Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
132861	7.1	重要 Network	オラクル	Java VM Oracle Database	Oracle Database Server の Java VM における脆弱性	CWE-noinfo 情報不足	CVE-2021-35619	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132862	1.8	低 Adjacent	NetApp オラクル	MySQL OnCommand Insight MySQL Cluster SnapCenter	Oracle MySQL の MySQL Cluster における Cluster: General に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35618	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132863	9.8	緊急 Network	オラクル	Oracle WebLogic Server	Oracle Fusion Middleware の Oracle WebLogic Server における Coherence Container に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35617	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132864	5.4	警告 Network	オラクル	Oracle Transportation Management	Oracle Supply Chain の Oracle Transportation Management における UI Infrastructure に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35616	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132865	3.7	低 Network	NetApp オラクル	MySQL Cluster OnCommand Insight SnapCenter	Oracle MySQL の MySQL Cluster における Cluster: General に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35613	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132866	6.3	警告 Adjacent	NetApp オラクル	MySQL OnCommand Insight MySQL Cluster SnapCenter	Oracle MySQL の MySQL Cluster における Cluster: General に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35621	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132867	5.5	警告 Network	NetApp オラクル	MySQL OnCommand Insight SnapCenter	Oracle MySQL の MySQL Server における Server: Optimizer に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35612	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132868	4.3	警告 Network	オラクル	Oracle Sales Offline Oracle E-Business Suite	Oracle E-Business Suite の Oracle Sales Offline における Offline Template に関する脆弱性	CWE-20 不適切な入力確認	CVE-2021-35611	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132869	7.1	重要 Network	NetApp オラクル	MySQL OnCommand Insight SnapCenter	Oracle MySQL の MySQL Server における Server: Optimizer に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35610	2021-10-28 14:50	2021-10-19	Show	GitHub Exploit DB Packet Storm

132870	4.9	警告 Network	オラクル	Oracle Applications Manager Oracle E-Business Suite	Oracle E-Business Suite の Oracle Applications Manager における Diagnostics に関する脆弱性	CWE-noinfo 情報不足	CVE-2021-35569	2021-10-28 14:47	2021-10-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
461	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-45638	2026-06-12 03:23	2026-06-10	Show	GitHub Exploit DB Packet Storm

462	8.7	HIGH Network	open-emr	openemr	OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/… New	CWE-79 CWE-862 Cross-site Scripting Missing Authorization	CVE-2026-46518	2026-06-12 03:23	2026-06-10	Show	GitHub Exploit DB Packet Storm

463	7.0	HIGH Local	microsoft	windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2022 windows_server_2025	Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. Update	CWE-416 Use After Free	CVE-2026-45640	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

464	6.5	MEDIUM Adjacent	espressif	esp-idf	ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser (parse_o… New	CWE-125 Out-of-bounds Read	CVE-2026-45160	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

465	10.0	CRITICAL Network	-	-	MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_… New	CWE-78 OS Command	CVE-2026-49261	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

466	7.3	HIGH Network	-	-	KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.ru… New	CWE-693 Protection Mechanism Failure	CVE-2026-48546	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

467	6.5	MEDIUM Adjacent	-	-	aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the pa… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-47157	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

468	5.3	MEDIUM Network	-	-	Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.9, Fediverse Embeds registered the unauthenticated AJAX action wp_ajax_nopriv_ftf_get_site_info (includes/Site_Info.ph… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46698	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

469	7.5	HIGH Network	-	-	Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy (includes/Media_Proxy.php) with permissio… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46697	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

470	4.8	MEDIUM Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, axios exposes two read-side prototype-pollution gadgets. When Object.prototype is polluted by an upstream… New	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-44490	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm