Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
631	7.1	重要 Local	マイクロソフト	Microsoft Word Microsoft Excel Microsoft PowerPoint	Office for Android のなりすましの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-45649	2026-06-22 11:55	2026-06-9	Show	GitHub Exploit DB Packet Storm

632	6.8	警告 Network	Discourse	Discourse	Discourseにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-45775	2026-06-22 11:55	2026-06-12	Show	GitHub Exploit DB Packet Storm

633	9.9	緊急 Network	オラクル	Oracle WebCenter Portal	オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46765	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

634	9.8	緊急 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46766	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

635	9.9	緊急 Network	オラクル	Oracle WebCenter Portal	オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46767	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

636	6	警告 Local	オラクル	Oracle VM VirtualBox	オラクルのOracle VM VirtualBoxにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46768	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

637	7.2	重要 Network	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46769	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

638	6.1	警告 Network	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46770	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

639	4.1	警告 Local	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46771	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

640	4.7	警告 Local	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46772	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
190851	5.7	MEDIUM Network	mattermost	mattermost	Mattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while…	CWE-400 Uncontrolled Resource Consumption	CVE-2021-37865	2024-11-21 15:16	2022-01-19	Show	GitHub Exploit DB Packet Storm

190852	6.5	MEDIUM Network	mattermost	mattermost	Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied …	CWE-863 Incorrect Authorization	CVE-2021-37864	2024-11-21 15:16	2022-01-19	Show	GitHub Exploit DB Packet Storm

190853	6.1	MEDIUM Network	microfocus	arcsight_enterprise_security_manager	Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cr…	CWE-79 Cross-site Scripting	CVE-2021-38127	2024-11-21 15:16	2022-01-15	Show	GitHub Exploit DB Packet Storm

190854	6.1	MEDIUM Network	microfocus	arcsight_enterprise_security_manager	Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cr…	CWE-79 Cross-site Scripting	CVE-2021-38126	2024-11-21 15:16	2022-01-15	Show	GitHub Exploit DB Packet Storm

190855	6.5	MEDIUM Network	google fedoraproject debian	chrome fedora debian_linux	Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	NVD-CWE-noinfo	CVE-2021-38022	2024-11-21 15:16	2021-12-23	Show	GitHub Exploit DB Packet Storm

190856	6.5	MEDIUM Network	google fedoraproject debian	chrome fedora debian_linux	Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	NVD-CWE-noinfo	CVE-2021-38021	2024-11-21 15:16	2021-12-23	Show	GitHub Exploit DB Packet Storm

190857	4.3	MEDIUM Network	google fedoraproject debian	chrome fedora debian_linux	Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	NVD-CWE-Other	CVE-2021-38020	2024-11-21 15:16	2021-12-23	Show	GitHub Exploit DB Packet Storm

190858	6.5	MEDIUM Network	google fedoraproject debian	chrome fedora debian_linux	Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CWE-670 Always-Incorrect Control Flow Implementation	CVE-2021-38019	2024-11-21 15:16	2021-12-23	Show	GitHub Exploit DB Packet Storm

190859	6.5	MEDIUM Network	google fedoraproject debian	chrome fedora debian_linux	Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page.	NVD-CWE-noinfo	CVE-2021-38018	2024-11-21 15:16	2021-12-23	Show	GitHub Exploit DB Packet Storm

190860	8.8	HIGH Network	google fedoraproject debian	chrome fedora debian_linux	Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	CWE-863 Incorrect Authorization	CVE-2021-38017	2024-11-21 15:16	2021-12-23	Show	GitHub Exploit DB Packet Storm