Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
133571	6.5	警告 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21133: Insufficient policy enforcement in Downloads	CWE-287 不適切な認証	CVE-2021-21133	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133572	8.8	重要 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21128: Heap buffer overflow in Blink	CWE-787 境界外書き込み	CVE-2021-21128	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133573	8.8	重要 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21127: Insufficient policy enforcement in extensions	CWE-287 不適切な認証	CVE-2021-21127	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133574	6.5	警告 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21126: Insufficient policy enforcement in extensions	CWE-287 不適切な認証	CVE-2021-21126	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133575	8.1	重要 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21125: Insufficient policy enforcement in File System API	CWE-287 不適切な認証	CVE-2021-21125	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133576	9.6	緊急 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21124: Potential user after free in Speech Recognizer	CWE-416 解放済みメモリの使用	CVE-2021-21124	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133577	9.6	緊急 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21121: Use after free in Omnibox	CWE-416 解放済みメモリの使用	CVE-2021-21121	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133578	8.8	重要 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21120: Use after free in WebSQL	CWE-416 解放済みメモリの使用	CVE-2021-21120	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133579	8.8	重要 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium CVE-2021-21119: Use after free in Media	CWE-416 解放済みメモリの使用	CVE-2021-21119	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

133580	8.8	重要 Network	Google Outlook.com	Microsoft Edge Chromium Google Chrome	Chromium: CVE-2021-21118 Insufficient data validation in V8	CWE-119 バッファエラー	CVE-2021-21118	2021-10-20 17:38	2021-01-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
761	5.7	MEDIUM Network	splunk	splunk splunk_cloud_platform	In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that… Update	CWE-20 Improper Input Validation	CVE-2026-20255	2026-06-16 00:04	2026-06-11	Show	GitHub Exploit DB Packet Storm

762	5.3	MEDIUM Network	guzzlephp	psr-7	guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Versions prior to 2.10.2 contain improper Host header validation when parsing raw HTTP request messages and when deriving a serv… Update	CWE-20 CWE-918 Improper Input Validation Server-Side Request Forgery (SSRF)	CVE-2026-48998	2026-06-15 23:52	2026-06-11	Show	GitHub Exploit DB Packet Storm

763	5.3	MEDIUM Network	guzzlephp	psr-7	guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Versions prior to 2.10.2 did not reject ASCII control characters, whitespace, or DEL in first-party URI host components. A vulne… Update	CWE-20 CWE-93 CWE-113 Improper Input Validation CRLF Injection HTTP Response Splitting	CVE-2026-49214	2026-06-15 23:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

764	5.7	MEDIUM Network	splunk	splunk splunk_cloud_platform	In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that… Update	CWE-20 Improper Input Validation	CVE-2026-20256	2026-06-15 23:33	2026-06-11	Show	GitHub Exploit DB Packet Storm

765	5.5	MEDIUM Local	apple	macos	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system ter… Update	CWE-284 Improper Access Control	CVE-2025-24165	2026-06-15 23:26	2026-06-12	Show	GitHub Exploit DB Packet Storm

766	5.5	MEDIUM Local	apple	macos	This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data. Update	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2025-43278	2026-06-15 23:25	2026-06-12	Show	GitHub Exploit DB Packet Storm

767	5.5	MEDIUM Local	apple	macos	A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data. Update	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2025-46313	2026-06-15 23:24	2026-06-12	Show	GitHub Exploit DB Packet Storm

768	5.4	MEDIUM Network	microsoft	exchange_server	Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. Update	CWE-79 Cross-site Scripting	CVE-2026-47631	2026-06-15 23:19	2026-06-10	Show	GitHub Exploit DB Packet Storm

769	5.3	MEDIUM Network	-	-	The WP Go Maps WordPress plugin before 10.0.10 does not properly enforce the marker approval filter on the admin-ajax fallback for its datatables route, allowing unauthenticated visitors to retrieve… New	CWE-200 Information Exposure	CVE-2026-8385	2026-06-15 23:16	2026-06-15	Show	GitHub Exploit DB Packet Storm

770	8.8	HIGH Network	-	-	Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26… New	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2026-5242	2026-06-15 23:16	2026-06-15	Show	GitHub Exploit DB Packet Storm