Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
132101 9.8 緊急
Network 		クアルコム AR8035 ファームウェア
AR8031 ファームウェア
APQ8009 ファームウェア
APQ8096AU ファームウェア
APQ8053 ファームウェア
APQ8076 ファームウェア
APQ8017 ファームウェア
CSRA6620 ファームウェア
AQT100… 		複数の Qualcomm 製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2020-11272 2021-11-18 16:24 2020-11-2 Show GitHub Exploit DB Packet Storm
132102 8.8 重要
Adjacent 		クアルコム APQ8064AU ファームウェア
APQ8009 ファームウェア
APQ8053 ファームウェア
APQ8017 ファームウェア
APQ8009W ファームウェア
APQ8052 ファームウェア
APQ8039 ファームウェア
APQ8016 ファームウェア
APQ8… 		複数の Qualcomm 製品における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2020-11269 2021-11-18 16:24 2020-11-2 Show GitHub Exploit DB Packet Storm
132103 7.8 重要
Local 		Deutsche Post Mailoptimizer Deutsche Post Mailoptimizer におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-28042 2021-11-18 16:24 2021-01-29 Show GitHub Exploit DB Packet Storm
132104 9.8 緊急
Network 		newlib project
Fedora Project		 newlib
Fedora 		newlib における古典的バッファオーバーフローの脆弱性 CWE-120
CWE-190
CVE-2021-3420 2021-11-18 16:24 2021-03-2 Show GitHub Exploit DB Packet Storm
132105 6.1 警告
Network 		ansi_up ansi_up ansi_up におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-3377 2021-11-18 16:24 2021-01-29 Show GitHub Exploit DB Packet Storm
132106 7.8 重要
Local 		Google Android Android における脆弱性 CWE-noinfo
情報不足 		CVE-2020-0025 2021-11-18 15:16 2021-03-1 Show GitHub Exploit DB Packet Storm
132107 6.1 警告
Network 		Doctor Appointment System Doctor Appointment System Doctor Appointment System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-27318 2021-11-18 14:58 2021-02-26 Show GitHub Exploit DB Packet Storm
132108 6.1 警告
Network 		Doctor Appointment System Doctor Appointment System Doctor Appointment System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-27317 2021-11-18 14:57 2021-02-26 Show GitHub Exploit DB Packet Storm
132109 7.2 重要
Network 		デル Dell EMC SRS Policy Manager SRS Policy Manager における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2021-21517 2021-11-18 14:57 2021-02-25 Show GitHub Exploit DB Packet Storm
132110 5.4 警告
Network 		デル Dell EMC SourceOne Dell EMC SourceOne におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-21515 2021-11-18 14:57 2021-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
31 8.7 HIGH
Network 		- - ApostropheCMS is an open-source Node.js content management system. Versions up to and including 1.4.2 of the `@apostrophecms/seo` package injects the Google Analytics Tracking ID (`seoGoogleTrackingI… New CWE-79
Cross-site Scripting 		CVE-2026-53608 2026-06-16 03:16 2026-06-13 Show GitHub Exploit DB Packet Storm
32 5.3 MEDIUM
Network 		- - Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.0 to before version 2.0.14, private services (`EnableShowInService: false`) are enumer… New CWE-200
CWE-285
CWE-863
Information Exposure
Improper Authorization
 Incorrect Authorization 		CVE-2026-49397 2026-06-16 03:16 2026-06-13 Show GitHub Exploit DB Packet Storm
33 6.1 MEDIUM
Network 		- - Valhalla is an open source routing engine and accompanying libraries for use with OpenStreetMap data. Versions 3.6.3 and prior are vulnerable to reflected cross-site scripting (XSS) due to improper n… New CWE-79
Cross-site Scripting 		CVE-2026-49294 2026-06-16 03:16 2026-06-16 Show GitHub Exploit DB Packet Storm
34 7.5 HIGH
Network 		- - Mastodon is a free, open-source social network server based on ActivityPub. In versions there is a missing condition in the check if remote accounts consented to be featured in a remote Collection co… New CWE-345
CWE-863
 Insufficient Verification of Data Authenticity
 Incorrect Authorization 		CVE-2026-47777 2026-06-16 03:16 2026-06-16 Show GitHub Exploit DB Packet Storm
35 7.1 HIGH
Network 		- - Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember can fire other users' cron tasks via AlertRule… New CWE-862
CWE-863
 Missing Authorization
 Incorrect Authorization 		CVE-2026-47120 2026-06-16 03:16 2026-06-13 Show GitHub Exploit DB Packet Storm
36 6.5 MEDIUM
Network 		- - A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an a… New CWE-22
Path Traversal 		CVE-2026-20262 2026-06-16 03:16 2026-06-16 Show GitHub Exploit DB Packet Storm
37 9.8 CRITICAL
Network 		- - GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument wit… New CWE-73
CWE-78
 External Control of File Name or Path
OS Command  		CVE-2026-11526 2026-06-16 03:16 2026-06-14 Show GitHub Exploit DB Packet Storm
38 7.5 HIGH
Network 		openssl openssl Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a … Update CWE-476
 NULL Pointer Dereference 		CVE-2026-42765 2026-06-16 03:14 2026-06-10 Show GitHub Exploit DB Packet Storm
39 7.5 HIGH
Network 		openssl openssl Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platfo… Update CWE-125
Out-of-bounds Read 		CVE-2026-34180 2026-06-16 03:13 2026-06-10 Show GitHub Exploit DB Packet Storm
40 7.4 HIGH
Network 		openssl openssl Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certifi… Update CWE-354
 Improper Validation of Integrity Check Value 		CVE-2026-34181 2026-06-16 03:13 2026-06-10 Show GitHub Exploit DB Packet Storm