Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
132661 7.5 重要
Network 		三菱電機 MELSEC iQ-R R00CPU ファームウェア
MELSEC iQ-R R16CPU ファームウェア
MELSEC iQ-R R04CPU ファームウェア
MELSEC iQ-R R01CPU ファームウェア
MELSEC iQ-R&nb… 		MELSEC および MELIPC シリーズにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2021-20611 2021-12-10 14:10 2021-11-30 Show GitHub Exploit DB Packet Storm
132662 7.5 重要
Network 		Web-Stat Web-Stat Web-Stat における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2021-24167 2021-12-10 14:01 2021-02-23 Show GitHub Exploit DB Packet Storm
132663 6.5 警告
Network 		Themeisle Orbit Fox ThemeIsle Orbit Fox における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2021-24158 2021-12-10 14:00 2021-01-12 Show GitHub Exploit DB Packet Storm
132664 5.4 警告
Network 		Themeisle Orbit Fox ThemeIsle Orbit Fox におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-24157 2021-12-10 14:00 2021-01-12 Show GitHub Exploit DB Packet Storm
132665 9.8 緊急
Network 		D-Link Systems, Inc. DIR-846 ファームウェア D-Link ルータ DIR-846 における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2020-27600 2021-12-10 14:00 2020-10-21 Show GitHub Exploit DB Packet Storm
132666 9.8 緊急
Network 		D-Link Systems, Inc. DIR-878 ファームウェア D-Link DIR-878 デバイスにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-30072 2021-12-10 14:00 2021-01-12 Show GitHub Exploit DB Packet Storm
132667 6.5 警告
Network 		DELL EMC (旧 EMC Corporation) control center Lightmeter ControlCenter における脆弱性 CWE-noinfo
情報不足 		CVE-2021-30126 2021-12-10 14:00 2021-04-1 Show GitHub Exploit DB Packet Storm
132668 5.4 警告
Network 		PT. GHOZY LAB LLC Contact Form Pro WordPress 用 Easy Contact Form Pro プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-24168 2021-12-10 14:00 2021-01-15 Show GitHub Exploit DB Packet Storm
132669 5.4 警告
Network 		WP Ninjas, LLC. Ninja Forms WordPress 用 Ninja Forms Contact Form プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2021-24166 2021-12-10 14:00 2021-01-25 Show GitHub Exploit DB Packet Storm
132670 6.1 警告
Network 		WP Ninjas, LLC. Ninja Forms WordPress 用 Ninja Forms Contact Form プラグインにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2021-24165 2021-12-10 14:00 2021-01-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1531 5.3 MEDIUM
Network 		ni instrumentstudio
ni_grpc_device_server 		There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen.  This may silently discard high bits if a size value exceeded the target… CWE-681
 Incorrect Conversion between Numeric Types 		CVE-2026-9143 2026-06-25 23:39 2026-06-19 Show GitHub Exploit DB Packet Storm
1532 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint th… CWE-22
Path Traversal 		CVE-2026-54014 2026-06-25 23:36 2026-06-24 Show GitHub Exploit DB Packet Storm
1533 6.4 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt version-history endpoints authorize the prompt_id in the URL but… CWE-284
CWE-639
Improper Access Control
 Authorization Bypass Through User-Controlled Key 		CVE-2026-54015 2026-06-25 23:35 2026-06-24 Show GitHub Exploit DB Packet Storm
1534 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization (BOLA) vulnerability in the built… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-54016 2026-06-25 23:31 2026-06-24 Show GitHub Exploit DB Packet Storm
1535 7.7 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the SafePlaywrightURLLoader implements a validate_url function to prevent SSRF attac… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-54018 2026-06-25 23:30 2026-06-24 Show GitHub Exploit DB Packet Storm
1536 7.8 HIGH
Local 		- - Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution policy bypass in Agent code search tools. The affec… CWE-78
OS Command  		CVE-2026-48703 2026-06-25 23:29 2026-06-25 Show GitHub Exploit DB Packet Storm
1537 8.8 HIGH
Network 		- - Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local files through the operating system default file handle… CWE-20
 Improper Input Validation  		CVE-2026-48704 2026-06-25 23:29 2026-06-25 Show GitHub Exploit DB Packet Storm
1538 8.0 HIGH
Network 		- - Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection in the prompt branch selector. A user who can publi… CWE-78
OS Command  		CVE-2026-48719 2026-06-25 23:29 2026-06-25 Show GitHub Exploit DB Packet Storm
1539 8.1 HIGH
Network 		- - Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp allows terminal output to request access to the local system clipboard. A malici… CWE-276
Incorrect Default Permissions  		CVE-2026-48725 2026-06-25 23:29 2026-06-25 Show GitHub Exploit DB Packet Storm
1540 7.8 HIGH
Local 		- - Warp is an agentic development environment. From 0.2024.02.20.08.01.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection issue in the Linux external editor launcher. Warp e… CWE-78
OS Command  		CVE-2026-48731 2026-06-25 23:29 2026-06-25 Show GitHub Exploit DB Packet Storm