Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
134521	9.8	緊急 Network	FiberHome Technologies Group	HG6245D ファームウェア	FiberHome HG6245D デバイスにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2021-27151	2021-10-22 14:31	2021-01-12	Show	GitHub Exploit DB Packet Storm

134522	7.8	重要 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps Microsoft Excel	複数の Microsoft 製品におけるリモートでコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2021-40474	2021-10-22 14:28	2021-10-12	Show	GitHub Exploit DB Packet Storm

134523	7.8	重要 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps	Microsoft 365 Apps および Office におけるリモートでコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2021-40473	2021-10-22 14:28	2021-10-12	Show	GitHub Exploit DB Packet Storm

134524	5.5	警告 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps Microsoft Excel	複数の Microsoft 製品における情報を公開される脆弱性	CWE-noinfo 情報不足	CVE-2021-40472	2021-10-22 14:28	2021-10-12	Show	GitHub Exploit DB Packet Storm

134525	7.8	重要 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps	Microsoft 365 Apps および Office におけるリモートでコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2021-40471	2021-10-22 14:28	2021-10-12	Show	GitHub Exploit DB Packet Storm

134526	7.8	重要 Local	マイクロソフト	Microsoft Windows Server Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2016<…	複数の Microsoft Windows 製品における権限を昇格される脆弱性	CWE-269 不適切な権限管理	CVE-2021-40470	2021-10-22 14:28	2021-10-12	Show	GitHub Exploit DB Packet Storm

134527	7.2	重要 Network	マイクロソフト	Microsoft Windows Server 2012 Microsoft Windows Server Microsoft Windows Server 2022 Microsoft Windows Server 2008 Microsoft Wi…	Microsoft Windows Server におけるリモートでコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2021-40469	2021-10-22 14:28	2021-10-12	Show	GitHub Exploit DB Packet Storm

134528	5.5	警告 Local	マイクロソフト	Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows Server	複数の Microsoft Windows 製品における情報を公開される脆弱性	CWE-noinfo 情報不足	CVE-2021-40468	2021-10-22 14:28	2021-10-12	Show	GitHub Exploit DB Packet Storm

134529	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows Server Microsoft Windows 7 Microsoft Windows Server&nb…	複数の Microsoft Windows 製品における権限を昇格される脆弱性	CWE-269 不適切な権限管理	CVE-2021-40467	2021-10-22 14:27	2021-10-12	Show	GitHub Exploit DB Packet Storm

134530	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows Server Microsoft Windows 7 Microsoft Windows Server&nb…	複数の Microsoft Windows 製品における権限を昇格される脆弱性	CWE-269 不適切な権限管理	CVE-2021-40466	2021-10-22 14:27	2021-10-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	7.1	HIGH Network	-	-	Unauthenticated Cross Site Scripting (XSS) in Media LIbrary Assistant <= 3.35 versions.	CWE-79 Cross-site Scripting	CVE-2026-54198	2026-06-16 23:52	2026-06-16	Show	GitHub Exploit DB Packet Storm

272	9.9	CRITICAL Network	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-40750	2026-06-16 23:52	2026-06-16	Show	GitHub Exploit DB Packet Storm

273	9.6	CRITICAL Adjacent	kubev2v	assisted_migration_agent	A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal vulnerability. By crafting a specially designed g…	CWE-59 CWE-22 Link Following Path Traversal	CVE-2026-53476	2026-06-16 23:52	2026-06-11	Show	GitHub Exploit DB Packet Storm

274	7.4	HIGH Network	kubev2v	assisted_migration_agent	A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Mid…	CWE-295 Improper Certificate Validation	CVE-2026-53475	2026-06-16 23:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

275	6.5	MEDIUM Network	kebev2v	migration_assessment	A flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malici…	CWE-89 SQL Injection	CVE-2026-53474	2026-06-16 23:37	2026-06-11	Show	GitHub Exploit DB Packet Storm

276	5.4	MEDIUM Network	kubev2v	migration_planner_ui	A flaw was found in migration-planner-ui-app. An attacker can register a malicious discovery agent with a specially crafted credentialUrl containing JavaScript code. When an organizational user click…	CWE-79 Cross-site Scripting	CVE-2026-53473	2026-06-16 23:29	2026-06-11	Show	GitHub Exploit DB Packet Storm

277	8.1	HIGH Network	tp-link	tapo_c110_firmware	An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format stri…	CWE-134 Use of Externally-Controlled Format String	CVE-2026-6250	2026-06-16 23:19	2026-06-12	Show	GitHub Exploit DB Packet Storm

278	6.1	MEDIUM Network	diagrams	drawio	draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. …	CWE-79 Cross-site Scripting	CVE-2026-46642	2026-06-16 22:54	2026-06-11	Show	GitHub Exploit DB Packet Storm

279	8.5	HIGH Network	litespeedtech	litespeed_cpanel_plugin litespeed_whm_plugin	LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running Clo…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-54420	2026-06-16 21:55	2026-06-14	Show	GitHub Exploit DB Packet Storm

280	6.5	MEDIUM Network	cisco	catalyst_sd-wan_manager	A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an a…	CWE-22 Path Traversal	CVE-2026-20262	2026-06-16 21:54	2026-06-16	Show	GitHub Exploit DB Packet Storm