Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
501	8.1	重要 Network	Apache Software Foundation	APISIX	Apache Software FoundationのAPISIXにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-47339	2026-06-26 11:57	2026-06-19	Show	GitHub Exploit DB Packet Storm

502	6.5	警告 Network	Apache Software Foundation	APISIX	Apache Software FoundationのAPISIXにおけるCapture-replay による認証回避に関する脆弱性	CWE-294 Capture-replayによる認証回避	CVE-2026-47341	2026-06-26 11:57	2026-06-19	Show	GitHub Exploit DB Packet Storm

503	9.9	緊急 Network	マイクロソフト	Microsoft Dynamics 365	Dynamics 365 Elevation of Privilege Vulnerability	CWE-284 不適切なアクセス制御	CVE-2026-47647	2026-06-26 11:57	2026-06-18	Show	GitHub Exploit DB Packet Storm

504	8.2	重要 Network	MessagePack	MessagePack	MessagePackにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-48109	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

505	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける複数の脆弱性	CWE-1188 CWE-125 CWE-190 CWE-407 CWE-409 CWE-470 CWE-502 CWE-674 CWE-789	CVE-2026-48502	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

506	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-48506	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

507	9.1	緊急 Network	MessagePack	MessagePack	MessagePackにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2026-48509	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

508	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける複数の脆弱性	CWE-409 CWE-770	CVE-2026-48510	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

509	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-48511	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

510	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-48512	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191491	5.5	MEDIUM Local	ffmpeg debian	ffmpeg debian_linux	libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.	CWE-252 Unchecked Return Value	CVE-2021-38114	2024-11-21 15:16	2021-08-5	Show	GitHub Exploit DB Packet Storm

191492	5.4	MEDIUM Network	openwebif_project	openwebif	In addBouquet in js/bqe.js in OpenWebif (aka e2openplugin-OpenWebif) through 1.4.7, inserting JavaScript into the Add Bouquet feature of the Bouquet Editor (i.e., bouqueteditor/api/addbouquet?name=) …	CWE-79 Cross-site Scripting	CVE-2021-38113	2024-11-21 15:16	2021-08-5	Show	GitHub Exploit DB Packet Storm

191493	8.8	HIGH Adjacent	defcon	def_con_27_firmware	The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol.	CWE-120 Classic Buffer Overflow	CVE-2021-38111	2024-11-21 15:16	2021-08-5	Show	GitHub Exploit DB Packet Storm

191494	8.1	HIGH Network	courier-mta	courier_mail_server	An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into…	CWE-74 Injection	CVE-2021-38084	2024-11-21 15:16	2021-08-4	Show	GitHub Exploit DB Packet Storm

191495	6.1	MEDIUM Network	joplin_project	joplin	Joplin before 2.0.9 allows XSS via button and form in the note body.	CWE-79 Cross-site Scripting	CVE-2021-37916	2024-11-21 15:16	2021-08-3	Show	GitHub Exploit DB Packet Storm

191496	6.5	MEDIUM Network	argo-workflows_project	argo-workflows	In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow b…	CWE-20 Improper Input Validation	CVE-2021-37914	2024-11-21 15:16	2021-08-3	Show	GitHub Exploit DB Packet Storm

191497	8.1	HIGH Network	stb_project debian	stb debian_linux	stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.	CWE-787 Out-of-bounds Write	CVE-2021-37789	2024-11-21 15:15	2022-11-2	Show	GitHub Exploit DB Packet Storm

191498	9.8	CRITICAL Network	phpgurukul	employee_record_management_system	Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php.	CWE-89 SQL Injection	CVE-2021-37782	2024-11-21 15:15	2022-10-29	Show	GitHub Exploit DB Packet Storm

191499	9.8	CRITICAL Network	locke-bot_project	locke-bot	SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2 allows remote attackers to run arbitrary SQL commands via crafted string to /src/db.js, /commands/mute.js, /modules/event/messageDelete.js.	CWE-89 SQL Injection	CVE-2021-37522	2024-11-21 15:15	2023-07-19	Show	GitHub Exploit DB Packet Storm

191500	9.8	CRITICAL Network	furukawa	423-41w\/ac_firmware ld421-21w_firmware ld420-10r_firmware ld421-21wv_firmware	RCE (Remote Code Execution) vulnerability was found in some Furukawa ONU models, this vulnerability allows remote unauthenticated users to send arbitrary commands to the device via web interface.	NVD-CWE-noinfo	CVE-2021-37384	2024-11-21 15:15	2023-07-18	Show	GitHub Exploit DB Packet Storm