Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
61	9.8	緊急 Network	Rubyconcurrency	Concurrent Ruby	RubyconcurrencyのConcurrent Rubyにおける複数の脆弱性 New	CWE-414 CWE-667	CVE-2026-54906	2026-06-29 11:23	2026-06-24	Show	GitHub Exploit DB Packet Storm

62	9.8	緊急 Network	rtklib	RTKLIB	rtklibのRTKLIBにおける境界外書き込みに関する脆弱性 New	CWE-787 境界外書き込み	CVE-2026-56786	2026-06-29 11:23	2026-06-25	Show	GitHub Exploit DB Packet Storm

63	7.5	重要 Network	rtklib	RTKLIB	rtklibのRTKLIBにおける境界条件の判定に関する脆弱性 New	CWE-193 境界条件の判定	CVE-2026-56787	2026-06-29 11:23	2026-06-25	Show	GitHub Exploit DB Packet Storm

64	7.1	重要 Local	rtklib	RTKLIB	rtklibのRTKLIBにおける境界外読み取りに関する脆弱性 New	CWE-125 境界外読み取り	CVE-2026-56788	2026-06-29 11:23	2026-06-25	Show	GitHub Exploit DB Packet Storm

65	6.5	警告 Network	rtklib	RTKLIB	rtklibのRTKLIBにおけるヒープベースのバッファオーバーフローの脆弱性 New	CWE-122 ヒープオーバーフロー	CVE-2026-56789	2026-06-29 11:23	2026-06-25	Show	GitHub Exploit DB Packet Storm

66	2.6	低 Network	Nokogiri project	Nokogiri	Nokogiriにおける複数の脆弱性 New	CWE-178 CWE-184 CWE-611	CVE-2026-57234	2026-06-29 11:23	2026-06-25	Show	GitHub Exploit DB Packet Storm

67	8.2	重要 Network	Nokogiri project	Nokogiri	Nokogiriにおける複数の脆弱性 New	CWE-125 CWE-190	CVE-2026-57235	2026-06-29 11:23	2026-06-25	Show	GitHub Exploit DB Packet Storm

68	8.2	重要 Network	Nokogiri project	Nokogiri	Nokogiriにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-57236	2026-06-29 11:23	2026-06-25	Show	GitHub Exploit DB Packet Storm

69	4.3	警告 Network	Jenkins プロジェクト	Priority Sorter	JenkinsのPriority Sorterにおけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2026-57290	2026-06-29 11:23	2026-06-24	Show	GitHub Exploit DB Packet Storm

70	5.4	警告 Network	Jenkins プロジェクト	EC2 Fleet	JenkinsのEC2 Fleetにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-57294	2026-06-29 11:22	2026-06-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
320811	8.8	HIGH Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.	CWE-89 SQL Injection	CVE-2024-42417	2024-10-9 00:43	2024-10-4	Show	GitHub Exploit DB Packet Storm

320812	9.8	CRITICAL Network	draytek	vigor3912_firmware vigor2962_firmware vigor3910_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of…	CWE-787 Out-of-bounds Write	CVE-2024-41593	2024-10-9 00:35	2024-10-4	Show	GitHub Exploit DB Packet Storm

320813	6.1	MEDIUM Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.	CWE-79 Cross-site Scripting	CVE-2024-41591	2024-10-9 00:34	2024-10-4	Show	GitHub Exploit DB Packet Storm

320814	6.1	MEDIUM Network	cozmoslabs	membership_\&_content_restriction_-_paid_member_subscriptions	The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…	CWE-79 Cross-site Scripting	CVE-2024-9222	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

320815	6.1	MEDIUM Network	ibericode	mailchimp_top_bar	The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…	CWE-79 Cross-site Scripting	CVE-2024-9210	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

320816	8.8	HIGH Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerabil…	CWE-22 Path Traversal	CVE-2024-20449	2024-10-9 00:33	2024-10-3	Show	GitHub Exploit DB Packet Storm

320817	6.1	MEDIUM Network	themegrill	magazine_blocks	The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us…	CWE-79 Cross-site Scripting	CVE-2024-9218	2024-10-9 00:33	2024-10-2	Show	GitHub Exploit DB Packet Storm

320818	5.4	MEDIUM Network	draytek	vigor3910_firmware vigor3912_firmware vigor2962_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.	CWE-79 Cross-site Scripting	CVE-2024-41587	2024-10-9 00:32	2024-10-4	Show	GitHub Exploit DB Packet Storm

320819	7.5	HIGH Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG o…	CWE-326 Inadequate Encryption Strength	CVE-2024-41594	2024-10-9 00:31	2024-10-4	Show	GitHub Exploit DB Packet Storm

320820	5.5	MEDIUM Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to pe…	CWE-88 Argument Injection	CVE-2024-20444	2024-10-9 00:26	2024-10-3	Show	GitHub Exploit DB Packet Storm