Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 12:21 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
551	8.2	重要 Network	protobufjs project	protobufjs-cli	protobufjs projectのprotobufjs-cliにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-54271	2026-06-26 11:55	2026-06-22	Show	GitHub Exploit DB Packet Storm

552	7.5	重要 Network	Astro	Astro	Astroにおける複数の脆弱性	CWE-20 CWE-918	CVE-2026-54299	2026-06-26 11:54	2026-06-22	Show	GitHub Exploit DB Packet Storm

553	5.4	警告 Network	n8n	n8n	n8nにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-54303	2026-06-26 11:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

554	10	緊急 Network	n8n	n8n	n8nにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-54309	2026-06-26 11:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

555	9.9	緊急 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-54310	2026-06-26 11:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

556	7.7	重要 Network	n8n	n8n	n8nにおける誤ったセッションへのデータ要素の漏えいに関する脆弱性	CWE-488 誤ったセッションへのデータ要素の漏えい	CVE-2026-54311	2026-06-26 11:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

557	8.5	重要 Network	n8n	n8n	n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-54312	2026-06-26 11:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

558	7.7	重要 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-54313	2026-06-26 11:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

559	7.5	重要 Network	n8n	n8n	n8nにおける高圧縮データの処理 (データ増幅)に関する脆弱性	CWE-409 高圧縮データの不適切な処理 (データ増幅)	CVE-2026-54314	2026-06-26 11:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

560	5.5	警告 Local	pypdf project	pypdf	pypdf projectのpypdfにおける無限ループに関する脆弱性	CWE-835 無限ループ	CVE-2026-54530	2026-06-26 11:54	2026-06-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191471	9.8	CRITICAL Network	seacms	seacms	SQL Injection in SEACMS v210530 (2021-05-30) allows remote attackers to execute arbitrary code via the component "admin_ajax.php?action=checkrepeat&v_name=".	CWE-89 SQL Injection	CVE-2021-37358	2024-11-21 15:15	2021-08-19	Show	GitHub Exploit DB Packet Storm

191472	9.8	CRITICAL Network	apache	ofbiz	Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgra…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-37608	2024-11-21 15:15	2021-08-18	Show	GitHub Exploit DB Packet Storm

191473	8.8	HIGH Network	shopware	shopware	Versions prior to 6.4.3.1 contain an authenticated server-side request forgery vulnerability in file upload via URL. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, a…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-37711	2024-11-21 15:15	2021-08-17	Show	GitHub Exploit DB Packet Storm

191474	5.4	MEDIUM Network	shopware	shopware	Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a Cross-Site Scripting vulnerability via SVG media files. Version 6.4.3.1 contains a patch. As workarounds for older v…	-	CVE-2021-37710	2024-11-21 15:15	2021-08-17	Show	GitHub Exploit DB Packet Storm

191475	6.5	MEDIUM Network	shopware	shopware	Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. Version 6.4.3…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2021-37709	2024-11-21 15:15	2021-08-17	Show	GitHub Exploit DB Packet Storm

191476	9.8	CRITICAL Network	shopware	shopware	Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a command injection vulnerability in mail agent settings. Version 6.4.3.1 contains a patch. As workarounds for older v…	CWE-78 OS Command	CVE-2021-37708	2024-11-21 15:15	2021-08-17	Show	GitHub Exploit DB Packet Storm

191477	7.5	HIGH Network	shopware	shopware	Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability that allows manipulation of product reviews via API. Version 6.4.3.1 contains a patch. As workarounds …	NVD-CWE-noinfo	CVE-2021-37707	2024-11-21 15:15	2021-08-17	Show	GitHub Exploit DB Packet Storm

191478	10.0	CRITICAL Network	microsoft	onefuzz	OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Dire…	CWE-863 Incorrect Authorization	CVE-2021-37705	2024-11-21 15:15	2021-08-14	Show	GitHub Exploit DB Packet Storm

191479	4.3	MEDIUM Network	discourse	discourse	Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta5, a user's read state for a topic such as the last read post number and the notificati…	-	CVE-2021-37703	2024-11-21 15:15	2021-08-14	Show	GitHub Exploit DB Packet Storm

191480	7.5	HIGH Network	discourse	discourse	Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an…	-	CVE-2021-37693	2024-11-21 15:15	2021-08-14	Show	GitHub Exploit DB Packet Storm