Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
801 7.1 重要
Local 		OpenClaw OpenClaw OpenClawにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-53865 2026-06-22 11:47 2026-06-16 Show GitHub Exploit DB Packet Storm
802 8.1 重要
Network 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-53866 2026-06-22 11:47 2026-06-16 Show GitHub Exploit DB Packet Storm
803 6.5 警告
Network 		Mozilla Foundation Mozilla Firefox Mobile Mozilla FoundationのMozilla Firefox Mobileにおけるデータの信頼性についての不十分な検証に関する脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2026-53899 2026-06-22 11:47 2026-06-16 Show GitHub Exploit DB Packet Storm
804 4.3 警告
Network 		Mozilla Foundation Mozilla Firefox Mobile Mozilla FoundationのMozilla Firefox Mobileにおける複数の脆弱性 CWE-345
CWE-384
CVE-2026-53900 2026-06-22 11:47 2026-06-16 Show GitHub Exploit DB Packet Storm
805 5.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-6046 2026-06-22 11:47 2026-06-12 Show GitHub Exploit DB Packet Storm
806 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-6689 2026-06-22 11:47 2026-06-12 Show GitHub Exploit DB Packet Storm
807 7.8 重要
Local 		MongoDB Inc. MongoDB C Driver MongoDB Inc.のMongoDB C Driverにおける複数の脆弱性 CWE-120
CWE-787
CVE-2026-6691 2026-06-22 11:47 2026-05-6 Show GitHub Exploit DB Packet Storm
808 7.2 重要
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-6739 2026-06-22 11:47 2026-06-12 Show GitHub Exploit DB Packet Storm
809 7.6 重要
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6961 2026-06-22 11:47 2026-06-12 Show GitHub Exploit DB Packet Storm
810 6.5 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける送信データへの重要な情報の挿入に関する脆弱性 CWE-201
送信データへの重要な情報の挿入 		CVE-2026-7184 2026-06-22 11:47 2026-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191081 9.8 CRITICAL
Network 		serverless_offline_project serverless_offline Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect access control, because the actual behavior w… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2021-38384 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191082 9.8 CRITICAL
Network 		owntone_project owntone OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c. CWE-416
 Use After Free 		CVE-2021-38383 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191083 6.5 MEDIUM
Network 		live555 live555 Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. CWE-416
 Use After Free 		CVE-2021-38382 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191084 6.5 MEDIUM
Network 		live555 live555 Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. CWE-416
 Use After Free 		CVE-2021-38381 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191085 7.5 HIGH
Network 		live555 live555 Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack. CWE-125
Out-of-bounds Read 		CVE-2021-38380 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191086 9.8 CRITICAL
Network 		set_user_project set_user The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user(). CWE-269
 Improper Privilege Management 		CVE-2021-38140 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191087 5.3 MEDIUM
Network 		kde kmail In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked. CWE-77
CWE-319
Command Injection
Cleartext Transmission of Sensitive Information 		CVE-2021-38373 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191088 3.7 LOW
Network 		kde trojita In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS. CWE-77
Command Injection 		CVE-2021-38372 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191089 7.5 HIGH
Network 		exim exim The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending. CWE-74
Injection 		CVE-2021-38371 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm
191090 5.9 MEDIUM
Network 		alpine_project alpine In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS. CWE-77
Command Injection 		CVE-2021-38370 2024-11-21 15:16 2021-08-11 Show GitHub Exploit DB Packet Storm