Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
771 9.1 緊急
Network 		Apache Software Foundation Apache Shiro Apache Software FoundationのApache ShiroにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-49268 2026-06-22 11:48 2026-06-17 Show GitHub Exploit DB Packet Storm
772 7 重要
Local 		マイクロソフト Microsoft Malware Protection Engine Microsoft Defender Elevation of Privilege Vulnerability CWE-59
リンク解釈の問題 		CVE-2026-50656 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
773 8.1 重要
Network 		KubeV2V Migration assessment KubeV2VのMigration assessmentにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-53469 2026-06-22 11:48 2026-06-10 Show GitHub Exploit DB Packet Storm
774 8.1 重要
Network 		KubeV2V Migration assessment KubeV2VのMigration assessmentにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-53470 2026-06-22 11:48 2026-06-10 Show GitHub Exploit DB Packet Storm
775 7.7 重要
Network 		KubeV2V Migration assessment KubeV2VのMigration assessmentにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-53471 2026-06-22 11:48 2026-06-10 Show GitHub Exploit DB Packet Storm
776 7.1 重要
Network 		OpenClaw OpenClaw OpenClawにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-53840 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
777 6.1 警告
Network 		OpenClaw OpenClaw OpenClawにおけるWeb ページの属性に対するスクリプトの不適切な無害化に関する脆弱性 CWE-83
Web ページの属性に対するスクリプトの不適切な無害化 		CVE-2026-53841 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
778 7.1 重要
Local 		OpenClaw OpenClaw OpenClawにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-53842 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
779 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-53843 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
780 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-53844 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191141 8.8 HIGH
Adjacent 		defcon def_con_27_firmware The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol. CWE-120
Classic Buffer Overflow 		CVE-2021-38111 2024-11-21 15:16 2021-08-5 Show GitHub Exploit DB Packet Storm
191142 8.1 HIGH
Network 		courier-mta courier_mail_server An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into… CWE-74
Injection 		CVE-2021-38084 2024-11-21 15:16 2021-08-4 Show GitHub Exploit DB Packet Storm
191143 6.1 MEDIUM
Network 		joplin_project joplin Joplin before 2.0.9 allows XSS via button and form in the note body. CWE-79
Cross-site Scripting 		CVE-2021-37916 2024-11-21 15:16 2021-08-3 Show GitHub Exploit DB Packet Storm
191144 6.5 MEDIUM
Network 		argo-workflows_project argo-workflows In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow b… CWE-20
 Improper Input Validation  		CVE-2021-37914 2024-11-21 15:16 2021-08-3 Show GitHub Exploit DB Packet Storm
191145 8.1 HIGH
Network 		stb_project
debian 		stb
debian_linux 		stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. CWE-787
 Out-of-bounds Write 		CVE-2021-37789 2024-11-21 15:15 2022-11-2 Show GitHub Exploit DB Packet Storm
191146 9.8 CRITICAL
Network 		phpgurukul employee_record_management_system Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php. CWE-89
SQL Injection 		CVE-2021-37782 2024-11-21 15:15 2022-10-29 Show GitHub Exploit DB Packet Storm
191147 9.8 CRITICAL
Network 		locke-bot_project locke-bot SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2 allows remote attackers to run arbitrary SQL commands via crafted string to /src/db.js, /commands/mute.js, /modules/event/messageDelete.js. CWE-89
SQL Injection 		CVE-2021-37522 2024-11-21 15:15 2023-07-19 Show GitHub Exploit DB Packet Storm
191148 9.8 CRITICAL
Network 		furukawa 423-41w\/ac_firmware
ld421-21w_firmware
ld420-10r_firmware
ld421-21wv_firmware 		RCE (Remote Code Execution) vulnerability was found in some Furukawa ONU models, this vulnerability allows remote unauthenticated users to send arbitrary commands to the device via web interface. NVD-CWE-noinfo
CVE-2021-37384 2024-11-21 15:15 2023-07-18 Show GitHub Exploit DB Packet Storm
191149 7.5 HIGH
Network 		furukawa 423-41w\/ac_firmware
ld421-21w_firmware
ld420-10r_firmware
ld421-21wv_firmware 		Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function. CWE-79
Cross-site Scripting 		CVE-2021-37386 2024-11-21 15:15 2023-07-18 Show GitHub Exploit DB Packet Storm
191150 3.7 LOW
Network 		citadel webcit An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS… NVD-CWE-noinfo
CVE-2021-37845 2024-11-21 15:15 2023-05-30 Show GitHub Exploit DB Packet Storm