Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 4:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
132481	9.8	緊急 Network	SDG Technologies	Plug and Play SCADA	PNPSCADA における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2020-24841	2021-11-4 17:53	2020-08-17	Show	GitHub Exploit DB Packet Storm

132482	9.8	緊急 Network	CITSmart	CITSmart	CITSmart におけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2020-35775	2021-11-4 17:53	2020-12-29	Show	GitHub Exploit DB Packet Storm

132483	4.8	警告 Network	F5 Networks	BIG-IP Application Security Manager (ASM) BIG-IP Access Policy Manager (APM) BIG-IP Advanced Web Application Firewall (WAF) B…	BIG-IP における脆弱性	CWE-noinfo 情報不足	CVE-2021-22981	2021-11-4 17:52	2021-02-11	Show	GitHub Exploit DB Packet Storm

132484	7.5	重要 Network	The PHP Group Debian NetApp	PHP Clustered Data ONTAP Debian GNU/Linux	PHP における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2021-21702	2021-11-4 17:52	2021-01-26	Show	GitHub Exploit DB Packet Storm

132485	5.3	警告 Network	The PHP Group Debian NetApp	PHP Clustered Data ONTAP Debian GNU/Linux	PHP における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2020-7071	2021-11-4 17:52	2020-01-15	Show	GitHub Exploit DB Packet Storm

132486	6.1	警告 Network	Atlassian	JIRA Jira Software Data Center	Atlassian Jira Server および Data Center におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-36236	2021-11-4 17:52	2021-01-21	Show	GitHub Exploit DB Packet Storm

132487	7.1	重要 Local	TP-LINK Technologies	Archer C5v ファームウェア	TP-Link Archer C5v における重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2021-27209	2021-11-4 17:52	2021-02-3	Show	GitHub Exploit DB Packet Storm

132488	6.5	警告 Network	アルバネットワークス株式会社	AirWave	Aruba AirWave Management Platform における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2021-26965	2021-11-4 17:37	2021-02-23	Show	GitHub Exploit DB Packet Storm

132489	6.5	警告 Network	アルバネットワークス株式会社	AirWave	Aruba AirWave Management Platform における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2021-26966	2021-11-4 17:35	2021-02-23	Show	GitHub Exploit DB Packet Storm

132490	6.1	警告 Network	アルバネットワークス株式会社	AirWave	Aruba AirWave Management Platform におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-26967	2021-11-4 17:33	2021-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
141	6.5	MEDIUM Network	-	-	IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against… New	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2026-4096	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

142	3.7	LOW Network	-	-	Shopware is an open commerce platform. Prior to versions 6.6.10.18 and 6.7.10.1, an attacker is able to enumerate the usernames of administrator users by performing a timing attack. Versions 6.6.10.1… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-48011	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

143	5.3	MEDIUM Network	-	-	Russh is a Rust SSH client & server library. From version 0.34.0-beta.1 to before version 0.61.0, the russh server authentication path keeps internal userauth state across SSH_MSG_USERAUTH_REQUEST me… New	CWE-287 Improper Authentication	CVE-2026-46705	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

144	7.5	HIGH Network	-	-	libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.j… New	CWE-20 CWE-400 CWE-401 Improper Input Validation Uncontrolled Resource Consumption Missing Release of Memory after Effective Lifetime	CVE-2026-46679	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

145	7.5	HIGH Network	-	-	Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh rele… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-46673	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

146	-		-	-	OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theor… New	CWE-20 Improper Input Validation	CVE-2026-46669	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

147	3.6	LOW Local	-	-	bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink() allo… New	CWE-22 CWE-193 Path Traversal Off-by-one Error	CVE-2026-45380	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

148	5.4	MEDIUM Network	-	-	IBM Langflow Desktop 1.0.0 through 1.9.2 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, pote… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-3341	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

149	9.8	CRITICAL Network	-	-	SQL Injection vulnerability in damasac thaipalliative_lte through version 3.0 allows remote attackers to execute arbitrary SQL commands via the idFormMain parameter to /substudy/ezform.php (line 14) … New	CWE-89 SQL Injection	CVE-2026-38581	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

150	9.9	CRITICAL Network	-	-	Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc. Rotaban allows Upload a Web Shell to a Web Server. This issue affects Rotaban: from V2026.06.… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-11839	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm