Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
133611 5.3 警告
Network 		JetBrains Hub JetBrains Hub における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2021-25760 2021-10-13 17:48 2021-02-3 Show GitHub Exploit DB Packet Storm
133612 8.8 重要
Network 		JetBrains YouTrack JetBrains YouTrack におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2021-25765 2021-10-13 17:31 2021-02-3 Show GitHub Exploit DB Packet Storm
133613 5.3 警告
Network 		OnlineVotingSystem project OnlineVotingSystem OnlineVotingSystem における Salt を使用しない一方向ハッシュの使用に関する脆弱性 CWE-759
Salt を使用しない一方向ハッシュの使用 		CVE-2021-21253 2021-10-13 17:28 2021-01-16 Show GitHub Exploit DB Packet Storm
133614 7.7 重要
Network 		ORAS ORAS ORAS におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-21272 2021-10-13 17:14 2021-01-23 Show GitHub Exploit DB Packet Storm
133615 5.4 警告
Network 		PRYANIKY PRYANIKY Pryaniki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-3395 2021-10-13 17:10 2021-02-3 Show GitHub Exploit DB Packet Storm
133616 7.5 重要
Network 		MIT Kerberos krb5-appl MIT krb5-appl における脆弱性 CWE-noinfo
情報不足 		CVE-2019-25018 2021-10-13 17:10 2019-04-1 Show GitHub Exploit DB Packet Storm
133617 4.3 警告
Network 		IBM IBM Content Navigator IBM Content Navigator におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2020-4934 2021-10-13 17:10 2021-02-1 Show GitHub Exploit DB Packet Storm
133618 9.8 緊急
Network 		D-Link Systems, Inc. DSR-250 ファームウェア
DSR-1000N ファームウェア 		D-Link DSR-250 および DSR-1000N における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2020-18568 2021-10-13 17:10 2020-07-3 Show GitHub Exploit DB Packet Storm
133619 9.8 緊急
Network 		D-Link Systems, Inc. D-Link DNS-320 ファームウェア D-Link DNS-320 FW における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2020-25506 2021-10-13 17:10 2020-07-16 Show GitHub Exploit DB Packet Storm
133620 8.8 重要
Network 		UCOPIA UCOPIA Wireless Appliance UCOPIA Wireless Appliance における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2020-25036 2021-10-13 17:10 2020-08-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201 3.1 LOW
Network 		- - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authen… New CWE-863
 Incorrect Authorization 		CVE-2026-3553 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
202 - - - A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potent… New CWE-862
 Missing Authorization 		CVE-2026-4764 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
203 5.4 MEDIUM
Network 		- - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authe… New CWE-863
 Incorrect Authorization 		CVE-2026-6269 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
204 4.3 MEDIUM
Network 		- - Easy Twitter Feeds before 1.2.13 contains a cross-site request forgery vulnerability in the duplicate_post action handler that lacks nonce verification. Attackers can trick an authenticated user into… New CWE-352
 Origin Validation Error 		CVE-2026-53736 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
205 6.1 MEDIUM
Network 		- - Juicer through 1.12.18 fails to escape remote feed API response fields before rendering them on the admin settings page. Attackers controlling the connected feed data can inject script that executes … New CWE-79
Cross-site Scripting 		CVE-2026-53737 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
206 8.1 HIGH
Network 		- - Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdp_action_handling AJAX handler. Attackers with an enabled role can delete posts or overwrite p… New CWE-863
 Incorrect Authorization 		CVE-2026-53738 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
207 4.3 MEDIUM
Network 		- - Yoast Duplicate Post through 4.6 contains a cross-site request forgery vulnerability in the duplicate_post_dismiss_notice handler, which verifies no nonce or capability. Attackers can trick any authe… New CWE-352
 Origin Validation Error 		CVE-2026-53739 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
208 5.4 MEDIUM
Network 		- - Yoast Duplicate Post through 4.6 inserts an unescaped post title and permalink into the Classic Editor scheduled republish notice. Attackers can schedule a republish copy with a crafted title to exec… New CWE-79
Cross-site Scripting 		CVE-2026-53740 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
209 5.4 MEDIUM
Network 		- - Simple Link Directory through 9.0.4 interpolates the sld_no_results_found option into a JavaScript string literal without encoding. Because sanitize_text_field leaves quotes intact, a stored payload … New CWE-79
Cross-site Scripting 		CVE-2026-53741 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
210 5.4 MEDIUM
Network 		- - Simple Link Directory through 9.0.4 echoes embed shortcode attributes into HTML data attributes without escaping in the embedder template. Attackers with contributor access can craft a shortcode attr… New CWE-79
Cross-site Scripting 		CVE-2026-53742 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm