Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 27, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 611 | 5.3 |
警告
Network |
VMware | Spring Data REST | VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 |
CWE-284
不適切なアクセス制御 |
CVE-2026-41837 | 2026-06-23 10:00 | 2026-06-10 | Show | GitHub Exploit DB Packet Storm |
| 612 | 9.9 |
緊急
Network |
オラクル | MySQL Shell | オラクルのMySQL Shellにおけるコードインジェクションの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2026-46850 | 2026-06-23 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 613 | 8.5 |
重要
Network |
オラクル | MySQL Shell | オラクルのMySQL Shellにおけるアクセス制御に関する脆弱性 |
CWE-284
不適切なアクセス制御 |
CVE-2026-46870 | 2026-06-23 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 614 | 6.5 |
警告
Network |
オラクル | MySQL Shell | オラクルのMySQL Shellにおけるアクセス制御に関する脆弱性 |
CWE-284
不適切なアクセス制御 |
CVE-2026-46871 | 2026-06-23 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 615 | 4.8 |
警告
Network |
F5 Networks |
WAF NGINX Gateway Fabric DoS NGINX Instance Manager NGINX Ingress Controller NGINX plus nginx open source |
F5 NetworksのDoS等の複数製品における境界外読み取りに関する脆弱性 |
CWE-125
境界外読み取り |
CVE-2026-48142 | 2026-06-23 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 616 | 8.1 |
重要
Network |
F5 Networks | NGINX Gateway Fabric | F5 NetworksのNGINX Gateway Fabricにおけるインジェクションに関する脆弱性 |
CWE-74
インジェクション |
CVE-2026-50107 | 2026-06-23 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 617 | - | - | 三菱電機 |
MELSEC iQ-Fシリーズ FX5-ENET/IP形Ethernetユニット MELSEC iQ-F FX5-EIP形EtherNet/IPユニット |
三菱電機製MELSEC iQ-FシリーズのFX5-EIPおよびFX5-ENET/IPにおける脆弱性 |
CWE-190 CWE-440 |
CVE-2026-8805 CVE-2026-8806 |
2026-06-22 18:05 | 2026-06-19 | Show | GitHub Exploit DB Packet Storm |
| 618 | - | - | (複数のベンダ) | (複数の製品) | Vendor-signed UEFIアプリケーションにおけるセキュアブートバイパスの脆弱性 | - | - | 2026-06-22 17:17 | 2026-06-19 | Show | GitHub Exploit DB Packet Storm |
| 619 | - | - | (複数のベンダ) | (複数の製品) | CISA ICS Advisory / ICS Medical Advisory(2026年06月18日) | - | - | 2026-06-22 17:17 | 2026-06-19 | Show | GitHub Exploit DB Packet Storm |
| 620 | 8.4 |
重要
Local |
マイクロソフト |
Microsoft Office 2021 Long Term Servicing Channel Edition Microsoft Office 365 Microsoft Office 2024 Long-Term Servicing Ch… |
Microsoft Office のリモート コードが実行される脆弱性 |
CWE-416 CWE-787 |
CVE-2026-45474 | 2026-06-22 11:56 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 27, 2026, 4:35 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 190791 | 5.9 |
MEDIUM
Network |
sony |
srs-xb33_firmware srs-xb43_firmware |
Sony SRS-XB33 and SRS-XB43 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attac… |
NVD-CWE-noinfo
|
CVE-2021-38544 | 2024-11-21 15:17 | 2021-08-12 | Show | GitHub Exploit DB Packet Storm |
| 190792 | 5.9 |
MEDIUM
Network |
tp-link | ue330_firmware | TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals fro… |
NVD-CWE-noinfo
|
CVE-2021-38543 | 2024-11-21 15:17 | 2021-08-12 | Show | GitHub Exploit DB Packet Storm |
| 190793 | 5.4 |
MEDIUM
Network |
netgear | rax40_firmware | NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS. |
CWE-79
Cross-site Scripting |
CVE-2021-38533 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |
| 190794 | 8.8 |
HIGH
Network |
netgear |
d8500_firmware r6400_firmware r6700_firmware r6900_firmware r6900p_firmware r7000_firmware r7000p_firmware r7100lg_firmware r7300dst_firmware r7900_firmware r8300_firmwa… |
Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P … |
NVD-CWE-noinfo
|
CVE-2021-38539 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |
| 190795 | 6.1 |
MEDIUM
Network |
netgear |
d7800_firmware r7800_firmware r8900_firmware r9000_firmware rax120_firmware rbk20_firmware rbr20_firmware rbs20_firmware rbk40_firmware rbs40_firmware rbr40_firmware … |
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RAX120 before 1.0.0.78, RBK20 before 2.3.5… |
CWE-79
Cross-site Scripting |
CVE-2021-38538 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |
| 190796 | 4.8 |
MEDIUM
Network |
netgear |
d6200_firmware d7000_firmware r6020_firmware r6080_firmware r6120_firmware r6260_firmware r6700_firmware r6800_firmware r6900_firmware r6850_firmware r7200_firmware r… |
Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.66, R6260 before 1.1.0… |
CWE-79
Cross-site Scripting |
CVE-2021-38537 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |
| 190797 | 4.8 |
MEDIUM
Network |
netgear |
d6200_firmware d7000_firmware r6020_firmware r6080_firmware r6120_firmware r6260_firmware r6700_firmware r6800_firmware r6900_firmware r6850_firmware r7200_firmware r… |
Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.66, R6260 before 1.1.0… |
CWE-79
Cross-site Scripting |
CVE-2021-38536 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |
| 190798 | 4.8 |
MEDIUM
Network |
netgear |
d6200_firmware d7000_firmware r6020_firmware r6080_firmware r6120_firmware r6260_firmware r6700_firmware r6800_firmware r6900_firmware r6850_firmware r7200_firmware r… |
Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6260 before 1.1.0… |
CWE-79
Cross-site Scripting |
CVE-2021-38535 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |
| 190799 | 7.2 |
HIGH
Network |
netgear | wac104_firmware | NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings. |
NVD-CWE-noinfo
|
CVE-2021-38532 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |
| 190800 | 9.8 |
CRITICAL
Network |
netgear |
d7800_firmware r7800_firmware r8900_firmware r9000_firmware |
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1.0.4.26, and R9000 before 1.0.4.26. |
CWE-77
Command Injection |
CVE-2021-38529 | 2024-11-21 15:17 | 2021-08-11 | Show | GitHub Exploit DB Packet Storm |