Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
781 4.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-53845 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
782 7.1 重要
Local 		OpenClaw OpenClaw OpenClawにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-53846 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
783 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおける不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2026-53847 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
784 4.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-53848 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
785 8.1 重要
Network 		OpenClaw OpenClaw OpenClawにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-53849 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
786 5.5 警告
Local 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-53850 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
787 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-53851 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
788 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおける安全でない失敗処理に関する脆弱性 CWE-636
安全でない失敗処理 		CVE-2026-53852 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
789 8.3 重要
Network 		OpenClaw OpenClaw OpenClawにおける複数の脆弱性 CWE-693
CWE-863
CVE-2026-53853 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
790 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-53854 2026-06-22 11:48 2026-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191141 8.8 HIGH
Adjacent 		defcon def_con_27_firmware The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol. CWE-120
Classic Buffer Overflow 		CVE-2021-38111 2024-11-21 15:16 2021-08-5 Show GitHub Exploit DB Packet Storm
191142 8.1 HIGH
Network 		courier-mta courier_mail_server An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into… CWE-74
Injection 		CVE-2021-38084 2024-11-21 15:16 2021-08-4 Show GitHub Exploit DB Packet Storm
191143 6.1 MEDIUM
Network 		joplin_project joplin Joplin before 2.0.9 allows XSS via button and form in the note body. CWE-79
Cross-site Scripting 		CVE-2021-37916 2024-11-21 15:16 2021-08-3 Show GitHub Exploit DB Packet Storm
191144 6.5 MEDIUM
Network 		argo-workflows_project argo-workflows In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow b… CWE-20
 Improper Input Validation  		CVE-2021-37914 2024-11-21 15:16 2021-08-3 Show GitHub Exploit DB Packet Storm
191145 8.1 HIGH
Network 		stb_project
debian 		stb
debian_linux 		stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. CWE-787
 Out-of-bounds Write 		CVE-2021-37789 2024-11-21 15:15 2022-11-2 Show GitHub Exploit DB Packet Storm
191146 9.8 CRITICAL
Network 		phpgurukul employee_record_management_system Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php. CWE-89
SQL Injection 		CVE-2021-37782 2024-11-21 15:15 2022-10-29 Show GitHub Exploit DB Packet Storm
191147 9.8 CRITICAL
Network 		locke-bot_project locke-bot SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2 allows remote attackers to run arbitrary SQL commands via crafted string to /src/db.js, /commands/mute.js, /modules/event/messageDelete.js. CWE-89
SQL Injection 		CVE-2021-37522 2024-11-21 15:15 2023-07-19 Show GitHub Exploit DB Packet Storm
191148 9.8 CRITICAL
Network 		furukawa 423-41w\/ac_firmware
ld421-21w_firmware
ld420-10r_firmware
ld421-21wv_firmware 		RCE (Remote Code Execution) vulnerability was found in some Furukawa ONU models, this vulnerability allows remote unauthenticated users to send arbitrary commands to the device via web interface. NVD-CWE-noinfo
CVE-2021-37384 2024-11-21 15:15 2023-07-18 Show GitHub Exploit DB Packet Storm
191149 7.5 HIGH
Network 		furukawa 423-41w\/ac_firmware
ld421-21w_firmware
ld420-10r_firmware
ld421-21wv_firmware 		Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function. CWE-79
Cross-site Scripting 		CVE-2021-37386 2024-11-21 15:15 2023-07-18 Show GitHub Exploit DB Packet Storm
191150 3.7 LOW
Network 		citadel webcit An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS… NVD-CWE-noinfo
CVE-2021-37845 2024-11-21 15:15 2023-05-30 Show GitHub Exploit DB Packet Storm