Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
134741 5.5 警告
Local 		IBM Security Verify Information Queue IBM Security Verify Information Queue における重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2021-20408 2021-10-25 14:01 2021-02-4 Show GitHub Exploit DB Packet Storm
134742 7.5 重要
Network 		IBM Security Verify Information Queue IBM Security Verify Information Queue における重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2021-20407 2021-10-25 14:01 2021-02-4 Show GitHub Exploit DB Packet Storm
134743 4.9 警告
Network 		IBM Security Verify Information Queue IBM Security Verify Information Queue における暗号アルゴリズムの使用に関する脆弱性 CWE-327
不完全、または危険な暗号アルゴリズムの使用 		CVE-2021-20406 2021-10-25 14:01 2021-02-4 Show GitHub Exploit DB Packet Storm
134744 7.5 重要
Network 		OPC Foundation
Unified Automation GmbH		 .NET ベースの OPC UA クライアント / サーバの SDK バンドル
UA .NET Legacy
UA .NET Standard 		OPC 製品における複数の脆弱性 CWE-200
CWE-674
CVE-2021-27432
CVE-2021-27434 		2021-10-25 13:50 2021-05-14 Show GitHub Exploit DB Packet Storm
134745 8.1 重要
Network 		ezxml project ezXML ezXML における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-26221 2021-10-22 17:54 2021-01-24 Show GitHub Exploit DB Packet Storm
134746 8.1 重要
Network 		ezxml project ezXML ezxml における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-26220 2021-10-22 17:54 2021-01-24 Show GitHub Exploit DB Packet Storm
134747 6.5 警告
Network 		Fedora Project
Symonics GmbH		 libmysofa
Fedora 		libmysofa における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2020-36151 2021-10-22 17:54 2020-08-26 Show GitHub Exploit DB Packet Storm
134748 6.5 警告
Network 		Fedora Project
Symonics GmbH		 libmysofa
Fedora 		libmysofa における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2020-36150 2021-10-22 17:54 2020-08-26 Show GitHub Exploit DB Packet Storm
134749 6.5 警告
Network 		Fedora Project
Symonics GmbH		 libmysofa
Fedora 		libmysofa における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2020-36149 2021-10-22 17:54 2020-08-27 Show GitHub Exploit DB Packet Storm
134750 6.5 警告
Network 		Fedora Project
Symonics GmbH		 libmysofa
Fedora 		libmysofa における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2020-36148 2021-10-22 17:54 2020-08-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351 - - - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.6, from 2.0.0 before 2.0.7. User… New CWE-22
Path Traversal 		CVE-2025-64152 2026-06-26 23:51 2026-06-26 Show GitHub Exploit DB Packet Storm
352 7.8 HIGH
Local 		mmaitre314 picklescan picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. Attackers can craft pickle files embedding arbitrary… New CWE-502
 Deserialization of Untrusted Data 		CVE-2025-71348 2026-06-26 23:46 2026-06-21 Show GitHub Exploit DB Packet Storm
353 7.5 HIGH
Network 		- - Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allo… New CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-9220 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm
354 6.5 MEDIUM
Network 		- - Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assig… New CWE-340
 Generation of Predictable Numbers or Identifiers 		CVE-2026-9219 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm
355 - - - X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted. New CWE-295
Improper Certificate Validation  		CVE-2026-6731 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm
356 - - - The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier… New CWE-120
CWE-787
Classic Buffer Overflow
 Out-of-bounds Write 		CVE-2026-6681 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm
357 - - - A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length o… New CWE-190
CWE-197
CWE-787
 Integer Overflow or Wraparound
 Numeric Truncation Error
 Out-of-bounds Write 		CVE-2026-6679 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm
358 - - - Integer underflow in wc_PKCS7_DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption. New CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-6678 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm
359 - - - A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This onl… New CWE-295
Improper Certificate Validation  		CVE-2026-6450 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm
360 - - - Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing. New CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2026-6412 2026-06-26 23:17 2026-06-26 Show GitHub Exploit DB Packet Storm