Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131901 3.3
Local 		Google Android Android における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2021-25364 2021-12-22 15:04 2021-04-9 Show GitHub Exploit DB Packet Storm
131902 6.1 警告
Local 		Google Android Android における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2021-25363 2021-12-22 15:04 2021-04-9 Show GitHub Exploit DB Packet Storm
131903 6.1 警告
Local 		Google Android Android における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2021-25362 2021-12-22 15:04 2021-04-9 Show GitHub Exploit DB Packet Storm
131904 8.8 重要
Local 		Google Android Android におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-25361 2021-12-22 15:04 2021-04-9 Show GitHub Exploit DB Packet Storm
131905 7.8 重要
Local 		デル Dell Peripheral Manager Dell Peripheral Manager における制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2021-21545 2021-12-22 15:04 2021-04-12 Show GitHub Exploit DB Packet Storm
131906 9.3 緊急
Network 		ジュニパーネットワークス Junos OS Juniper Networks Junos OS における古典的バッファオーバーフローの脆弱性 CWE-120
CWE-79
CVE-2021-0268 2021-12-22 14:32 2021-04-14 Show GitHub Exploit DB Packet Storm
131907 7.8 重要
Local 		SolarWinds Orion Platform SolarWinds Orion Virtual Infrastructure Monitor における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2021-27277 2021-12-22 14:32 2021-03-25 Show GitHub Exploit DB Packet Storm
131908 8.6 重要
Network 		cdnetworks AquaNPlayer AquaNPlayer におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2020-7858 2021-12-22 14:32 2020-01-22 Show GitHub Exploit DB Packet Storm
131909 9.8 緊急
Network 		HashiCorp Terraform Provider HashiCorp Terraform Vault Provider における脆弱性 CWE-noinfo
情報不足 		CVE-2021-30476 2021-12-22 14:32 2021-03-13 Show GitHub Exploit DB Packet Storm
131910 7.5 重要
Network 		HashiCorp Vault HashiCorp Vault および Vault Enterprise における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2021-29653 2021-12-22 14:32 2021-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1151 8.6 HIGH
Network 		- - Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by… CWE-200
Information Exposure 		CVE-2026-49269 2026-06-26 04:14 2026-06-25 Show GitHub Exploit DB Packet Storm
1152 7.8 HIGH
Local 		- - Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privi… CWE-78
OS Command  		CVE-2026-46735 2026-06-26 04:14 2026-06-26 Show GitHub Exploit DB Packet Storm
1153 7.5 HIGH
Network 		- - Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration,… CWE-306
CWE-524
Missing Authentication for Critical Function
 Use of Cache Containing Sensitive Information 		CVE-2026-13007 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1154 7.8 HIGH
Local 		- - A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of … CWE-287
Improper Authentication 		CVE-2026-12112 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1155 4.3 MEDIUM
Network 		- - A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds r… CWE-125
Out-of-bounds Read 		CVE-2026-12891 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1156 4.4 MEDIUM
Local 		- - A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds re… CWE-125
Out-of-bounds Read 		CVE-2026-12892 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1157 8.8 HIGH
Network 		- - Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-41862 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1158 5.5 MEDIUM
Local 		- - Module: plugins/modules/keyring_info.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keycha… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-11819 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1159 - - - A denial-of-service (DoS) vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets.  An unauthenticated adjacent atta… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-12760 2026-06-26 04:10 2026-06-25 Show GitHub Exploit DB Packet Storm
1160 6.5 MEDIUM
Local 		- - A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity (namespace/name) solely from the request body with… CWE-287
Improper Authentication 		CVE-2026-13208 2026-06-26 04:10 2026-06-25 Show GitHub Exploit DB Packet Storm