Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1991	6.5	警告 Network	Accellion	Kiteworks Core	AccellionのKiteworks Coreにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-24753	2026-06-5 10:48	2026-06-1	Show	GitHub Exploit DB Packet Storm

1992	5.4	警告 Network	Accellion	Kiteworks Core	AccellionのKiteworks Coreにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24754	2026-06-5 10:48	2026-06-1	Show	GitHub Exploit DB Packet Storm

1993	5.4	警告 Network	Accellion	Kiteworks Core	AccellionのKiteworks Coreにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-24755	2026-06-5 10:48	2026-06-1	Show	GitHub Exploit DB Packet Storm

1994	4.3	警告 Network	Accellion	Kiteworks Core	AccellionのKiteworks Coreにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-24756	2026-06-5 10:48	2026-06-1	Show	GitHub Exploit DB Packet Storm

1995	4.3	警告 Network	Accellion	Kiteworks Core	AccellionのKiteworks Coreにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-24761	2026-06-5 10:48	2026-06-1	Show	GitHub Exploit DB Packet Storm

1996	8.8	重要 Network	Accellion	Kiteworks Core	AccellionのKiteworks CoreにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-24782	2026-06-5 10:48	2026-06-1	Show	GitHub Exploit DB Packet Storm

1997	5.3	警告 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける高圧縮データの処理 (データ増幅)に関する脆弱性	CWE-409 高圧縮データの不適切な処理 (データ増幅)	CVE-2026-2575	2026-06-5 10:48	2026-03-18	Show	GitHub Exploit DB Packet Storm

1998	6.1	警告 Network	SAP	netweaver application server java	SAPのnetweaver application server javaにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-27674	2026-06-5 10:48	2026-04-14	Show	GitHub Exploit DB Packet Storm

1999	4.3	警告 Network		-	SAPのSAP Netweaver Application Server ABAPにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2026-27680	2026-06-5 10:48	2026-05-14	Show	GitHub Exploit DB Packet Storm

2000	6.1	警告 Network		-	SAPのSAP Netweaver Application Server ABAPにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-27682	2026-06-5 10:48	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	7.1	HIGH Network	-	-	Unauthenticated Cross Site Scripting (XSS) in Media LIbrary Assistant <= 3.35 versions.	CWE-79 Cross-site Scripting	CVE-2026-54198	2026-06-16 23:52	2026-06-16	Show	GitHub Exploit DB Packet Storm

272	9.9	CRITICAL Network	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-40750	2026-06-16 23:52	2026-06-16	Show	GitHub Exploit DB Packet Storm

273	9.6	CRITICAL Adjacent	kubev2v	assisted_migration_agent	A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal vulnerability. By crafting a specially designed g…	CWE-59 CWE-22 Link Following Path Traversal	CVE-2026-53476	2026-06-16 23:52	2026-06-11	Show	GitHub Exploit DB Packet Storm

274	7.4	HIGH Network	kubev2v	assisted_migration_agent	A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Mid…	CWE-295 Improper Certificate Validation	CVE-2026-53475	2026-06-16 23:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

275	6.5	MEDIUM Network	kebev2v	migration_assessment	A flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malici…	CWE-89 SQL Injection	CVE-2026-53474	2026-06-16 23:37	2026-06-11	Show	GitHub Exploit DB Packet Storm

276	5.4	MEDIUM Network	kubev2v	migration_planner_ui	A flaw was found in migration-planner-ui-app. An attacker can register a malicious discovery agent with a specially crafted credentialUrl containing JavaScript code. When an organizational user click…	CWE-79 Cross-site Scripting	CVE-2026-53473	2026-06-16 23:29	2026-06-11	Show	GitHub Exploit DB Packet Storm

277	8.1	HIGH Network	tp-link	tapo_c110_firmware	An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format stri…	CWE-134 Use of Externally-Controlled Format String	CVE-2026-6250	2026-06-16 23:19	2026-06-12	Show	GitHub Exploit DB Packet Storm

278	6.1	MEDIUM Network	diagrams	drawio	draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. …	CWE-79 Cross-site Scripting	CVE-2026-46642	2026-06-16 22:54	2026-06-11	Show	GitHub Exploit DB Packet Storm

279	8.5	HIGH Network	litespeedtech	litespeed_cpanel_plugin litespeed_whm_plugin	LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running Clo…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-54420	2026-06-16 21:55	2026-06-14	Show	GitHub Exploit DB Packet Storm

280	6.5	MEDIUM Network	cisco	catalyst_sd-wan_manager	A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an a…	CWE-22 Path Traversal	CVE-2026-20262	2026-06-16 21:54	2026-06-16	Show	GitHub Exploit DB Packet Storm