Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
133781 7.5 重要
Network 		projectsend.org ProjectSend ProjectSend における認証に関する脆弱性 CWE-287
CWE-404
CVE-2020-28874 2021-10-8 18:02 2020-11-18 Show GitHub Exploit DB Packet Storm
133782 7.8 重要
Local 		Debian
OpenJPEG project		 OpenJPEG
Debian GNU/Linux 		openjpeg2 におけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2020-27814 2021-10-8 18:02 2020-11-26 Show GitHub Exploit DB Packet Storm
133783 6.1 警告
Network 		WING FTP software Wing FTP Server Wing FTP におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2020-27735 2021-10-8 18:02 2020-11-17 Show GitHub Exploit DB Packet Storm
133784 9.8 緊急
Network 		IBM IBM InfoSphere Information Server IBM InfoSphere Information Server における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2020-27583 2021-10-8 18:02 2020-07-31 Show GitHub Exploit DB Packet Storm
133785 6.8 警告
Physics 		Rostelecom CS-C2SHW ファームウェア Rostelecom CS-C2SHW における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2020-27542 2021-10-8 18:02 2020-10-16 Show GitHub Exploit DB Packet Storm
133786 7.5 重要
Network 		Rostelecom CS-C2SHW ファームウェア Rostelecom CS-C2SHW における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2020-27541 2021-10-8 18:02 2020-10-16 Show GitHub Exploit DB Packet Storm
133787 9.8 緊急
Network 		Rostelecom CS-C2SHW ファームウェア Rostelecom CS-C2SHW におけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2020-27540 2021-10-8 18:02 2020-10-16 Show GitHub Exploit DB Packet Storm
133788 9.8 緊急
Network 		Rostelecom CS-C2SHW ファームウェア Rostelecom CS-C2SHW における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2020-27539 2021-10-8 18:02 2020-10-16 Show GitHub Exploit DB Packet Storm
133789 4.9 警告
Network 		レッドハット
Linux		 Linux Kernel
Red Hat Enterprise Linux 		Linux Kernel NFS における特権の削除/エラーの低下に関する脆弱性 CWE-271
特権の削除/エラーの低下 		CVE-2020-35513 2021-10-8 18:02 2020-12-28 Show GitHub Exploit DB Packet Storm
133790 9.8 緊急
Network 		koa2-blog project koa2-blog koa2-blog における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2020-21180 2021-10-8 16:44 2020-08-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
121 - - - Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input wi… New CWE-94
CWE-150
Code Injection
 Improper Neutralization of Escape, Meta, or Control Sequences 		CVE-2026-54057 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
122 7.6 HIGH
Network 		- - Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, `kitten dnd` can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the lo… New CWE-59
Link Following 		CVE-2026-54056 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
123 3.7 LOW
Network 		- - ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, when `prettyUrls: true` is enabled on `@apostrophecms/file` (a documented SEO feature for se… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-53607 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
124 5.4 MEDIUM
Network 		- - ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Versions of sanitize-html prior to 2.17.5 use `allowedSchemesAp… New CWE-79
Cross-site Scripting 		CVE-2026-53606 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
125 7.5 HIGH
Network 		- - IBM Qiskit SDK 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denial of service due to uncontrolled recursion in the parser. New - CVE-2026-4870 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
126 5.3 MEDIUM
Network 		- - Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, DetailedTagSerializer#ta… New CWE-200
Information Exposure 		CVE-2026-47264 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
127 4.3 MEDIUM
Network 		- - Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish c… New CWE-200
Information Exposure 		CVE-2026-47263 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
128 6.8 MEDIUM
Network 		- - Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a path traversal vulnera… New CWE-22
Path Traversal 		CVE-2026-45775 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
129 5.3 MEDIUM
Network 		- - Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/discl… New CWE-200
CWE-862
Information Exposure
 Missing Authorization 		CVE-2026-45085 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
130 - - - ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 are vulnerable to stored cross-site scripting via unsanitized user display name in draft version… New CWE-79
Cross-site Scripting 		CVE-2026-45014 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm