Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
281	7.1	重要 Network	traefik	traefik	traefikにおける複数の脆弱性 New	CWE-284 CWE-863	CVE-2026-54761	2026-06-29 11:11	2026-06-23	Show	GitHub Exploit DB Packet Storm

282	8.6	重要 Network	traefik	traefik	traefikにおける複数の脆弱性 New	CWE-636 CWE-693	CVE-2026-54762	2026-06-29 11:11	2026-06-23	Show	GitHub Exploit DB Packet Storm

283	6.5	警告 Network	UltraJSON project	UltraJSON	UltraJSON projectのUltraJSONにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-54911	2026-06-29 11:11	2026-06-22	Show	GitHub Exploit DB Packet Storm

284	7.5	重要 Network	libssh2.org	libssh2	libssh2.orgのlibssh2における無限ループに関する脆弱性 New	CWE-835 無限ループ	CVE-2026-55199	2026-06-29 11:11	2026-06-17	Show	GitHub Exploit DB Packet Storm

285	9.8	緊急 Network	libssh2.org	libssh2	libssh2.orgのlibssh2における整数オーバーフローの発生によるバッファオーバーフローの脆弱性 New	CWE-680 整数オーバーフローの発生によるバッファオーバーフロー	CVE-2026-55200	2026-06-29 11:11	2026-06-17	Show	GitHub Exploit DB Packet Storm

286	9.1	緊急 Network	Willy Tarreau	HAProxy	HAProxy TechnologiesのHAProxyにおける整数オーバーフローの脆弱性 New	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-55203	2026-06-29 11:11	2026-06-18	Show	GitHub Exploit DB Packet Storm

287	7.5	重要 Network	Willy Tarreau	HAProxy	HAProxy TechnologiesのHAProxyにおけるNULL ポインタデリファレンスに関する脆弱性 New	CWE-476 NULL ポインタデリファレンス	CVE-2026-55204	2026-06-29 11:11	2026-06-18	Show	GitHub Exploit DB Packet Storm

288	5.5	警告 Local	langchain	langchain	langchainにおける複数の脆弱性 New	CWE-22 CWE-59	CVE-2026-55443	2026-06-29 11:11	2026-06-22	Show	GitHub Exploit DB Packet Storm

289	9.9	緊急 Network	appsmith	appsmith	appsmithにおける複数の脆弱性 New	CWE-1188 CWE-749	CVE-2026-55454	2026-06-29 11:11	2026-06-24	Show	GitHub Exploit DB Packet Storm

290	9.1	緊急 Network	appsmith	appsmith	appsmithにおけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-55455	2026-06-29 11:11	2026-06-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
320811	8.8	HIGH Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.	CWE-89 SQL Injection	CVE-2024-42417	2024-10-9 00:43	2024-10-4	Show	GitHub Exploit DB Packet Storm

320812	9.8	CRITICAL Network	draytek	vigor3912_firmware vigor2962_firmware vigor3910_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of…	CWE-787 Out-of-bounds Write	CVE-2024-41593	2024-10-9 00:35	2024-10-4	Show	GitHub Exploit DB Packet Storm

320813	6.1	MEDIUM Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.	CWE-79 Cross-site Scripting	CVE-2024-41591	2024-10-9 00:34	2024-10-4	Show	GitHub Exploit DB Packet Storm

320814	6.1	MEDIUM Network	cozmoslabs	membership_\&_content_restriction_-_paid_member_subscriptions	The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…	CWE-79 Cross-site Scripting	CVE-2024-9222	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

320815	6.1	MEDIUM Network	ibericode	mailchimp_top_bar	The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…	CWE-79 Cross-site Scripting	CVE-2024-9210	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

320816	8.8	HIGH Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerabil…	CWE-22 Path Traversal	CVE-2024-20449	2024-10-9 00:33	2024-10-3	Show	GitHub Exploit DB Packet Storm

320817	6.1	MEDIUM Network	themegrill	magazine_blocks	The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us…	CWE-79 Cross-site Scripting	CVE-2024-9218	2024-10-9 00:33	2024-10-2	Show	GitHub Exploit DB Packet Storm

320818	5.4	MEDIUM Network	draytek	vigor3910_firmware vigor3912_firmware vigor2962_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.	CWE-79 Cross-site Scripting	CVE-2024-41587	2024-10-9 00:32	2024-10-4	Show	GitHub Exploit DB Packet Storm

320819	7.5	HIGH Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG o…	CWE-326 Inadequate Encryption Strength	CVE-2024-41594	2024-10-9 00:31	2024-10-4	Show	GitHub Exploit DB Packet Storm

320820	5.5	MEDIUM Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to pe…	CWE-88 Argument Injection	CVE-2024-20444	2024-10-9 00:26	2024-10-3	Show	GitHub Exploit DB Packet Storm