Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
132351 7.5 重要
Network 		ClamAV ClamAV Clam AntiVirus ソフトウェアにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2021-1252 2021-12-15 14:31 2021-04-7 Show GitHub Exploit DB Packet Storm
132352 7.2 重要
Network 		Vesta Control Panel Vesta Control Panel VestaCP における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2021-30462 2021-12-15 14:31 2021-03-20 Show GitHub Exploit DB Packet Storm
132353 7.8 重要
Local 		Vesta Control Panel Vesta Control Panel VestaCP におけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2021-30463 2021-12-15 14:30 2021-03-20 Show GitHub Exploit DB Packet Storm
132354 9.8 緊急
Network 		zzcms zzcms zzcms における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2020-23426 2021-12-15 14:29 2020-05-27 Show GitHub Exploit DB Packet Storm
132355 8.8 重要
Network 		Learnsite project Learnsite Learnsite における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2021-27522 2021-12-15 14:28 2021-02-17 Show GitHub Exploit DB Packet Storm
132356 7.5 重要
Network 		Realtek Semiconductor Corp RTL8723DE ファームウェア Realtek rtl8723de BLE Stack における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2020-23539 2021-12-15 14:28 2020-06-12 Show GitHub Exploit DB Packet Storm
132357 6.1 警告
Network 		Squirro Squirro Squirro Insights Engine におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-27945 2021-12-15 14:27 2021-03-9 Show GitHub Exploit DB Packet Storm
132358 6.5 警告
Network 		trestle-auth project trestle-auth trestle-auth におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2021-29435 2021-12-15 13:55 2021-04-12 Show GitHub Exploit DB Packet Storm
132359 8.8 重要
Network 		Rock Lobster Contact Form 7 WordPress 用 Contact Form 7 Style プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2021-24159 2021-12-15 13:45 2021-02-4 Show GitHub Exploit DB Packet Storm
132360 7.2 重要
Network 		BackupGuard BackupGuard WordPress 用 Backup Guard プラグインにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2021-24155 2021-12-15 13:45 2021-02-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1331 8.1 HIGH
Network 		- - HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfil… CWE-22
Path Traversal 		CVE-2026-45233 2026-06-26 04:25 2026-06-26 Show GitHub Exploit DB Packet Storm
1332 8.1 HIGH
Network 		- - ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/ro… CWE-59
Link Following 		CVE-2026-35025 2026-06-26 04:25 2026-06-24 Show GitHub Exploit DB Packet Storm
1333 9.1 CRITICAL
Network 		- - Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESH_BED_LEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to … CWE-129
 Improper Validation of Array Index 		CVE-2026-56111 2026-06-26 04:25 2026-06-25 Show GitHub Exploit DB Packet Storm
1334 7.1 HIGH
Network 		- - pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage download` derived a local filename from registry-controlled package name and version fields. A crafted manifest could escape the selec… CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-55700 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1335 6.5 MEDIUM
Network 		- - pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin object keys such as "", ".", and ".." passed pnpm's bin-name guard. When a malicious package was installed globally, later global … CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-55699 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1336 7.5 HIGH
Network 		- - pnpm is a package manager. Prior to 10.34.2 and 11.5.3, the generic peer-suffix normalizer also stripped parenthesized text from git, URL, tarball, file, and other opaque locators. Approval for one s… CWE-346
CWE-693
CWE-829
 Origin Validation Error
 Protection Mechanism Failure
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-55487 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1337 - - - ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, any authenticated user with builder role (free t… CWE-94
Code Injection 		CVE-2026-55413 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1338 8.3 HIGH
Network 		- - ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source compo… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-55412 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1339 6.8 MEDIUM
Adjacent 		- - ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.1780-lts, the authenticated endpoint POST /api/data-sourc… CWE-639
CWE-863
 Authorization Bypass Through User-Controlled Key
 Incorrect Authorization 		CVE-2026-55411 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1340 6.5 MEDIUM
Network 		- - pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm and pacquet expanded ${ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml into registry request destinations … CWE-200
CWE-201
CWE-522
Information Exposure
 Insertion of Sensitive Information Into Sent Data
 Insufficiently Protected Credentials 		CVE-2026-55180 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm