Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
581	7.1	重要 Network	flowiseai	flowise	flowiseaiのflowiseにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-56275	2026-06-26 11:53	2026-06-23	Show	GitHub Exploit DB Packet Storm

582	5.5	警告 Local	nuxt	nuxt	Nuxtにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2026-56301	2026-06-26 11:53	2026-06-23	Show	GitHub Exploit DB Packet Storm

583	6.5	警告 Network	Matthieu Maitre	Picklescan	Matthieu MaitreのPicklescanにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-56304	2026-06-26 11:53	2026-06-20	Show	GitHub Exploit DB Packet Storm

584	6.1	警告 Network	nuxt	nuxt	Nuxtにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-56317	2026-06-26 11:53	2026-06-20	Show	GitHub Exploit DB Packet Storm

585	6.1	警告 Network	nuxt	nuxt	Nuxtにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-56326	2026-06-26 11:53	2026-06-22	Show	GitHub Exploit DB Packet Storm

586	9.9	緊急 Network	n8n	n8n	n8nにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-56348	2026-06-26 11:53	2026-06-22	Show	GitHub Exploit DB Packet Storm

587	5.3	警告 Network	n8n	n8n	n8nにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-56357	2026-06-26 11:53	2026-06-22	Show	GitHub Exploit DB Packet Storm

588	5.3	警告 Network	ImageMagick	ImageMagick	ImageMagickにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2026-56371	2026-06-26 11:53	2026-06-23	Show	GitHub Exploit DB Packet Storm

589	3.3	低 Local	ImageMagick	ImageMagick	ImageMagickにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-56376	2026-06-26 11:53	2026-06-23	Show	GitHub Exploit DB Packet Storm

590	5.5	警告 Local	ImageMagick	ImageMagick	ImageMagickにおけるエンコードおよびエスケープに関する脆弱性	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-56379	2026-06-26 11:53	2026-06-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
190721	7.5	HIGH Network	ibm	sterling_connect\	IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508.	CWE-326 Inadequate Encryption Strength	CVE-2021-38891	2024-11-21 15:18	2021-11-24	Show	GitHub Exploit DB Packet Storm

190722	7.5	HIGH Network	ibm	sterling_connect\	IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 209507.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2021-38890	2024-11-21 15:18	2021-11-24	Show	GitHub Exploit DB Packet Storm

190723	6.5	MEDIUM Network	ibm	mq	IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 208398.	NVD-CWE-noinfo	CVE-2021-38875	2024-11-21 15:18	2021-11-24	Show	GitHub Exploit DB Packet Storm

190724	5.4	MEDIUM Network	oroinc	client_relationship_management	OroCRM is an open source Client Relationship Management (CRM) application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cros…	CWE-352 Origin Validation Error	CVE-2021-39198	2024-11-21 15:18	2021-11-20	Show	GitHub Exploit DB Packet Storm

190725	8.8	HIGH Network	apache	ozone	In Apache Ozone before 1.2.0, Authenticated users with valid Ozone S3 credentials can create specific OM requests, impersonating any other user.	CWE-862 Missing Authorization	CVE-2021-39236	2024-11-21 15:18	2021-11-19	Show	GitHub Exploit DB Packet Storm

190726	6.5	MEDIUM Network	apache	ozone	In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2021-39235	2024-11-21 15:18	2021-11-19	Show	GitHub Exploit DB Packet Storm

190727	6.8	MEDIUM Network	apache	ozone	In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL.	CWE-863 Incorrect Authorization	CVE-2021-39234	2024-11-21 15:18	2021-11-19	Show	GitHub Exploit DB Packet Storm

190728	9.1	CRITICAL Network	apache	ozone	In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client.	NVD-CWE-Other	CVE-2021-39233	2024-11-21 15:18	2021-11-19	Show	GitHub Exploit DB Packet Storm

190729	8.8	HIGH Network	apache	ozone	In Apache Ozone versions prior to 1.2.0, certain admin related SCM commands can be executed by any authenticated users, not just by admins.	CWE-862 Missing Authorization	CVE-2021-39232	2024-11-21 15:18	2021-11-19	Show	GitHub Exploit DB Packet Storm

190730	9.1	CRITICAL Network	apache	ozone	In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone…	CWE-862 Missing Authorization	CVE-2021-39231	2024-11-21 15:18	2021-11-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed