Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
351	6.5	警告 Network	VMware	spring for apache kafka	VMwareのspring for apache kafkaにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-41727	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

352	7.5	重要 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-41728	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

353	8.1	重要 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 New	CWE-917 言語構文の表現に使用される特殊な要素の不適切な無効化	CVE-2026-41729	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

354	5.3	警告 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるエラーメッセージによる情報漏えいに関する脆弱性 New	CWE-209 エラーメッセージによる情報漏えい	CVE-2026-41730	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

355	8.1	重要 Network	VMware	spring for apache kafka	VMwareのspring for apache kafkaにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-41731	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

356	5.3	警告 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-41837	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

357	9.9	緊急 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるコードインジェクションの脆弱性 New	CWE-94 コード・インジェクション	CVE-2026-46850	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

358	8.5	重要 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-46870	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

359	6.5	警告 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-46871	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

360	4.8	警告 Network	F5 Networks	WAF NGINX Gateway Fabric DoS NGINX Instance Manager NGINX Ingress Controller NGINX plus nginx open source	F5 NetworksのDoS等の複数製品における境界外読み取りに関する脆弱性 New	CWE-125 境界外読み取り	CVE-2026-48142	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191511	6.5	MEDIUM Network	siemens	sinec_nms	A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker could change the user profile of any user without proper authorization. With this, the a…	NVD-CWE-Other	CVE-2021-33723	2024-11-21 15:09	2021-10-12	Show	GitHub Exploit DB Packet Storm

191512	4.9	MEDIUM Network	siemens	sinec_nms	A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system has a Path Traversal vulnerability when exporting a firmware container. With this a privileged…	-	CVE-2021-33722	2024-11-21 15:09	2021-10-12	Show	GitHub Exploit DB Packet Storm

191513	6.5	MEDIUM Network	f-secure	linux_security cloud_protection_for_salesforce elements_for_microsoft_365 atlant internet_gatekeeper elements_endpoint_detection_and_response elements_endpoint_protection	A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit ca…	NVD-CWE-noinfo	CVE-2021-33603	2024-11-21 15:09	2021-10-8	Show	GitHub Exploit DB Packet Storm

191514	8.8	HIGH Network	lancom-systems	lcos	In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, ch…	NVD-CWE-noinfo	CVE-2021-33903	2024-11-21 15:09	2021-10-8	Show	GitHub Exploit DB Packet Storm

191515	5.3	MEDIUM Network	f-secure	atlant linux_security cloud_protection internet_gatekeeper	A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerabil…	NVD-CWE-noinfo	CVE-2021-33602	2024-11-21 15:09	2021-10-6	Show	GitHub Exploit DB Packet Storm

191516	5.4	MEDIUM Network	zohocorp	zoho_crm_lead_magnet	A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser while the browser is connected to a trusted website. The attack targets your application's users a…	CWE-79 Cross-site Scripting	CVE-2021-33849	2024-11-21 15:09	2021-10-6	Show	GitHub Exploit DB Packet Storm

191517	7.8	HIGH Local	insyde siemens	insydeh2o ruggedcom_apr1808_firmware simatic_field_pg_m5_firmware simatic_field_pg_m6_firmware simatic_ipc127e_firmware simatic_ipc227g_firmware simatic_ipc277g_firmware simatic_…	A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). Th…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2021-33626	2024-11-21 15:09	2021-10-1	Show	GitHub Exploit DB Packet Storm

191518	9.8	CRITICAL Network	reiner-sct	timecard	REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file.	CWE-798 Use of Hard-coded Credentials	CVE-2021-33583	2024-11-21 15:09	2021-10-1	Show	GitHub Exploit DB Packet Storm

191519	9.8	CRITICAL Network	confluent	ansible	Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its auxiliary component that allows remote attackers to access sensitive information.	CWE-862 Missing Authorization	CVE-2021-33924	2024-11-21 15:09	2021-09-29	Show	GitHub Exploit DB Packet Storm

191520	5.5	MEDIUM Local	confluent	cp-ansible	Insecure permissions in Confluent Ansible (cp-ansible) 5.5.0, 5.5.1, 5.5.2 and 6.0.0 allows local attackers to access some sensitive information (private keys, state database).	CWE-276 Incorrect Default Permissions	CVE-2021-33923	2024-11-21 15:09	2021-09-29	Show	GitHub Exploit DB Packet Storm