Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
134041	8.7	重要 Network	Synology Inc.	VS960HD ファームウェア DiskStation Manager Unified Controller SkyNAS ファームウェア DiskStation Manager	Synology DiskStation Manager における重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2021-26564	2021-11-16 15:39	2021-02-26	Show	GitHub Exploit DB Packet Storm

134042	3.3	低 Local	サムスン	Samsung Members	SMP sdk における認証に関する脆弱性	CWE-287 不適切な認証	CVE-2021-25342	2021-11-16 15:38	2021-03-4	Show	GitHub Exploit DB Packet Storm

134043	3.3	低 Local	サムスン	Samsung Members	Samsung Members における認証に関する脆弱性	CWE-287 不適切な認証	CVE-2021-25343	2021-11-16 15:09	2021-03-4	Show	GitHub Exploit DB Packet Storm

134044	9.8	緊急 Network	internment	internment	RUST 用 internment crate における脆弱性	CWE-noinfo 情報不足	CVE-2021-28037	2021-11-16 15:01	2021-03-3	Show	GitHub Exploit DB Packet Storm

134045	7.5	重要 Network	quinn project	quinn	RUST 用 quinn crate におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2021-28036	2021-11-16 15:01	2021-03-4	Show	GitHub Exploit DB Packet Storm

134046	9.8	緊急 Network	stack_dst project	stack_dst	RUST 用 stack_dst crate における脆弱性	CWE-noinfo 情報不足	CVE-2021-28035	2021-11-16 15:01	2021-02-22	Show	GitHub Exploit DB Packet Storm

134047	9.8	緊急 Network	stack_dst project	stack_dst	RUST 用 stack_dst crate における二重解放に関する脆弱性	CWE-415 二重解放	CVE-2021-28034	2021-11-16 15:01	2021-02-22	Show	GitHub Exploit DB Packet Storm

134048	9.8	緊急 Network	byte_struct project	byte_struct	RUST 用 byte_struct crate におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2021-28033	2021-11-16 15:01	2021-03-1	Show	GitHub Exploit DB Packet Storm

134049	9.8	緊急 Network	scratchpad project	scratchpad	RUST 用 scratchpad crate における二重解放に関する脆弱性	CWE-415 二重解放	CVE-2021-28031	2021-11-16 15:01	2021-02-18	Show	GitHub Exploit DB Packet Storm

134050	7.5	重要 Network	truetype project	truetype	RUST 用 truetype crate における初期化されていないリソースの使用に関する脆弱性	CWE-908 初期化されていないリソースの使用	CVE-2021-28030	2021-11-16 15:01	2021-02-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1041	5.3	MEDIUM Network	-	-	Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions. New	CWE-862 Missing Authorization	CVE-2025-64636	2026-06-27 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

1042	4.3	MEDIUM Network	-	-	Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions. New	CWE-862 Missing Authorization	CVE-2025-63079	2026-06-27 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

1043	5.4	MEDIUM Network	-	-	The Mattermost Go module github.com/mattermost/mattermost/server/public versions < v0.1.22 fail to validate path parameters when constructing API route paths which allows an attacker to redirect API … New	CWE-22 Path Traversal	CVE-2026-13426	2026-06-27 01:12	2026-06-26	Show	GitHub Exploit DB Packet Storm

1044	5.9	MEDIUM Network	-	-	A flaw in Node.js proxy tunnel error handling could expose proxy credentials in `ERR_PROXY_TUNNEL` error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through… New	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2026-48615	2026-06-27 01:11	2026-06-26	Show	GitHub Exploit DB Packet Storm

1045	5.3	MEDIUM Network	-	-	A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported rel… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-48619	2026-06-27 01:11	2026-06-26	Show	GitHub Exploit DB Packet Storm

1046	4.2	MEDIUM Network	-	-	A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, a… New	CWE-284 Improper Access Control	CVE-2026-48928	2026-06-27 01:11	2026-06-26	Show	GitHub Exploit DB Packet Storm

1047	5.6	MEDIUM Network	-	-	A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resolver bindings. This vulnerability affects all supp… New	CWE-284 Improper Access Control	CVE-2026-48930	2026-06-27 01:11	2026-06-26	Show	GitHub Exploit DB Packet Storm

1048	3.3	LOW Local	-	-	A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. `--allow-fs-read`. This vulnerability affects all supported release lin… New	CWE-276 Incorrect Default Permissions	CVE-2026-48935	2026-06-27 01:11	2026-06-26	Show	GitHub Exploit DB Packet Storm

1049	3.3	LOW Local	-	-	A flaw in Node.js Permission API can cause a local server to be started (via a Unix domain socket), even without the `--allow-net` permission. This vulnerability affects one supported release line… New	CWE-284 Improper Access Control	CVE-2026-48936	2026-06-27 01:11	2026-06-26	Show	GitHub Exploit DB Packet Storm

1050	4.3	MEDIUM Network	-	-	A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and trackers through the `tracker-campaigns.php` script in … New	CWE-284 Improper Access Control	CVE-2026-50739	2026-06-27 01:11	2026-06-26	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed