Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
134861	5.4	警告 Network	Monica	Monica	Monica におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-27368	2021-10-29 14:34	2021-02-18	Show	GitHub Exploit DB Packet Storm

134862	5.4	警告 Network	Monica	Monica	Monica におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-27369	2021-10-29 14:12	2021-02-18	Show	GitHub Exploit DB Packet Storm

134863	5.4	警告 Network	Monica	Monica	Monica におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-27370	2021-10-29 14:06	2021-02-18	Show	GitHub Exploit DB Packet Storm

134864	5.4	警告 Network	Monica	Monica	Monica におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-27371	2021-10-29 14:02	2021-02-18	Show	GitHub Exploit DB Packet Storm

134865	5.4	警告 Network	Monica	Monica	Monica におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-27559	2021-10-29 13:52	2021-02-18	Show	GitHub Exploit DB Packet Storm

134866	7.5	重要 Network	Sovremennye Delovye Tekhnologii	Fx-agreggator terminal client	Sovremennye Delovye Tekhnologii FX Aggregator terminal client における認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2021-27187	2021-10-29 13:42	2021-02-12	Show	GitHub Exploit DB Packet Storm

134867	7.5	重要 Network	F5 Networks	BIG-IP Analytics BIG-IP Access Policy Manager (APM) BIG-IP Advanced Firewall Manager (AFM) BIG-IP Domain Name System (DNS)	複数の BIG-IP 製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-22973	2021-10-29 12:19	2021-02-11	Show	GitHub Exploit DB Packet Storm

134868	7.4	重要 Network	株式会社メルカリ	メルカリ	Android アプリ「メルカリ(メルペイ)-フリマアプリ&スマホ決済」における Intent の取り扱い不備に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2021-20835	2021-10-29 12:11	2021-10-29	Show	GitHub Exploit DB Packet Storm

134869	5.5	警告 Local	ESET	ESET Endpoint Security ESET Cyber Security ESET Cyber Security Pro ESET Endpoint Antivirus	ESET Cyber Security および ESET Endpoint シリーズにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2021-37850	2021-10-29 12:05	2021-10-29	Show	GitHub Exploit DB Packet Storm

134870	5.4	警告 Network	F5 Networks	BIG-IP Advanced Firewall Manager (AFM)	BIG-IP AFM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-22983	2021-10-29 12:04	2021-02-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	8.8	HIGH Network	-	-	Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions. Update	CWE-266 Incorrect Privilege Assignment	CVE-2026-56008	2026-06-30 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

272	7.5	HIGH Network	-	-	pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch. Before the patch, a repository could declare pacqu… Update	CWE-78 CWE-494 CWE-829 OS Command Download of Code Without Integrity Check Inclusion of Functionality from Untrusted Control Sphere	CVE-2026-55697	2026-06-30 01:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

273	-		-	-	Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, han… Update	CWE-287 CWE-288 Improper Authentication Authentication Bypass Using an Alternate Path or Channel	CVE-2026-55666	2026-06-30 01:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

274	7.7	HIGH Network	-	-	RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage … New	CWE-862 CWE-863 Missing Authorization Incorrect Authorization	CVE-2026-55189	2026-06-30 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

275	6.3	MEDIUM Local	-	-	acl before version 2.4.0 contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symb… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-54370	2026-06-30 01:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

276	5.3	MEDIUM Network	nodeca	js-yaml	js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing (<<) by repeating the same al… Update	CWE-407 Inefficient Algorithmic Complexity	CVE-2026-53550	2026-06-30 01:16	2026-06-23	Show	GitHub Exploit DB Packet Storm

277	9.9	CRITICAL Network	-	-	OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a SQL injection in timestamps functionality. OpenProject baseline comparison allows callers to … New	CWE-89 SQL Injection	CVE-2026-52785	2026-06-30 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

278	5.4	MEDIUM Network	-	-	OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, a cross-project IDOR / authorization context confusion in the Calendar and Team Planner modules allows a… New	CWE-639 CWE-863 Authorization Bypass Through User-Controlled Key Incorrect Authorization	CVE-2026-52779	2026-06-30 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

279	6.5	MEDIUM Network	-	-	OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user wit… New	CWE-863 Incorrect Authorization	CVE-2026-44735	2026-06-30 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

280	6.5	MEDIUM Network	-	-	Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions. Update	CWE-79 Cross-site Scripting	CVE-2025-68075	2026-06-30 01:16	2026-06-27	Show	GitHub Exploit DB Packet Storm