Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
171 8.5 重要
Network 		n8n n8n n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性 CWE-1321
オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染) 		CVE-2026-54312 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
172 7.7 重要
Network 		n8n n8n n8nにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-54313 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
173 7.5 重要
Network 		n8n n8n n8nにおける高圧縮データの処理 (データ増幅)に関する脆弱性 CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-54314 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
174 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-54530 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
175 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-54531 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
176 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-54651 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
177 5.3 警告
Network 		Apache Software Foundation Apache NiFi Apache Software FoundationのApache NiFiにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-54665 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
178 9.9 緊急
Network 		langflow langflow langflowにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-55255 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
179 6.1 警告
Physics 		langflow langflow langflowにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-55423 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
180 7.5 重要
Network 		langflow langflow langflowにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-55446 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
190641 6.5 MEDIUM
Network 		misskey misskey Misskey is an open source, decentralized microblogging platform. In affected versions a Server-Side Request Forgery vulnerability exists in "Upload from URL" and remote attachment handling. This coul… - CVE-2021-39195 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm
190642 8.8 HIGH
Network 		better_errors_project better_errors better_errors is an open source replacement for the standard Rails error page with more information rich error pages. It is also usable outside of Rails in any Rack app as Rack middleware. better_err… - CVE-2021-39197 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm
190643 8.8 HIGH
Network 		simple_water_refilling_station_management_system_project simple_water_refilling_station_management_system Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-38841 2024-11-21 15:18 2021-09-7 Show GitHub Exploit DB Packet Storm
190644 9.8 CRITICAL
Network 		simple_water_refilling_station_management_system_project simple_water_refilling_station_management_system SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter. CWE-89
SQL Injection 		CVE-2021-38840 2024-11-21 15:18 2021-09-7 Show GitHub Exploit DB Packet Storm
190645 5.3 MEDIUM
Network 		parity frontier Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in `pallet-ethereum` can cause invalid transactions to be included in the … CWE-1284
 Improper Validation of Specified Quantity in Input 		CVE-2021-39193 2024-11-21 15:18 2021-09-4 Show GitHub Exploit DB Packet Storm
190646 7.2 HIGH
Network 		ghost ghost Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view adm… CWE-269
 Improper Privilege Management 		CVE-2021-39192 2024-11-21 15:18 2021-09-4 Show GitHub Exploit DB Packet Storm
190647 6.1 MEDIUM
Network 		openidc
fedoraproject
debian 		mod_auth_openidc
fedora
debian_linux 		mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. I… - CVE-2021-39191 2024-11-21 15:18 2021-09-3 Show GitHub Exploit DB Packet Storm
190648 7.5 HIGH
Network 		parseplatform parse-server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.3, Parse Server crashes when if a query request contains an invalid value… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2021-39187 2024-11-21 15:18 2021-09-3 Show GitHub Exploit DB Packet Storm
190649 5.3 MEDIUM
Network 		atlassian data_center
jira 		Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue even after their Jira account is revoked, via a Broken Acce… CWE-863
 Incorrect Authorization 		CVE-2021-39119 2024-11-21 15:18 2021-09-2 Show GitHub Exploit DB Packet Storm
190650 7.2 HIGH
Network 		atlassian jira_service_desk
jira_service_management 		Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands … CWE-94
Code Injection 		CVE-2021-39115 2024-11-21 15:18 2021-09-2 Show GitHub Exploit DB Packet Storm