Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
133481	6.5	警告 Network	HCL Software	OneTest Performance	HCL OneTest Performance におけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2020-14247	2021-10-15 15:53	2020-06-17	Show	GitHub Exploit DB Packet Storm

133482	7.5	重要 Network	HCL Software	OneTest Performance	HCL OneTest Performance における暗号アルゴリズムの使用に関する脆弱性	CWE-327 不完全、または危険な暗号アルゴリズムの使用	CVE-2020-14246	2021-10-15 15:53	2020-06-17	Show	GitHub Exploit DB Packet Storm

133483	9.8	緊急 Network	Google	Android	LG モバイルデバイスの Android OS における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2021-26689	2021-10-15 15:53	2021-02-4	Show	GitHub Exploit DB Packet Storm

133484	5.3	警告 Network	Easy Digital Downloads	Favorites	Nagios XI 用 Favorites コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2021-26024	2021-10-15 15:53	2021-02-3	Show	GitHub Exploit DB Packet Storm

133485	6.1	警告 Network	Easy Digital Downloads	Favorites	Nagios XI 用 Favorites コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-26023	2021-10-15 15:53	2021-02-3	Show	GitHub Exploit DB Packet Storm

133486	5.4	警告 Network	Nextcloud	Nextcloud Server	Nextcloud Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-8294	2021-10-15 15:53	2020-11-18	Show	GitHub Exploit DB Packet Storm

133487	9.8	緊急 Network	Apache Software Foundation	Apache Shiro	Apache Shiro における認証に関する脆弱性	CWE-287 不適切な認証	CVE-2020-17523	2021-10-15 15:53	2020-08-12	Show	GitHub Exploit DB Packet Storm

133488	7.5	重要 Network	Apache Software Foundation	Cassandra	Apache Cassandra におけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2020-17516	2021-10-15 15:53	2020-08-12	Show	GitHub Exploit DB Packet Storm

133489	5.3	警告 Network	JetBrains	TeamCity	JetBrains TeamCity における重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2021-25778	2021-10-15 15:53	2021-02-3	Show	GitHub Exploit DB Packet Storm

133490	4.3	警告 Network	JetBrains	TeamCity	JetBrains TeamCity における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2021-25774	2021-10-15 15:53	2021-02-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
461	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-45638	2026-06-12 03:23	2026-06-10	Show	GitHub Exploit DB Packet Storm

462	8.7	HIGH Network	open-emr	openemr	OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/… New	CWE-79 CWE-862 Cross-site Scripting Missing Authorization	CVE-2026-46518	2026-06-12 03:23	2026-06-10	Show	GitHub Exploit DB Packet Storm

463	7.0	HIGH Local	microsoft	windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2022 windows_server_2025	Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. Update	CWE-416 Use After Free	CVE-2026-45640	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

464	6.5	MEDIUM Adjacent	espressif	esp-idf	ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser (parse_o… New	CWE-125 Out-of-bounds Read	CVE-2026-45160	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

465	10.0	CRITICAL Network	-	-	MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_… New	CWE-78 OS Command	CVE-2026-49261	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

466	7.3	HIGH Network	-	-	KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.ru… New	CWE-693 Protection Mechanism Failure	CVE-2026-48546	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

467	6.5	MEDIUM Adjacent	-	-	aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the pa… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-47157	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

468	5.3	MEDIUM Network	-	-	Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.9, Fediverse Embeds registered the unauthenticated AJAX action wp_ajax_nopriv_ftf_get_site_info (includes/Site_Info.ph… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46698	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

469	7.5	HIGH Network	-	-	Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy (includes/Media_Proxy.php) with permissio… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46697	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

470	4.8	MEDIUM Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, axios exposes two read-side prototype-pollution gadgets. When Object.prototype is polluted by an upstream… New	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-44490	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm