Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
261	5.7	警告 Adjacent	nuxt	nuxt/webpack-builder nuxt/rspack-builder	Nuxtのnuxt/rspack-builder等の複数製品における危険なメソッドや機能の公開に関する脆弱性	CWE-749 危険なメソッドや機能の公開	CVE-2026-49993	2026-06-16 13:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

262	9.8	緊急 Network	jmespath project	jmespath	JMESPathにおける複数の脆弱性	CWE-116 CWE-20 CWE-94	CVE-2026-54133	2026-06-16 13:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

263	5.5	警告 Local		-	アップルのmacOSにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2025-24165	2026-06-16 13:39	2026-06-11	Show	GitHub Exploit DB Packet Storm

264	5.5	警告 Local		-	アップルのmacOSにおけるUNIX Symbolic Link のフォローに関する脆弱性	CWE-61 UNIX Symbolic Link のフォロー	CVE-2025-43278	2026-06-16 13:39	2026-06-11	Show	GitHub Exploit DB Packet Storm

265	5.5	警告 Local		-	アップルのmacOSにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2025-46313	2026-06-16 13:39	2026-06-11	Show	GitHub Exploit DB Packet Storm

266	7.2	重要 Network	QNAP Systems	QuTS hero	QNAP SystemsのQuTS heroにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-62850	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

267	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2025-66273	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

268	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2025-66279	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

269	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品における複数の脆弱性	CWE-121 CWE-190	CVE-2025-66280	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

270	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品におけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-66281	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
190981	9.8	CRITICAL Network	connectwise	automate	An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.	CWE-611 XXE	CVE-2021-35066	2024-11-21 15:11	2021-06-22	Show	GitHub Exploit DB Packet Storm

190982	4.8	MEDIUM Network	checksec	canopy	CheckSec Canopy before 3.5.2 allows XSS attacks against the login page via the LOGIN_PAGE_DISCLAIMER parameter.	CWE-79 Cross-site Scripting	CVE-2021-34815	2024-11-21 15:11	2021-06-18	Show	GitHub Exploit DB Packet Storm

190983	7.5	HIGH Network	synology	calendar	Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors.	-	CVE-2021-34812	2024-11-21 15:11	2021-06-18	Show	GitHub Exploit DB Packet Storm

190984	4.3	MEDIUM Network	synology	download_station	Server-Side Request Forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to access intranet resources via unspec…	-	CVE-2021-34811	2024-11-21 15:11	2021-06-18	Show	GitHub Exploit DB Packet Storm

190985	8.8	HIGH Network	synology	download_station	Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.	-	CVE-2021-34810	2024-11-21 15:11	2021-06-18	Show	GitHub Exploit DB Packet Storm

190986	8.8	HIGH Network	synology	download_station	Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authentica…	-	CVE-2021-34809	2024-11-21 15:11	2021-06-18	Show	GitHub Exploit DB Packet Storm

190987	5.3	MEDIUM Network	synology	media_server	Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.	-	CVE-2021-34808	2024-11-21 15:11	2021-06-18	Show	GitHub Exploit DB Packet Storm

190988	7.5	HIGH Network	quassel-irc fedoraproject	quassel fedora	Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2021-34825	2024-11-21 15:11	2021-06-17	Show	GitHub Exploit DB Packet Storm

190989	9.8	CRITICAL Network	matrix	olm	Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from the homeserver) because olm_pk_decrypt has …	CWE-787 Out-of-bounds Write	CVE-2021-34813	2024-11-21 15:11	2021-06-17	Show	GitHub Exploit DB Packet Storm

190990	7.8	HIGH Local	teamviewer	teamviewer	TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations.	CWE-427 Uncontrolled Search Path Element	CVE-2021-34803	2024-11-21 15:11	2021-06-17	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed