Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
133301	6.5	警告 Network	IBM	IBM WebSphere Application Server	IBM WebSphere Application Server におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2020-5016	2021-11-22 12:19	2021-03-9	Show	GitHub Exploit DB Packet Storm

133302	6.5	警告 Adjacent	vagrant project	gradle-vagrant-plugin	gradle-vagrant-plugin におけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2021-21361	2021-11-22 11:59	2021-02-16	Show	GitHub Exploit DB Packet Storm

133303	8.8	重要 Network	SAP	SAP Manufacturing Integration and Intelligence	SAP MII におけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2021-21480	2021-11-22 11:27	2021-03-9	Show	GitHub Exploit DB Packet Storm

133304	8.8	重要 Adjacent	SAP	SAP NetWeaver	SAP NetWeaver における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2021-21481	2021-11-22 11:06	2021-03-9	Show	GitHub Exploit DB Packet Storm

133305	9.8	緊急 Network	SAP	SAP HANA	SAP HANA Database における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2021-21484	2021-11-22 10:49	2021-03-9	Show	GitHub Exploit DB Packet Storm

133306	8.8	重要 Network	SAP	SAP Enterprise Financial Services	SAP Enterprise Financial Services における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2021-21486	2021-11-22 10:41	2021-03-9	Show	GitHub Exploit DB Packet Storm

133307	8.8	重要 Network	SAP	SAP Payment Engine	SAP Payment Engine における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2021-21487	2021-11-22 10:24	2021-03-9	Show	GitHub Exploit DB Packet Storm

133308	3.3	低 Local	Fabrice Bellard	QEMU	QEMU におけるパーミッションの不適切な保持に関する脆弱性	CWE-281 パーミッションの不適切な保持	CVE-2021-20263	2021-11-22 10:12	2021-03-4	Show	GitHub Exploit DB Packet Storm

133309	7.5	重要 Network	Facebook	HipHop Virtual Machine (HHVM)	HHVM における再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2020-1898	2021-11-19 18:03	2020-06-30	Show	GitHub Exploit DB Packet Storm

133310	9.8	緊急 Network	Clipper project	Clipper	Clipper における脆弱性	CWE-noinfo 情報不足	CVE-2021-28134	2021-11-19 18:03	2021-03-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1571	7.8	HIGH Local	-	-	Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary. This may occur when a local user opens a workspace with a maliciously…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-12958	2026-06-24 04:36	2026-06-24	Show	GitHub Exploit DB Packet Storm

1572	6.5	MEDIUM Network	-	-	SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component	CWE-89 SQL Injection	CVE-2026-52673	2026-06-24 04:35	2026-06-24	Show	GitHub Exploit DB Packet Storm

1573	-		-	-	Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2025-62180	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1574	5.2	MEDIUM Local	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-49860	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1575	5.2	MEDIUM Local	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with --deny-env, or restrict it to a specific allowlist w…	CWE-863 Incorrect Authorization	CVE-2026-49983	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1576	4.3	MEDIUM Network	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket …	CWE-248 Uncaught Exception	CVE-2026-55517	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1577	7.6	HIGH Adjacent	-	-	Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView (homeassistant…	CWE-200 CWE-306 Information Exposure Missing Authentication for Critical Function	CVE-2026-54317	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1578	-		-	-	Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including att…	CWE-183 CWE-200 CWE-515 Permissive List of Allowed Inputs Information Exposure	CVE-2026-54316	2026-06-24 04:32	2026-06-24	Show	GitHub Exploit DB Packet Storm

1579	7.5	HIGH Network	-	-	An issue in the sqlo_try_in_loop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61024	2026-06-24 04:26	2026-06-24	Show	GitHub Exploit DB Packet Storm

1580	7.5	HIGH Network	-	-	An issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61029	2026-06-24 04:26	2026-06-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed