 2026-06-26 22:32 2026-06-26 Show GitHub Exploit DB Packet Storm
1119 8.1 HIGH
Network 		apache doris_mcp_server Apache Doris MCP Server contains a SQL injection vulnerability in a metadata query path. A user-controlled database name is directly interpolated into a SQL query, and the query is executed without p… CWE-89
SQL Injection 		CVE-2025-66336 2026-06-26 22:28 2026-06-22 Show GitHub Exploit DB Packet Storm
1120 9.8 CRITICAL
Network 		jetbrains hub In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was p… CWE-306
Missing Authentication for Critical Function 		CVE-2026-50242 2026-06-26 22:20 2026-06-19 Show GitHub Exploit DB Packet Storm