Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
132981	7.8	重要 Local	クアルコム	APQ8064AU ファームウェア APQ8053 ファームウェア APQ8016 ファームウェア APQ8009 ファームウェア APQ8084 ファームウェア AR8031 ファームウェア APQ8096AU ファームウェア APQ8037 ファームウェア AQT1…	複数の Qualcomm 製品における入力確認に関する脆弱性	CWE-20 CWE-787	CVE-2020-11204	2021-11-1 16:18	2020-03-31	Show	GitHub Exploit DB Packet Storm

132982	4.3	警告 Adjacent	シスコシステムズ	Cisco NX-OS	Cisco NX-OS ソフトウェアにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2021-1367	2021-11-1 16:05	2021-02-24	Show	GitHub Exploit DB Packet Storm

132983	6.5	警告 Local	オムロン株式会社	CX-Supervisor	オムロン製 CX-Supervisor における領域外のメモリ参照の脆弱性	CWE-125 境界外読み取り	CVE-2021-20836	2021-11-1 15:34	2021-10-15	Show	GitHub Exploit DB Packet Storm

132984	-	-	日立	Hitachi Device Manager	Hitachi Device Manager における認証バイパスの脆弱性	CWE-noinfo 情報不足	-	2021-11-1 14:58	2021-10-29	Show	GitHub Exploit DB Packet Storm

132985	9.8	緊急 Network	inoideas	inoERP	InoERP におけるコードインジェクションの脆弱性	CWE-20 CWE-94	CVE-2020-28870	2021-11-1 14:23	2020-03-14	Show	GitHub Exploit DB Packet Storm

132986	5.3	警告 Network	qwutils	qwutils	Rust 用 qwutils crate における二重解放に関する脆弱性	CWE-415 二重解放	CVE-2021-26954	2021-11-1 14:23	2021-02-3	Show	GitHub Exploit DB Packet Storm

132987	7.5	重要 Network	postscript project	postscript	Rust 用 postscript crate における初期化されていないリソースの使用に関する脆弱性	CWE-908 初期化されていないリソースの使用	CVE-2021-26953	2021-11-1 14:23	2021-01-30	Show	GitHub Exploit DB Packet Storm

132988	9.8	緊急 Network	calamine	calamine	Rust 用 calamine crate における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-26951	2021-11-1 14:23	2021-01-6	Show	GitHub Exploit DB Packet Storm

132989	9.6	緊急 Network	Acquia Inc.	Mautic	Mautic におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-35125	2021-11-1 14:23	2020-12-11	Show	GitHub Exploit DB Packet Storm

132990	9.1	緊急 Network	SAP	SCIMono	SCIMono におけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2021-21479	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
871	8.7	HIGH Network	open-emr	openemr	OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/…	CWE-79 CWE-862 Cross-site Scripting Missing Authorization	CVE-2026-46518	2026-06-12 03:23	2026-06-10	Show	GitHub Exploit DB Packet Storm

872	7.0	HIGH Local	microsoft	windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2022 windows_server_2025	Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-45640	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

873	6.5	MEDIUM Adjacent	espressif	esp-idf	ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser (parse_o…	CWE-125 Out-of-bounds Read	CVE-2026-45160	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

874	10.0	CRITICAL Network	-	-	MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_…	CWE-78 OS Command	CVE-2026-49261	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

875	7.3	HIGH Network	-	-	KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.ru…	CWE-693 Protection Mechanism Failure	CVE-2026-48546	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

876	6.5	MEDIUM Adjacent	-	-	aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the pa…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-47157	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

877	5.3	MEDIUM Network	-	-	Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.9, Fediverse Embeds registered the unauthenticated AJAX action wp_ajax_nopriv_ftf_get_site_info (includes/Site_Info.ph…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46698	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

878	7.5	HIGH Network	-	-	Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy (includes/Media_Proxy.php) with permissio…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46697	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

879	-		-	-	A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-3329	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

880	4.9	MEDIUM Network	-	-	A flaw was found in the admin-ui-ext component of Keycloak, which provides extended administrative user interface capabilities. The issue occurs because certain bulk role-removal endpoints fail to pe…	CWE-425 Direct Request ('Forced Browsing')	CVE-2026-11986	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm