Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
311	4.3	警告 Network	Splunk	Splunk AI Toolkit	SplunkのSplunk AI Toolkitにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性 New	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2026-20265	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

312	9.1	緊急 Network	Splunk	Splunk AI Toolkit	SplunkのSplunk AI ToolkitにおけるOS コマンドインジェクションの脆弱性 New	CWE-78 OSコマンド・インジェクション	CVE-2026-20266	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

313	5.9	警告 Network	VMware	Spring Data MongoDB	VMwareのSpring Data MongoDBにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 New	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-41696	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

314	8.1	重要 Network	VMware	Spring Data MongoDB	VMwareのSpring Data MongoDBにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 New	CWE-917 言語構文の表現に使用される特殊な要素の不適切な無効化	CVE-2026-41717	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

315	6.5	警告 Network	VMware	spring for apache kafka	VMwareのspring for apache kafkaにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-41727	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

316	7.5	重要 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-41728	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

317	8.1	重要 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 New	CWE-917 言語構文の表現に使用される特殊な要素の不適切な無効化	CVE-2026-41729	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

318	5.3	警告 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるエラーメッセージによる情報漏えいに関する脆弱性 New	CWE-209 エラーメッセージによる情報漏えい	CVE-2026-41730	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

319	8.1	重要 Network	VMware	spring for apache kafka	VMwareのspring for apache kafkaにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-41731	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

320	5.3	警告 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-41837	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191431	8.8	HIGH Network	ruby-lang fedoraproject	cgi fedora ruby	The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HT…	CWE-74 Injection	CVE-2021-33621	2024-11-21 15:09	2022-11-19	Show	GitHub Exploit DB Packet Storm

191432	5.5	MEDIUM Local	synthesiagame	synthesia	A buffer overflow in Synthesia before 10.7.5567, when a non-Latin locale is used, allows user-assisted attackers to cause a denial of service (application crash) via a crafted MIDI file with malforme…	CWE-120 Classic Buffer Overflow	CVE-2021-33897	2024-11-21 15:09	2022-11-18	Show	GitHub Exploit DB Packet Storm

191433	7.8	HIGH Local	jhead_project debian	jhead debian_linux	jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.	CWE-120 Classic Buffer Overflow	CVE-2021-34055	2024-11-21 15:09	2022-11-5	Show	GitHub Exploit DB Packet Storm

191434	5.5	MEDIUM Local	sox_project	sox	A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash.	-	CVE-2021-33844	2024-11-21 15:09	2022-08-26	Show	GitHub Exploit DB Packet Storm

191435	7.8	HIGH Local	intel	wi-fi_6_ax411_firmware wi-fi_6_ax211_firmware wi-fi_6_ax210_firmware wi-fi_6_ax201_firmware wi-fi_6_ax200_firmware wireless-ac_9560_firmware wireless-ac_9462_firmware wireless-ac…	Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escal…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2021-33847	2024-11-21 15:09	2022-08-19	Show	GitHub Exploit DB Packet Storm

191436	7.5	HIGH Network	feep huawei fedoraproject	libtar openeuler fedora	The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2021-33646	2024-11-21 15:09	2022-08-11	Show	GitHub Exploit DB Packet Storm

191437	7.5	HIGH Network	feep huawei fedoraproject	libtar openeuler fedora	The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2021-33645	2024-11-21 15:09	2022-08-11	Show	GitHub Exploit DB Packet Storm

191438	8.1	HIGH Network	feep huawei fedoraproject	libtar openeuler fedora	An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.	CWE-125 Out-of-bounds Read	CVE-2021-33644	2024-11-21 15:09	2022-08-11	Show	GitHub Exploit DB Packet Storm

191439	9.1	CRITICAL Network	feep huawei fedoraproject	libtar openeuler fedora	An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.	CWE-125 Out-of-bounds Read	CVE-2021-33643	2024-11-21 15:09	2022-08-11	Show	GitHub Exploit DB Packet Storm

191440	6.8	MEDIUM Physics	huawei linux debian	openeuler linux_kernel debian_linux	When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.	CWE-787 Out-of-bounds Write	CVE-2021-33656	2024-11-21 15:09	2022-07-19	Show	GitHub Exploit DB Packet Storm