Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
651 8.4 重要
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46788 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
652 9.6 緊急
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-46789 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
653 5.3 警告
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-46790 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
654 7.5 重要
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46791 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
655 9.9 緊急
Network 		オラクル Oracle Identity Manager Connector オラクルのOracle Identity Manager Connectorにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46792 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
656 9.9 緊急
Network 		オラクル Oracle Identity Manager Connector オラクルのOracle Identity Manager Connectorにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46793 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
657 9.9 緊急
Network 		オラクル Oracle Identity Manager Connector オラクルのOracle Identity Manager Connectorにおける権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-46794 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
658 9.3 緊急
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46795 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
659 8 重要
Network 		- オラクルのOracle WebCenter Sites Support Toolsにおけるオープンリダイレクトの脆弱性 CWE-601
CWE-noinfo
CVE-2026-46796 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
660 9.8 緊急
Network 		- オラクルのOracle WebCenter Sites Support Toolsにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-46797 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
190821 7.5 HIGH
Network 		altova mobiletogether_server Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425. CWE-776
XML Entity Expansion 		CVE-2021-38490 2024-11-21 15:17 2021-08-11 Show GitHub Exploit DB Packet Storm
190822 2.7 LOW
Network 		netgear d3600_firmware
d6000_firmware
d6100_firmware
d6200_firmware
d6220_firmware
d6400_firmware
d7000_firmware
d7800_firmware
d8500_firmware
dc112a_firmware
dgn2200_firmware 		Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 b… NVD-CWE-noinfo
CVE-2021-38514 2024-11-21 15:17 2021-08-11 Show GitHub Exploit DB Packet Storm
190823 7.8 HIGH
Local 		elastic apm_java_agent A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerabil… NVD-CWE-noinfo
CVE-2021-37942 2024-11-21 15:16 2023-11-22 Show GitHub Exploit DB Packet Storm
190824 8.8 HIGH
Network 		elastic elasticsearch An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher… NVD-CWE-noinfo
CVE-2021-37937 2024-11-21 15:16 2023-11-22 Show GitHub Exploit DB Packet Storm
190825 9.8 CRITICAL
Network 		xunruicms xunruicms xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. This vulnerability allows attackers to execute arbitrary code via a crafted GET request. NVD-CWE-noinfo
CVE-2021-38243 2024-11-21 15:16 2023-09-28 Show GitHub Exploit DB Packet Storm
190826 6.5 MEDIUM
Network 		opennetworking onos An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent, and consequently modify or delete the… CWE-697
 Incorrect Comparison 		CVE-2021-38364 2024-11-21 15:16 2023-04-20 Show GitHub Exploit DB Packet Storm
190827 7.5 HIGH
Network 		opennetworking onos An issue was discovered in ONOS 2.5.1. In IntentManager, the install-requested intent (which causes an exception) remains in pendingMap (in memory) forever. Deletion is possible neither by a user nor… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2021-38363 2024-11-21 15:16 2023-04-20 Show GitHub Exploit DB Packet Storm
190828 7.5 HIGH
Network 		dataease dataease SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10. CWE-89
SQL Injection 		CVE-2021-38239 2024-11-21 15:16 2023-02-16 Show GitHub Exploit DB Packet Storm
190829 9.8 CRITICAL
Network 		ruoyi ruoyi Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework. CWE-502
 Deserialization of Untrusted Data 		CVE-2021-38241 2024-11-21 15:16 2022-12-17 Show GitHub Exploit DB Packet Storm
190830 5.4 MEDIUM
Network 		elastic kibana It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could in… CWE-79
Cross-site Scripting 		CVE-2021-37936 2024-11-21 15:16 2022-11-19 Show GitHub Exploit DB Packet Storm