Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
621	7.5	重要 Network	Node.js Foundation	undici	Node.js Foundationのundiciにおける複数の脆弱性	CWE-400 CWE-770	CVE-2026-9675	2026-06-26 11:51	2026-06-17	Show	GitHub Exploit DB Packet Storm

622	5.9	警告 Network	Node.js Foundation	undici	Node.js Foundationのundiciにおける重要な情報を含むキャッシュの使用に関する脆弱性	CWE-524 重要な情報を含むキャッシュの使用	CVE-2026-9678	2026-06-26 11:51	2026-06-17	Show	GitHub Exploit DB Packet Storm

623	5.9	警告 Network	Node.js Foundation	undici	Node.js FoundationのundiciにおけるCRLF インジェクションの脆弱性	CWE-93 CRLF インジェクション	CVE-2026-9679	2026-06-26 11:51	2026-06-17	Show	GitHub Exploit DB Packet Storm

624	7.4	重要 Network	Node.js Foundation	undici	Node.js Foundationのundiciにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-9697	2026-06-26 11:51	2026-06-17	Show	GitHub Exploit DB Packet Storm

625	8.2	重要 Network	PEVANS (Paul Evans )	Metrics::Any::Adapter::Statsd	PEVANS (Paul Evans )のMetrics::Any::Adapter::Statsdにおける複数の脆弱性	CWE-150 CWE-93	CVE-2026-46719 CVE-2026-46720 CVE-2026-46739 CVE-2026-50637 CVE-2026-50638 CVE-2026-50639	2026-06-26 11:51	2026-06-10	Show	GitHub Exploit DB Packet Storm

626	9.1	緊急 Network	PEVANS (Paul Evans )	Metrics::Any::Adapter::DogStatsd	PEVANS (Paul Evans )のMetrics::Any::Adapter::DogStatsdにおける複数の脆弱性	CWE-150 CWE-93	CVE-2026-50637 CVE-2026-50638 CVE-2026-50639 CVE-2026-9270	2026-06-26 11:51	2026-06-10	Show	GitHub Exploit DB Packet Storm

627	6.5	警告 Network	PEVANS (Paul Evans )	Metrics::Any::Adapter::SignalFx	PEVANS (Paul Evans )のMetrics::Any::Adapter::SignalFxにおける複数の脆弱性	CWE-150 CWE-93	CVE-2026-50637 CVE-2026-50638 CVE-2026-50639 CVE-2026-9270	2026-06-26 11:51	2026-06-10	Show	GitHub Exploit DB Packet Storm

628	7.5	重要 Network	Devolutions	UniGetUI	DevolutionsのUniGetUIにおける誤って解決された名前や参照の使用に関する脆弱性	CWE-706 誤って解決された名前や参照の使用	CVE-2026-10696	2026-06-26 11:51	2026-06-17	Show	GitHub Exploit DB Packet Storm

629	7.8	重要 Local	デル	AIOps Collector	デルのAIOps Collectorにおけるデフォルトの認証情報の使用に関する脆弱性	CWE-1392 デフォルトの認証情報の使用	CVE-2026-32652	2026-06-26 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

630	9.1	緊急 Network	UI	UniFi OS Server	UIのUniFi OS Serverにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-33000	2026-06-26 11:50	2026-05-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	6.5	MEDIUM Network	wolfssl	wolfssl	PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the loc… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6329	2026-06-28 04:51	2026-06-26	Show	GitHub Exploit DB Packet Storm

602	6.5	MEDIUM Network	wolfssl	wolfssl	The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The consta… New	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2026-6330	2026-06-28 04:50	2026-06-26	Show	GitHub Exploit DB Packet Storm

603	7.5	HIGH Network	wolfssl	wolfssl	HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signatur… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6331	2026-06-28 04:48	2026-06-26	Show	GitHub Exploit DB Packet Storm

604	7.5	HIGH Network	wolfssl	wolfssl	PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted. New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-7511	2026-06-28 04:48	2026-06-26	Show	GitHub Exploit DB Packet Storm

605	7.5	HIGH Network	wolfssl	wolfssl	iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP addr… New	CWE-295 Improper Certificate Validation	CVE-2026-7532	2026-06-28 04:46	2026-06-26	Show	GitHub Exploit DB Packet Storm

606	7.5	HIGH Network	wolfssl	wolfssl	wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the … New	CWE-354 Improper Validation of Integrity Check Value	CVE-2026-8720	2026-06-28 04:43	2026-06-26	Show	GitHub Exploit DB Packet Storm

607	10.0	CRITICAL Network	wso2	api_manager	The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled input within these headers. This omission allows an at… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-2053	2026-06-28 04:38	2026-06-26	Show	GitHub Exploit DB Packet Storm

608	9.8	CRITICAL Network	jetbrains	kotlin	In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata New	CWE-502 Deserialization of Untrusted Data	CVE-2026-53914	2026-06-28 04:36	2026-06-26	Show	GitHub Exploit DB Packet Storm

609	7.5	HIGH Network	jetbrains	youtrack	In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint New	CWE-862 Missing Authorization	CVE-2026-57921	2026-06-28 04:35	2026-06-26	Show	GitHub Exploit DB Packet Storm

610	5.3	MEDIUM Network	jetbrains	youtrack	In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible New	CWE-862 Missing Authorization	CVE-2026-57922	2026-06-28 04:33	2026-06-26	Show	GitHub Exploit DB Packet Storm