Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
541 8.8 重要
Network 		Node.js Foundation undici Node.js Foundationのundiciにおける同一生成元ポリシー違反に関する脆弱性 New CWE-346
同一生成元ポリシー違反 		CVE-2026-6734 2026-06-29 11:05 2026-06-17 Show GitHub Exploit DB Packet Storm
542 7.8 重要
Local 		Vim Vim Vimにおける境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-57455 2026-06-29 11:01 2026-06-25 Show GitHub Exploit DB Packet Storm
543 7.8 重要
Local 		Vim Vim Vimにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-57456 2026-06-29 11:01 2026-06-25 Show GitHub Exploit DB Packet Storm
544 5.3 警告
Network 		Tenable, Inc. Nessus Tenable, Inc.のNessusにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-57587 2026-06-29 11:01 2026-06-25 Show GitHub Exploit DB Packet Storm
545 3.3
Local 		Tenable, Inc. Nessus Tenable, Inc.のNessusにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-57588 2026-06-29 11:01 2026-06-25 Show GitHub Exploit DB Packet Storm
546 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-5796 2026-06-29 11:01 2026-06-25 Show GitHub Exploit DB Packet Storm
547 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-5952 2026-06-29 11:00 2026-06-25 Show GitHub Exploit DB Packet Storm
548 8.8 重要
Network 		Quest Software Inc. NetVault Backup Quest Software Inc.のNetVault Backupにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-7569 2026-06-29 11:00 2026-06-25 Show GitHub Exploit DB Packet Storm
549 8.8 重要
Network 		Quest Software Inc. NetVault Backup Quest Software Inc.のNetVault BackupにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-7570 2026-06-29 11:00 2026-06-25 Show GitHub Exploit DB Packet Storm
550 9.8 緊急
Network 		langflow langflow langflowにおける認証に関する脆弱性 New CWE-287
CWE-noinfo
CVE-2026-7664 2026-06-29 11:00 2026-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
190661 5.3 MEDIUM
Network 		ibm guardium_data_encryption IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate … CWE-203
 Information Exposure Through Discrepancy 		CVE-2021-39021 2024-11-21 15:18 2022-02-3 Show GitHub Exploit DB Packet Storm
190662 9.8 CRITICAL
Network 		ibm security_verify_access
security_verify_access_docker 		IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control authentication service enabled could allow an attacker to authenticate as any user on the system. IBM X-For… NVD-CWE-noinfo
CVE-2021-39070 2024-11-21 15:18 2022-02-2 Show GitHub Exploit DB Packet Storm
190663 8.8 HIGH
Network 		ibm financial_transaction_manager IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040. CWE-384
 Session Fixation 		CVE-2021-39066 2024-11-21 15:18 2022-02-2 Show GitHub Exploit DB Packet Storm
190664 8.8 HIGH
Network 		ibm financial_transaction_manager IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit… CWE-352
 Origin Validation Error 		CVE-2021-39044 2024-11-21 15:18 2022-02-2 Show GitHub Exploit DB Packet Storm
190665 8.8 HIGH
Network 		ibm websphere_application_server IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could … CWE-74
Injection 		CVE-2021-39031 2024-11-21 15:18 2022-01-26 Show GitHub Exploit DB Packet Storm
190666 7.5 HIGH
Network 		allwinnertech android_q_sdk Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings. CWE-862
 Missing Authorization 		CVE-2021-38789 2024-11-21 15:18 2022-01-20 Show GitHub Exploit DB Packet Storm
190667 7.5 HIGH
Network 		allwinnertech android_q_sdk The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications. Malicious apps can use the interface provided by the service to set the number of applicatio… NVD-CWE-noinfo
CVE-2021-38788 2024-11-21 15:18 2022-01-20 Show GitHub Exploit DB Packet Storm
190668 7.5 HIGH
Network 		allwinnertech android_q_sdk There is an integer overflow in the ION driver "/dev/ion" of Allwinner R818 SoC Android Q SDK V1.0 that could use the ioctl cmd "COMPAT_ION_IOC_SUNXI_FLUSH_RANGE" to cause a system crash (denial of s… CWE-190
 Integer Overflow or Wraparound 		CVE-2021-38787 2024-11-21 15:18 2022-01-19 Show GitHub Exploit DB Packet Storm
190669 7.5 HIGH
Network 		allwinnertech android_q_sdk There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash (denial of service). CWE-476
 NULL Pointer Dereference 		CVE-2021-38786 2024-11-21 15:18 2022-01-19 Show GitHub Exploit DB Packet Storm
190670 7.5 HIGH
Network 		allwinnertech android_q_sdk There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash. CWE-476
 NULL Pointer Dereference 		CVE-2021-38785 2024-11-21 15:18 2022-01-18 Show GitHub Exploit DB Packet Storm