Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
132491 4.8 警告
Network 		アルバネットワークス株式会社 AirWave Aruba AirWave Management Platform におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-26968 2021-11-4 17:13 2021-02-23 Show GitHub Exploit DB Packet Storm
132492 6.3 警告
Network 		アルバネットワークス株式会社 AirWave Aruba AirWave Management Platform におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2021-26970 2021-11-4 17:11 2021-02-23 Show GitHub Exploit DB Packet Storm
132493 6.3 警告
Network 		アルバネットワークス株式会社 AirWave Aruba AirWave Management Platform における脆弱性 CWE-noinfo
情報不足 		CVE-2021-26971 2021-11-4 17:07 2021-02-23 Show GitHub Exploit DB Packet Storm
132494 6.1 警告
Network 		Secomea GateManager ファームウェア Secomea GateManager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-29028 2021-11-4 16:59 2020-11-24 Show GitHub Exploit DB Packet Storm
132495 5.4 警告
Network 		PEEL PEEL SHOPPING PEEL SHOPPING におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-27190 2021-11-4 16:49 2021-02-11 Show GitHub Exploit DB Packet Storm
132496 7.5 重要
Network 		Debian
Privoxy Developers		 Privoxy
Debian GNU/Linux 		privoxy における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2021-20273 2021-11-4 16:27 2021-03-8 Show GitHub Exploit DB Packet Storm
132497 7.5 重要
Network 		Privoxy Developers Privoxy privoxy における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2021-20274 2021-11-4 16:23 2021-03-8 Show GitHub Exploit DB Packet Storm
132498 7.5 重要
Network 		Debian
Privoxy Developers		 Privoxy
Debian GNU/Linux 		privoxy におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2021-20275 2021-11-4 16:20 2021-03-8 Show GitHub Exploit DB Packet Storm
132499 2.7
Network 		Fleet Device Management fleet Fleet におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2021-21296 2021-11-4 16:17 2021-02-4 Show GitHub Exploit DB Packet Storm
132500 6.1 警告
Network 		phpGACL
OpenEMR		 phpGACL
OpenEMR 		phpGACL および OpenEMR におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2020-13565 2021-11-4 16:17 2020-10-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
361 7.7 HIGH
Local 		- - Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed. New CWE-306
Missing Authentication for Critical Function 		CVE-2026-50245 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm
362 - - - An unauthorized access vulnerability exists in the PcSuite APP. The vulnerability can be exploited by attackers to Unauthorized access to the victim’s device. New CWE-306
Missing Authentication for Critical Function 		CVE-2026-11535 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm
363 - - - The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed. New CWE-807
 Reliance on Untrusted Inputs in a Security Decision 		CVE-2026-12058 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm
364 9.8 CRITICAL
Network 		- - The Yarbo Android and iOS applications contain hard-coded MQTT broker credentials that are identical for all users and all devices. These credentials are embedded in the application binary and are re… New CWE-798
 Use of Hard-coded Credentials 		CVE-2026-10557 2026-06-13 01:06 2026-06-13 Show GitHub Exploit DB Packet Storm
365 8.1 HIGH
Network 		- - The Yarbo cloud does not enforce per-device or per-user authorization. Any client possessing valid credentials, whether the shared hard-coded credentials or legitimate per-user credentials, can subsc… New CWE-862
 Missing Authorization 		CVE-2026-7368 2026-06-13 01:06 2026-06-13 Show GitHub Exploit DB Packet Storm
366 9.0 CRITICAL
Network 		- - Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as a substitute for XML signatures from the Identity Provider (authenticity) in two SAML flows: the OAut… New CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-41005 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm
367 - - - An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input.  Externally controlled data is interpreted as a format stri… New CWE-134
Use of Externally-Controlled Format String 		CVE-2026-6250 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm
368 8.8 HIGH
Network 		- - A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An authenticated user with read privileges who is able to … New CWE-787
 Out-of-bounds Write 		CVE-2026-11933 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm
369 - - - Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attrib… New CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-20746 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm
370 6.7 MEDIUM
Local 		- - A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges … New CWE-122
Heap-based Buffer Overflow 		CVE-2026-48914 2026-06-13 01:06 2026-06-12 Show GitHub Exploit DB Packet Storm