Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
791	8.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-184 CWE-863	CVE-2026-53855	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

792	5.5	警告 Local	OpenClaw	OpenClaw	OpenClawにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-53856	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

793	8.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-53857	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

794	7.1	重要 Local	OpenClaw	OpenClaw	OpenClawにおける信頼できない検索パスに関する脆弱性	CWE-426 信頼性のない検索パス	CVE-2026-53858	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

795	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-1023 CWE-918	CVE-2026-53859	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

796	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-807 CWE-863	CVE-2026-53860	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

797	9.8	緊急 Network	OpenClaw	OpenClaw	OpenClawにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-53861	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

798	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-266 CWE-345	CVE-2026-53862	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

799	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-53863	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

800	8.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-53864	2026-06-22 11:47	2026-06-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191141	8.8	HIGH Adjacent	defcon	def_con_27_firmware	The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol.	CWE-120 Classic Buffer Overflow	CVE-2021-38111	2024-11-21 15:16	2021-08-5	Show	GitHub Exploit DB Packet Storm

191142	8.1	HIGH Network	courier-mta	courier_mail_server	An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into…	CWE-74 Injection	CVE-2021-38084	2024-11-21 15:16	2021-08-4	Show	GitHub Exploit DB Packet Storm

191143	6.1	MEDIUM Network	joplin_project	joplin	Joplin before 2.0.9 allows XSS via button and form in the note body.	CWE-79 Cross-site Scripting	CVE-2021-37916	2024-11-21 15:16	2021-08-3	Show	GitHub Exploit DB Packet Storm

191144	6.5	MEDIUM Network	argo-workflows_project	argo-workflows	In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow b…	CWE-20 Improper Input Validation	CVE-2021-37914	2024-11-21 15:16	2021-08-3	Show	GitHub Exploit DB Packet Storm

191145	8.1	HIGH Network	stb_project debian	stb debian_linux	stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.	CWE-787 Out-of-bounds Write	CVE-2021-37789	2024-11-21 15:15	2022-11-2	Show	GitHub Exploit DB Packet Storm

191146	9.8	CRITICAL Network	phpgurukul	employee_record_management_system	Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php.	CWE-89 SQL Injection	CVE-2021-37782	2024-11-21 15:15	2022-10-29	Show	GitHub Exploit DB Packet Storm

191147	9.8	CRITICAL Network	locke-bot_project	locke-bot	SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2 allows remote attackers to run arbitrary SQL commands via crafted string to /src/db.js, /commands/mute.js, /modules/event/messageDelete.js.	CWE-89 SQL Injection	CVE-2021-37522	2024-11-21 15:15	2023-07-19	Show	GitHub Exploit DB Packet Storm

191148	9.8	CRITICAL Network	furukawa	423-41w\/ac_firmware ld421-21w_firmware ld420-10r_firmware ld421-21wv_firmware	RCE (Remote Code Execution) vulnerability was found in some Furukawa ONU models, this vulnerability allows remote unauthenticated users to send arbitrary commands to the device via web interface.	NVD-CWE-noinfo	CVE-2021-37384	2024-11-21 15:15	2023-07-18	Show	GitHub Exploit DB Packet Storm

191149	7.5	HIGH Network	furukawa	423-41w\/ac_firmware ld421-21w_firmware ld420-10r_firmware ld421-21wv_firmware	Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function.	CWE-79 Cross-site Scripting	CVE-2021-37386	2024-11-21 15:15	2023-07-18	Show	GitHub Exploit DB Packet Storm

191150	3.7	LOW Network	citadel	webcit	An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS…	NVD-CWE-noinfo	CVE-2021-37845	2024-11-21 15:15	2023-05-30	Show	GitHub Exploit DB Packet Storm