Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
211	9.8	緊急 Network	Node.js Foundation	Node.js	Node.js FoundationのNode.jsにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-48930	2026-06-29 11:15	2026-06-26	Show	GitHub Exploit DB Packet Storm

212	7.5	重要 Network	Node.js Foundation	Node.js	Node.js FoundationのNode.jsにおける整数オーバーフローの脆弱性 New	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-48933	2026-06-29 11:15	2026-06-26	Show	GitHub Exploit DB Packet Storm

213	4.3	警告 Network	Node.js Foundation	Node.js	Node.js FoundationのNode.jsにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-48934	2026-06-29 11:15	2026-06-26	Show	GitHub Exploit DB Packet Storm

214	3.3	低 Local	Node.js Foundation	Node.js	Node.js FoundationのNode.jsにおける不適切なデフォルトパーミッションに関する脆弱性 New	CWE-276 不適切なデフォルトパーミッション	CVE-2026-48935	2026-06-29 11:15	2026-06-26	Show	GitHub Exploit DB Packet Storm

215	3.3	低 Local	Node.js Foundation	Node.js	Node.js FoundationのNode.jsにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-48936	2026-06-29 11:14	2026-06-26	Show	GitHub Exploit DB Packet Storm

216	3.4	低 Network	JoomlaWorks Ltd.	K2	JoomlaWorks Ltd.のK2におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48940	2026-06-29 11:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

217	6.5	警告 Network	JoomlaWorks Ltd.	K2	JoomlaWorks Ltd.のK2における認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-48941	2026-06-29 11:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

218	6.1	警告 Network	JoomlaWorks Ltd.	K2	JoomlaWorks Ltd.のK2におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48942	2026-06-29 11:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

219	6.5	警告 Network	JoomlaWorks Ltd.	K2	JoomlaWorks Ltd.のK2における動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 New	CWE-915 動的に決定されたオブジェクト属性の不適切に制御された変更	CVE-2026-48943	2026-06-29 11:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

220	6.5	警告 Network	JoomlaWorks Ltd.	K2	JoomlaWorks Ltd.のK2におけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-48944	2026-06-29 11:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
190631	5.4	MEDIUM Network	wordpress	wordpress	WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 ha…	-	CVE-2021-39202	2024-11-21 15:18	2021-09-10	Show	GitHub Exploit DB Packet Storm

190632	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like co…	-	CVE-2021-39201	2024-11-21 15:18	2021-09-10	Show	GitHub Exploit DB Packet Storm

190633	8.6	HIGH Network	envoyproxy pomerium	envoy pomerium	Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2 GOAWAY and SETTINGS frame are received in the same IO event. This can lea…	-	CVE-2021-39162	2024-11-21 15:18	2021-09-10	Show	GitHub Exploit DB Packet Storm

190634	5.3	MEDIUM Network	wordpress debian	wordpress debian_linux	WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under…	-	CVE-2021-39200	2024-11-21 15:18	2021-09-10	Show	GitHub Exploit DB Packet Storm

190635	5.3	MEDIUM Network	atlassian	data_center jira jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The a…	NVD-CWE-noinfo	CVE-2021-39122	2024-11-21 15:18	2021-09-8	Show	GitHub Exploit DB Packet Storm

190636	4.3	MEDIUM Network	atlassian	jira data_center jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest…	NVD-CWE-noinfo	CVE-2021-39121	2024-11-21 15:18	2021-09-8	Show	GitHub Exploit DB Packet Storm

190637	5.5	MEDIUM Local	atlassian	jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the GIF Image Reader componen…	NVD-CWE-noinfo	CVE-2021-39116	2024-11-21 15:18	2021-09-8	Show	GitHub Exploit DB Packet Storm

190638	6.5	MEDIUM Network	kaml_project	kaml	kaml is an open source implementation of the YAML format with support for kotlinx.serialization. In affected versions attackers that could provide arbitrary YAML input to an application that uses kam…	-	CVE-2021-39194	2024-11-21 15:18	2021-09-8	Show	GitHub Exploit DB Packet Storm

190639	6.1	MEDIUM Network	remark	remark-html	remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-html has mentioned that it was safe by default. In practice the default …	-	CVE-2021-39199	2024-11-21 15:18	2021-09-8	Show	GitHub Exploit DB Packet Storm

190640	6.5	MEDIUM Network	pcapture_project	pcapture	pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets wi…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2021-39196	2024-11-21 15:18	2021-09-8	Show	GitHub Exploit DB Packet Storm