Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
132421	9.8	緊急 Network	ピーアンドエフ Hilscher	PCV100-F200-B25-V1D-6011 ファームウェア PXV100-F200-B25-V1D ファームウェア PCV80-F200-B25-V1D ファームウェア PCV50-F200-B25-V1D ファームウェア EtherNet/IP Adapter ファームウェア PXV100I-F20…	Hilscher EtherNet/IP Core V2 における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-20987	2021-11-5 18:02	2021-02-16	Show	GitHub Exploit DB Packet Storm

132422	7.5	重要 Network	ピーアンドエフ Hilscher	PXV100-F200-B17-V1D-3636 ファームウェア PGV100-F200A-B17-V1D ファームウェア PCV80-F200-B17-V1D ファームウェア PCV50-F200-B17-V1D ファームウェア PGV150I-F200A-B17-V1D ファームウェア PROFINET …	Hilscher PROFINET IO Device における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-20986	2021-11-5 18:02	2021-02-16	Show	GitHub Exploit DB Packet Storm

132423	8.8	重要 Network	PELCO	Digital Sentry Server	Pelco Digital Sentry Server における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-27232	2021-11-5 18:02	2021-02-10	Show	GitHub Exploit DB Packet Storm

132424	9.8	緊急 Network	Testes de Codigo	Testes de Codigo	Testes de Codigo における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2021-25648	2021-11-5 18:02	2021-02-15	Show	GitHub Exploit DB Packet Storm

132425	9.8	緊急 Network	Mutare Software	Mutare Voice	Mutare Voice におけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2021-27236	2021-11-5 18:02	2021-02-5	Show	GitHub Exploit DB Packet Storm

132426	4.9	警告 Network	Mutare Software	Mutare Voice	Mutare Voice における脆弱性	CWE-noinfo 情報不足	CVE-2021-27235	2021-11-5 18:02	2021-02-5	Show	GitHub Exploit DB Packet Storm

132427	9.8	緊急 Network	Mutare Software	Mutare Voice	Mutare Voice における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2021-27234	2021-11-5 18:02	2021-02-5	Show	GitHub Exploit DB Packet Storm

132428	4.9	警告 Network	Mutare Software	Mutare Voice	Mutare Voice における重要な情報の平文保存に関する脆弱性	CWE-312 重要な情報の平文保存	CVE-2021-27233	2021-11-5 18:01	2021-02-5	Show	GitHub Exploit DB Packet Storm

132429	7.8	重要 Local	Linux	Linux Kernel	Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2021-20226	2021-11-5 17:58	2021-02-23	Show	GitHub Exploit DB Packet Storm

132430	7.8	重要 Local	アドビシステムズ	Adobe Bridge	Adobe Bridge における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-21066	2021-11-5 17:28	2021-01-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	6.7	MEDIUM Network	-	-	Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to require system-level permission when patching protected default system roles, which allows aut… New	CWE-863 Incorrect Authorization	CVE-2026-6739	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

272	4.3	MEDIUM Network	-	-	Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Fail to enforce PermissionInviteUser when setting AllowOpenInvite or AllowedDomains during team creati… New	CWE-862 Missing Authorization	CVE-2026-6689	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

273	5.3	MEDIUM Network	-	-	Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to validate that a username returned during bot registration belongs to a bot account, which allo… New	CWE-200 Information Exposure	CVE-2026-6046	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

274	9.1	CRITICAL Network	-	-	Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-label clients embedding the same liblumidevsdk.so) uses hard-coded cryptographic keys, which is an instance of "CWE-321: Use of Hard-cod… New	CWE-321 Use of Hard-coded Cryptographic Key	CVE-2026-50091	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

275	9.3	CRITICAL Network	-	-	The Aqara Cloud OAuth Authorization Endpoint (open-cn.aqara.com/oauth/authorize) is vulnerable to a redirect bypass due to lax controls on domain matching, which is an instance of "CWE-1289: Improper… New	CWE-1289 Improper Validation of Unsafe Equivalence in Input	CVE-2026-50090	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

276	6.1	MEDIUM Network	-	-	The Aqara IAM/SSO Gateway (gw-builder.aqara.com) provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:… New	CWE-601 Open Redirect	CVE-2026-50089	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

277	8.2	HIGH Network	-	-	The Aqara Developer Portal (developer.aqara.com) and shared test environments (developer-test.aqara.com, aiot-test.aqara.com) exhibit cross-origin request sharing, which is an instance of "CWE-942: P… New	CWE-942 Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-50088	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

278	8.2	HIGH Network	-	-	The Aqara IAM/SSO gateway (gw-builder.aqara.com) exhibits a cross-origin request sharing vulnerability, which is an instance of "CWE-942: Permissive Cross-domain Policy with Untrusted Domains," and h… New	CWE-942 Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-50087	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

279	10.0	CRITICAL Network	-	-	The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of "CWE-306: Missing Authenticati… New	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2026-50086	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

280	8.6	HIGH Network	-	-	The Aqara Board service (op-test.aqara.com) accepts arbitrary MQTT command payloads, and forwards them to the platfom's HiveMQ broker without authentication. This is an instance of "CWE-306: Missing … New	CWE-306 Missing Authentication for Critical Function	CVE-2026-50085	2026-06-13 02:16	2026-06-13	Show	GitHub Exploit DB Packet Storm