Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
134071 6.8 警告
Adjacent 		MongoDB Inc. Libmongocrypt Node.js mongodb-client-encryption における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2021-20327 2021-11-8 15:30 2021-02-25 Show GitHub Exploit DB Packet Storm
134072 1.2 注意 レッドハット
Info-ZIP
サイバートラスト株式会社
オラクル		 OpenSolaris
Red Hat Enterprise Linux
Asianux Server
Red Hat Enterprise Linux Desktop
UnZip
Oracle Solaris 		UnZip のファイル解凍時におけるパーミッションの処理に競合状態の脆弱性 - CVE-2005-2475 2021-11-8 15:23 2005-08-25 Show GitHub Exploit DB Packet Storm
134073 6.8 警告
Adjacent 		Quarkus
MongoDB Inc.		 Java driver
Quarkus 		Java driver における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2021-20328 2021-11-8 15:23 2021-02-18 Show GitHub Exploit DB Packet Storm
134074 8.1 重要
Network 		TeamViewer GmbH TeamViewer TeamViewer における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2018-14333 2021-11-8 15:21 2018-07-17 Show GitHub Exploit DB Packet Storm
134075 9.8 緊急
Network 		TeamViewer GmbH TeamViewer TeamViewer における証明書・パスワードの管理に関する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2018-16550 2021-11-8 15:20 2018-09-4 Show GitHub Exploit DB Packet Storm
134076 7 重要
Local 		TeamViewer GmbH TeamViewer TeamViewer Desktop における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2019-18988 2021-11-8 15:18 2019-11-15 Show GitHub Exploit DB Packet Storm
134077 8.8 重要
Network 		TeamViewer GmbH TeamViewer Windows 用の TeamViewer デスクトップにおける引用されない検索パスまたは要素に関する脆弱性 CWE-428
引用されない検索パスまたは要素 		CVE-2020-13699 2021-11-8 15:15 2020-07-28 Show GitHub Exploit DB Packet Storm
134078 4.6 警告
Adjacent 		オラクル Oracle Cloud Infrastructure Data Science Oracle Cloud Infrastructure Data Science Notebook Sessions における脆弱性 CWE-noinfo
情報不足 		CVE-2021-2138 2021-11-8 15:02 2021-03-3 Show GitHub Exploit DB Packet Storm
134079 9.8 緊急
Network 		アドバンテック株式会社 BB-ESWGP506-2SFP-T ファームウェア BB-ESWGP506-2SFP-T におけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2021-22667 2021-11-8 14:10 2021-02-23 Show GitHub Exploit DB Packet Storm
134080 5.3 警告
Network 		Directus Directus Directus における重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2021-26595 2021-11-8 13:52 2021-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1021 8.8 HIGH
Network 		quest netvault_backup Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault… New CWE-89
SQL Injection 		CVE-2026-9781 2026-06-26 11:04 2026-06-25 Show GitHub Exploit DB Packet Storm
1022 8.8 HIGH
Network 		quest netvault_backup Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVa… New CWE-79
Cross-site Scripting 		CVE-2026-9780 2026-06-26 11:04 2026-06-25 Show GitHub Exploit DB Packet Storm
1023 8.8 HIGH
Network 		quest netvault_backup Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault… New CWE-89
SQL Injection 		CVE-2026-7570 2026-06-26 11:03 2026-06-25 Show GitHub Exploit DB Packet Storm
1024 4.3 MEDIUM
Network 		jenkins contrast_continuous_application_security Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metada… New CWE-862
 Missing Authorization 		CVE-2026-57299 2026-06-26 11:03 2026-06-24 Show GitHub Exploit DB Packet Storm
1025 4.3 MEDIUM
Network 		jenkins contrast_continuous_application_security A missing permission check in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an a… New CWE-862
 Missing Authorization 		CVE-2026-57297 2026-06-26 11:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1026 5.4 MEDIUM
Network 		n8n n8n n8n before 1.123.25 (1.x) and before 2.11.2 (2.x), with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in the Form Trigger node's CSS sanitization that allows a… New CWE-79
Cross-site Scripting 		CVE-2026-56358 2026-06-26 11:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1027 9.6 CRITICAL
Network 		n8n n8n n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to inject arbitrary SQL through unescaped identifier valu… New CWE-89
SQL Injection 		CVE-2026-56351 2026-06-26 11:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1028 4.1 MEDIUM
Local 		flowiseai flowise Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately … New CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2026-56272 2026-06-26 11:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1029 7.5 HIGH
Network 		flowiseai flowise Flowise before 3.1.0 (versions 3.0.13 and earlier) contains a missing authentication vulnerability in the /api/v1/loginmethod endpoint that allows unauthenticated users to retrieve an organization's … New CWE-306
Missing Authentication for Critical Function 		CVE-2026-56270 2026-06-26 11:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1030 4.6 MEDIUM
Local 		flowiseai flowise Flowise before 3.1.0 (npm package flowise, versions 3.0.13 and earlier) uses a weak hardcoded default value 'Secre$t' for the TOKEN_HASH_SECRET environment variable in packages/server/src/enterprise/… New CWE-798
 Use of Hard-coded Credentials 		CVE-2026-56269 2026-06-26 11:01 2026-06-24 Show GitHub Exploit DB Packet Storm