Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
132841	7.8	重要 Local	レッドハット	Red Hat OpenShift	Red Hat Openshift における不適切な権限設定に関する脆弱性	CWE-266 不適切な権限設定	CVE-2019-19349	2021-11-30 11:14	2019-11-27	Show	GitHub Exploit DB Packet Storm

132842	7.8	重要 Local	WIN-911 Software	WIN-911	Win-911 Enterprise における不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2020-13539	2021-11-30 10:52	2020-09-1	Show	GitHub Exploit DB Packet Storm

132843	7.8	重要 Local	WIN-911 Software	WIN-911	Win-911 Enterprise における不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2020-13540	2021-11-30 10:52	2020-09-1	Show	GitHub Exploit DB Packet Storm

132844	8.8	重要 Local	WIN-911 Software	Mobile-911 Server	Mobile-911 Server における不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2020-13541	2021-11-30 10:52	2020-09-1	Show	GitHub Exploit DB Packet Storm

132845	5.8	警告 Network	シスコシステムズ	Cisco IOS Cisco IOS XE	Cisco IOS および IOS XE におけるリソース管理に関する脆弱性	CWE-399 リソース管理の問題	CVE-2021-1377	2021-11-29 18:16	2021-03-24	Show	GitHub Exploit DB Packet Storm

132846	6.7	警告 Local	シスコシステムズ	Cisco IOS XE	Cisco IOS XE SD-WAN におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2021-1382	2021-11-29 18:16	2021-03-24	Show	GitHub Exploit DB Packet Storm

132847	7.8	重要 Local	シスコシステムズ	Cisco IOS Cisco IOS XE	Cisco IOS および IOS XE における認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2021-1392	2021-11-29 18:16	2021-03-24	Show	GitHub Exploit DB Packet Storm

132848	5.3	警告 Network	シスコシステムズ	Cisco IOS XE	Cisco IOS XE におけるリソース管理に関する脆弱性	CWE-399 リソース管理の問題	CVE-2021-1394	2021-11-29 18:16	2021-03-24	Show	GitHub Exploit DB Packet Storm

132849	6.8	警告 Physics	シスコシステムズ	Cisco IOS XE	Cisco IOS XE におけるアクティブ状態のデバッグコードに関する脆弱性	CWE-489 間違ったセッションへのデータの漏洩	CVE-2021-1398	2021-11-29 18:16	2021-03-24	Show	GitHub Exploit DB Packet Storm

132850	7.4	重要 Network	シスコシステムズ	Cisco IOS XE	Cisco IOS XE におけるデータの信頼性についての不十分な検証に関する脆弱性	CWE-345 データの信頼性についての不十分な検証	CVE-2021-1403	2021-11-29 18:16	2021-03-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1571	7.8	HIGH Local	-	-	Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary. This may occur when a local user opens a workspace with a maliciously…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-12958	2026-06-24 04:36	2026-06-24	Show	GitHub Exploit DB Packet Storm

1572	6.5	MEDIUM Network	-	-	SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component	CWE-89 SQL Injection	CVE-2026-52673	2026-06-24 04:35	2026-06-24	Show	GitHub Exploit DB Packet Storm

1573	-		-	-	Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2025-62180	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1574	5.2	MEDIUM Local	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-49860	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1575	5.2	MEDIUM Local	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with --deny-env, or restrict it to a specific allowlist w…	CWE-863 Incorrect Authorization	CVE-2026-49983	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1576	4.3	MEDIUM Network	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket …	CWE-248 Uncaught Exception	CVE-2026-55517	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1577	7.6	HIGH Adjacent	-	-	Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView (homeassistant…	CWE-200 CWE-306 Information Exposure Missing Authentication for Critical Function	CVE-2026-54317	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1578	-		-	-	Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including att…	CWE-183 CWE-200 CWE-515 Permissive List of Allowed Inputs Information Exposure	CVE-2026-54316	2026-06-24 04:32	2026-06-24	Show	GitHub Exploit DB Packet Storm

1579	7.5	HIGH Network	-	-	An issue in the sqlo_try_in_loop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61024	2026-06-24 04:26	2026-06-24	Show	GitHub Exploit DB Packet Storm

1580	7.5	HIGH Network	-	-	An issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61029	2026-06-24 04:26	2026-06-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed