Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
134341	7.5	重要 Network	postscript project	postscript	Rust 用 postscript crate における初期化されていないリソースの使用に関する脆弱性	CWE-908 初期化されていないリソースの使用	CVE-2021-26953	2021-11-1 14:23	2021-01-30	Show	GitHub Exploit DB Packet Storm

134342	9.8	緊急 Network	calamine	calamine	Rust 用 calamine crate における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-26951	2021-11-1 14:23	2021-01-6	Show	GitHub Exploit DB Packet Storm

134343	9.6	緊急 Network	Acquia Inc.	Mautic	Mautic におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2020-35125	2021-11-1 14:23	2020-12-11	Show	GitHub Exploit DB Packet Storm

134344	9.1	緊急 Network	SAP	SCIMono	SCIMono におけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2021-21479	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

134345	6.1	警告 Network	SAP	Web Dynpro ABAP	SAP Web Dynpro ABAP におけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2021-21478	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

134346	9.9	緊急 Network	SAP	SAP Commerce	SAP Commerce Cloud におけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2021-21477	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

134347	6.1	警告 Network	SAP	SAPUI5	SAP UI5 におけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2021-21476	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

134348	7.5	重要 Network	SAP	NetWeaver Master Data Management Server	SAP Master Data Management におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2021-21475	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

134349	6.5	警告 Network	SAP	SAP HANA Database	SAP HANA Database におけるデジタル署名の検証に関する脆弱性	CWE-347 デジタル署名の不適切な検証	CVE-2021-21474	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

134350	8.8	重要 Network	SAP	Software Provisioning Manager	SAP Software Provisioning Manager における脆弱性	CWE-Other その他	CVE-2021-21472	2021-11-1 14:22	2021-02-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
651	7.5	HIGH Network	-	-	A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input. New	CWE-121 Stack-based Buffer Overflow	CVE-2025-60474	2026-06-26 04:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

652	5.0	MEDIUM Local	-	-	A use-after-free in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted… New	CWE-416 Use After Free	CVE-2025-60466	2026-06-26 04:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

653	5.5	MEDIUM Local	-	-	A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplyin… New	CWE-476 NULL Pointer Dereference	CVE-2025-60473	2026-06-26 04:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

654	7.8	HIGH Local	-	-	Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privi… New	CWE-78 OS Command	CVE-2026-46735	2026-06-26 04:14	2026-06-26	Show	GitHub Exploit DB Packet Storm

655	7.5	HIGH Network	-	-	Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration,… New	CWE-306 CWE-524 Missing Authentication for Critical Function Use of Cache Containing Sensitive Information	CVE-2026-13007	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

656	9.6	CRITICAL Network	-	-	A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker mess… New	CWE-862 Missing Authorization	CVE-2026-11807	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

657	7.8	HIGH Local	-	-	A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of … New	CWE-287 Improper Authentication	CVE-2026-12112	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

658	4.3	MEDIUM Network	-	-	A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds r… New	CWE-125 Out-of-bounds Read	CVE-2026-12891	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

659	4.4	MEDIUM Local	-	-	A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds re… New	CWE-125 Out-of-bounds Read	CVE-2026-12892	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

660	8.8	HIGH Network	-	-	Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-41862	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm