Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
132391 6.1 警告
Network 		Joomla! Joomla! Joomla! におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-23130 2021-11-8 16:08 2021-03-2 Show GitHub Exploit DB Packet Storm
132392 7.5 重要
Network 		Joomla! Joomla! Joomla! における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2021-23131 2021-11-8 15:39 2021-03-2 Show GitHub Exploit DB Packet Storm
132393 7.5 重要
Network 		Joomla! Joomla! Joomla! における脆弱性 CWE-noinfo
情報不足 		CVE-2021-23132 2021-11-8 15:35 2021-03-2 Show GitHub Exploit DB Packet Storm
132394 6.8 警告
Adjacent 		MongoDB Inc. Libmongocrypt Node.js mongodb-client-encryption における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2021-20327 2021-11-8 15:30 2021-02-25 Show GitHub Exploit DB Packet Storm
132395 1.2 注意 レッドハット
Info-ZIP
サイバートラスト株式会社
オラクル		 OpenSolaris
Red Hat Enterprise Linux
Asianux Server
Red Hat Enterprise Linux Desktop
UnZip
Oracle Solaris 		UnZip のファイル解凍時におけるパーミッションの処理に競合状態の脆弱性 - CVE-2005-2475 2021-11-8 15:23 2005-08-25 Show GitHub Exploit DB Packet Storm
132396 6.8 警告
Adjacent 		Quarkus
MongoDB Inc.		 Java driver
Quarkus 		Java driver における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2021-20328 2021-11-8 15:23 2021-02-18 Show GitHub Exploit DB Packet Storm
132397 8.1 重要
Network 		TeamViewer GmbH TeamViewer TeamViewer における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2018-14333 2021-11-8 15:21 2018-07-17 Show GitHub Exploit DB Packet Storm
132398 9.8 緊急
Network 		TeamViewer GmbH TeamViewer TeamViewer における証明書・パスワードの管理に関する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2018-16550 2021-11-8 15:20 2018-09-4 Show GitHub Exploit DB Packet Storm
132399 7 重要
Local 		TeamViewer GmbH TeamViewer TeamViewer Desktop における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2019-18988 2021-11-8 15:18 2019-11-15 Show GitHub Exploit DB Packet Storm
132400 8.8 重要
Network 		TeamViewer GmbH TeamViewer Windows 用の TeamViewer デスクトップにおける引用されない検索パスまたは要素に関する脆弱性 CWE-428
引用されない検索パスまたは要素 		CVE-2020-13699 2021-11-8 15:15 2020-07-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
131 7.8 HIGH
Local 		microsoft windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025 		Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. New CWE-416
 Use After Free 		CVE-2026-42983 2026-06-12 01:54 2026-06-10 Show GitHub Exploit DB Packet Storm
132 7.5 HIGH
Network 		vmware spring_framework IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to exploit in combination with inadequate authorization rules. Affected versi… New CWE-330
 Use of Insufficiently Random Values 		CVE-2026-41838 2026-06-12 01:53 2026-06-9 Show GitHub Exploit DB Packet Storm
133 7.8 HIGH
Local 		microsoft windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025 		Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. New CWE-125
Out-of-bounds Read 		CVE-2026-42837 2026-06-12 01:51 2026-06-10 Show GitHub Exploit DB Packet Storm
134 6.1 MEDIUM
Network 		vmware spring_framework A Spring MVC or Spring WebFlux application which configures a mapping for "/**" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an ar… New CWE-601
Open Redirect 		CVE-2026-41844 2026-06-12 01:19 2026-06-9 Show GitHub Exploit DB Packet Storm
135 6.5 MEDIUM
Network 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network. New CWE-476
 NULL Pointer Dereference 		CVE-2026-42903 2026-06-12 01:17 2026-06-10 Show GitHub Exploit DB Packet Storm
136 - - - openSIS Classic 9.3 contains an insecure direct object reference vulnerability in the messaging module. Any authenticated user with access to the messaging module can request sent-message details fro… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-8406 2026-06-12 01:16 2026-06-11 Show GitHub Exploit DB Packet Storm
137 8.8 HIGH
Network 		- - IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. New CWE-427
 Uncontrolled Search Path Element 		CVE-2026-7870 2026-06-12 01:16 2026-06-12 Show GitHub Exploit DB Packet Storm
138 7.5 HIGH
Network 		- - IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-7787 2026-06-12 01:16 2026-06-12 Show GitHub Exploit DB Packet Storm
139 8.8 HIGH
Network 		- - Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template inj… New CWE-94
Code Injection 		CVE-2026-50223 2026-06-12 01:16 2026-06-11 Show GitHub Exploit DB Packet Storm
140 8.6 HIGH
Network 		- - Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validati… New CWE-918
CWE-1286
CWE-1389
Server-Side Request Forgery (SSRF) 
 Improper Validation of Syntactic Correctness of Input 		CVE-2026-50131 2026-06-12 01:16 2026-06-11 Show GitHub Exploit DB Packet Storm