Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
134631 9.8 緊急
Network 		Teradici PCoIP Soft Client Teradici PCoIP soft client における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-25689 2021-11-4 15:05 2021-02-9 Show GitHub Exploit DB Packet Storm
134632 5.5 警告
Local 		Teradici PCoIP Graphics Agent Windows および Linux 用 Teradici PCoIP Agents におけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2021-25688 2021-11-4 15:05 2021-02-9 Show GitHub Exploit DB Packet Storm
134633 6.1 警告
Network 		Ruby on Rails project
Fedora Project		 Rails
Fedora 		Action Pack におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2021-22881 2021-11-4 15:05 2021-02-10 Show GitHub Exploit DB Packet Storm
134634 7.5 重要
Network 		Ruby on Rails project
Fedora Project		 Rails
Fedora 		Active Record におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2021-22880 2021-11-4 15:05 2021-02-10 Show GitHub Exploit DB Packet Storm
134635 9.8 緊急
Network 		アドバンテック株式会社 iView Advantech iView における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2021-22652 2021-11-4 15:05 2021-02-9 Show GitHub Exploit DB Packet Storm
134636 4.8 警告
Adjacent 		IBM IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2020-4956 2021-11-4 15:02 2021-02-12 Show GitHub Exploit DB Packet Storm
134637 8 重要
Adjacent 		IBM IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center における危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2020-4955 2021-11-4 15:01 2021-02-12 Show GitHub Exploit DB Packet Storm
134638 5.4 警告
Adjacent 		IBM IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center におけるセッションの固定化の脆弱性 CWE-384
セッションの固定化 		CVE-2020-4954 2021-11-4 15:01 2021-02-12 Show GitHub Exploit DB Packet Storm
134639 9.8 緊急
Network 		Accellion Accellion FTA Accellion におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2021-27103 2021-11-4 15:01 2021-02-16 Show GitHub Exploit DB Packet Storm
134640 7.2 重要
Network 		F5 Networks BIG-IP Domain Name System (DNS)
BIG-IP Global Traffic Manager (GTM) 		BIG-IP DNS および GTM における古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2021-22982 2021-11-4 15:01 2021-02-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
481 7.5 HIGH
Network 		protobufjs_project protobufjs protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.6.1 and 8.4.1, protobufjs could recurse without a depth limit while converting decoded messages to plain objects or… New CWE-674
 Uncontrolled Recursion 		CVE-2026-48712 2026-06-27 05:04 2026-06-23 Show GitHub Exploit DB Packet Storm
482 5.5 MEDIUM
Local 		isaacs tar node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header's size= record (and other PAX overrides) to the next header entry of any type, including int… New CWE-436
 Interpretation Conflict 		CVE-2026-53655 2026-06-27 05:03 2026-06-23 Show GitHub Exploit DB Packet Storm
483 5.3 MEDIUM
Network 		nodeca js-yaml js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing (<<) by repeating the same alias many ti… New CWE-407
 Inefficient Algorithmic Complexity 		CVE-2026-53550 2026-06-27 05:03 2026-06-23 Show GitHub Exploit DB Packet Storm
484 8.2 HIGH
Network 		docling docling Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions >= 2.82.0, < 2.91.0, if the HTML backend was explicitly con… New CWE-94
CWE-918
Code Injection
Server-Side Request Forgery (SSRF)  		CVE-2026-44016 2026-06-27 05:02 2026-06-25 Show GitHub Exploit DB Packet Storm
485 7.5 HIGH
Network 		faraday_project faraday Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query par… New CWE-674
 Uncontrolled Recursion 		CVE-2026-54297 2026-06-27 05:01 2026-06-25 Show GitHub Exploit DB Packet Storm
486 9.1 CRITICAL
Network 		ibm storage_protect IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hard… New CWE-798
 Use of Hard-coded Credentials 		CVE-2026-12628 2026-06-27 05:01 2026-06-23 Show GitHub Exploit DB Packet Storm
487 5.5 MEDIUM
Local 		rubyconcurrency concurrent_ruby concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The… New CWE-128
 Wrap-around Error 		CVE-2026-54905 2026-06-27 05:01 2026-06-25 Show GitHub Exploit DB Packet Storm
488 9.8 CRITICAL
Network 		rubyconcurrency concurrent_ruby concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLock#release_write_lock does not verify that the calling thread acquired the write lock. Any thread with a… New CWE-414
CWE-667
 Missing Lock Check
 Improper Locking 		CVE-2026-54906 2026-06-27 05:00 2026-06-25 Show GitHub Exploit DB Packet Storm
489 4.8 MEDIUM
Network 		jenkins bitbucket_push_and_pull_request Jenkins Bitbucket Push and Pull Request Plugin 3.3.8 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections sending Bearer token authenticated requests to th… New CWE-295
Improper Certificate Validation  		CVE-2026-57289 2026-06-27 04:59 2026-06-24 Show GitHub Exploit DB Packet Storm
490 4.3 MEDIUM
Network 		jenkins github_branch_source A missing permission check in Jenkins GitHub Branch Source Plugin 1967.1969.v205fd594c821 and earlier allows attackers with Overall/Read permission to obtain the URLs of GitHub Enterprise servers con… New CWE-862
 Missing Authorization 		CVE-2026-57285 2026-06-27 04:59 2026-06-24 Show GitHub Exploit DB Packet Storm