Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
601 8.8 重要
Network 		MISP project Malware Information Sharing Platform (MISP) MISP projectのMalware Information Sharing Platform (MISP)における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-56423 2026-06-26 11:52 2026-06-22 Show GitHub Exploit DB Packet Storm
602 8.8 重要
Network 		MISP project Malware Information Sharing Platform (MISP) MISP projectのMalware Information Sharing Platform (MISP)における複数の脆弱性 CWE-639
CWE-862
CWE-863
CVE-2026-56424 2026-06-26 11:52 2026-06-22 Show GitHub Exploit DB Packet Storm
603 7.2 重要
Network 		MISP project Malware Information Sharing Platform (MISP) MISP projectのMalware Information Sharing Platform (MISP)におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-56446 2026-06-26 11:52 2026-06-22 Show GitHub Exploit DB Packet Storm
604 7.2 重要
Network 		MISP project Malware Information Sharing Platform (MISP) MISP projectのMalware Information Sharing Platform (MISP)における信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-56447 2026-06-26 11:52 2026-06-22 Show GitHub Exploit DB Packet Storm
605 6.1 警告
Network 		nuxt nuxt Nuxtにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-56697 2026-06-26 11:52 2026-06-22 Show GitHub Exploit DB Packet Storm
606 6.1 警告
Network 		nuxt nuxt Nuxtにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-56698 2026-06-26 11:52 2026-06-22 Show GitHub Exploit DB Packet Storm
607 7.1 重要
Network 		Jenkins プロジェクト Assembla JenkinsのAssemblaにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-57303 2026-06-26 11:52 2026-06-24 Show GitHub Exploit DB Packet Storm
608 5.4 警告
Network 		Jenkins プロジェクト Assembla JenkinsのAssemblaにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-57304 2026-06-26 11:52 2026-06-24 Show GitHub Exploit DB Packet Storm
609 5.4 警告
Network 		Jenkins プロジェクト Assembla JenkinsのAssemblaにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-57305 2026-06-26 11:52 2026-06-24 Show GitHub Exploit DB Packet Storm
610 6.4 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-6062 2026-06-26 11:52 2026-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191491 5.5 MEDIUM
Local 		ffmpeg
debian 		ffmpeg
debian_linux 		libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868. CWE-252
 Unchecked Return Value 		CVE-2021-38114 2024-11-21 15:16 2021-08-5 Show GitHub Exploit DB Packet Storm
191492 5.4 MEDIUM
Network 		openwebif_project openwebif In addBouquet in js/bqe.js in OpenWebif (aka e2openplugin-OpenWebif) through 1.4.7, inserting JavaScript into the Add Bouquet feature of the Bouquet Editor (i.e., bouqueteditor/api/addbouquet?name=) … CWE-79
Cross-site Scripting 		CVE-2021-38113 2024-11-21 15:16 2021-08-5 Show GitHub Exploit DB Packet Storm
191493 8.8 HIGH
Adjacent 		defcon def_con_27_firmware The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol. CWE-120
Classic Buffer Overflow 		CVE-2021-38111 2024-11-21 15:16 2021-08-5 Show GitHub Exploit DB Packet Storm
191494 8.1 HIGH
Network 		courier-mta courier_mail_server An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into… CWE-74
Injection 		CVE-2021-38084 2024-11-21 15:16 2021-08-4 Show GitHub Exploit DB Packet Storm
191495 6.1 MEDIUM
Network 		joplin_project joplin Joplin before 2.0.9 allows XSS via button and form in the note body. CWE-79
Cross-site Scripting 		CVE-2021-37916 2024-11-21 15:16 2021-08-3 Show GitHub Exploit DB Packet Storm
191496 6.5 MEDIUM
Network 		argo-workflows_project argo-workflows In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow b… CWE-20
 Improper Input Validation  		CVE-2021-37914 2024-11-21 15:16 2021-08-3 Show GitHub Exploit DB Packet Storm
191497 8.1 HIGH
Network 		stb_project
debian 		stb
debian_linux 		stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. CWE-787
 Out-of-bounds Write 		CVE-2021-37789 2024-11-21 15:15 2022-11-2 Show GitHub Exploit DB Packet Storm
191498 9.8 CRITICAL
Network 		phpgurukul employee_record_management_system Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php. CWE-89
SQL Injection 		CVE-2021-37782 2024-11-21 15:15 2022-10-29 Show GitHub Exploit DB Packet Storm
191499 9.8 CRITICAL
Network 		locke-bot_project locke-bot SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2 allows remote attackers to run arbitrary SQL commands via crafted string to /src/db.js, /commands/mute.js, /modules/event/messageDelete.js. CWE-89
SQL Injection 		CVE-2021-37522 2024-11-21 15:15 2023-07-19 Show GitHub Exploit DB Packet Storm
191500 9.8 CRITICAL
Network 		furukawa 423-41w\/ac_firmware
ld421-21w_firmware
ld420-10r_firmware
ld421-21wv_firmware 		RCE (Remote Code Execution) vulnerability was found in some Furukawa ONU models, this vulnerability allows remote unauthenticated users to send arbitrary commands to the device via web interface. NVD-CWE-noinfo
CVE-2021-37384 2024-11-21 15:15 2023-07-18 Show GitHub Exploit DB Packet Storm