Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 12:21 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201 6.1 警告
Network 		langflow langflow langflowにおけるファイル名やパス名の外部制御に関する脆弱性 New CWE-73
ファイル名やパス名の外部制御 		CVE-2026-48520 2026-06-29 11:15 2026-06-23 Show GitHub Exploit DB Packet Storm
202 7.5 重要
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおける認可されていない行為者への個人情報の漏えいに関する脆弱性 New CWE-359
認可されていないアクターへの個人情報の漏えい 		CVE-2026-48615 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
203 6.5 警告
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおけるUnicode エンコーディングの処理に関する脆弱性 New CWE-176
Unicode エンコーディングの不適切な処理 		CVE-2026-48618 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
204 7.5 重要
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-48619 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
205 7.5 重要
Network 		protobufjs project protobufjs protobufjs projectのprotobufjsにおける再帰制御に関する脆弱性 New CWE-674
不適切な再帰制御 		CVE-2026-48712 2026-06-29 11:15 2026-06-22 Show GitHub Exploit DB Packet Storm
206 5.3 警告
Network 		Encode Starlette EncodeのStarletteにおけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性 New CWE-470
クラスまたはコードを選択する外部から制御された入力の使用 		CVE-2026-48817 2026-06-29 11:15 2026-06-17 Show GitHub Exploit DB Packet Storm
207 7.5 重要
Network 		Encode Starlette EncodeのStarletteにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-48818 2026-06-29 11:15 2026-06-17 Show GitHub Exploit DB Packet Storm
208 5.4 警告
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-48928 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
209 9.8 緊急
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-48930 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
210 7.5 重要
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおける整数オーバーフローの脆弱性 New CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-48933 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
190631 5.4 MEDIUM
Network 		wordpress wordpress WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 ha… - CVE-2021-39202 2024-11-21 15:18 2021-09-10 Show GitHub Exploit DB Packet Storm
190632 5.4 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like co… - CVE-2021-39201 2024-11-21 15:18 2021-09-10 Show GitHub Exploit DB Packet Storm
190633 8.6 HIGH
Network 		envoyproxy
pomerium 		envoy
pomerium 		Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2 GOAWAY and SETTINGS frame are received in the same IO event. This can lea… - CVE-2021-39162 2024-11-21 15:18 2021-09-10 Show GitHub Exploit DB Packet Storm
190634 5.3 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under… - CVE-2021-39200 2024-11-21 15:18 2021-09-10 Show GitHub Exploit DB Packet Storm
190635 5.3 MEDIUM
Network 		atlassian data_center
jira
jira_server
jira_data_center 		Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The a… NVD-CWE-noinfo
CVE-2021-39122 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm
190636 4.3 MEDIUM
Network 		atlassian jira
data_center
jira_server
jira_data_center 		Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest… NVD-CWE-noinfo
CVE-2021-39121 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm
190637 5.5 MEDIUM
Local 		atlassian jira_server
jira_data_center 		Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the GIF Image Reader componen… NVD-CWE-noinfo
CVE-2021-39116 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm
190638 6.5 MEDIUM
Network 		kaml_project kaml kaml is an open source implementation of the YAML format with support for kotlinx.serialization. In affected versions attackers that could provide arbitrary YAML input to an application that uses kam… - CVE-2021-39194 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm
190639 6.1 MEDIUM
Network 		remark remark-html remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-html has mentioned that it was safe by default. In practice the default … - CVE-2021-39199 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm
190640 6.5 MEDIUM
Network 		pcapture_project pcapture pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets wi… CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2021-39196 2024-11-21 15:18 2021-09-8 Show GitHub Exploit DB Packet Storm