Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
811 8.8 重要
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-7387 2026-06-22 11:46 2026-06-12 Show GitHub Exploit DB Packet Storm
812 6.5 警告
Adjacent 		TP-LINK Technologies Tapo C520WS Firmware TP-LINK TechnologiesのTapo C520WS Firmwareにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-8714 2026-06-22 11:46 2026-06-5 Show GitHub Exploit DB Packet Storm
813 6.5 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-9741 2026-06-22 11:46 2026-06-9 Show GitHub Exploit DB Packet Storm
814 5.9 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける指定されたタイプの入力に対する不適切な検証に関する脆弱性 CWE-1287
指定されたタイプの入力に対する不適切な検証 		CVE-2026-9742 2026-06-22 11:46 2026-06-9 Show GitHub Exploit DB Packet Storm
815 6.5 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-9746 2026-06-22 11:46 2026-06-9 Show GitHub Exploit DB Packet Storm
816 6.5 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-9749 2026-06-22 11:46 2026-06-9 Show GitHub Exploit DB Packet Storm
817 6.5 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-9752 2026-06-22 11:46 2026-06-9 Show GitHub Exploit DB Packet Storm
818 8.1 重要
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける複数の脆弱性 CWE-1287
CWE-787
CVE-2026-9753 2026-06-22 11:46 2026-06-9 Show GitHub Exploit DB Packet Storm
819 6.5 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける初期化されていない変数の使用に関する脆弱性 CWE-457
初期化されていない変数の使用 		CVE-2026-9754 2026-06-22 11:46 2026-06-9 Show GitHub Exploit DB Packet Storm
820 7.8 重要
Local 		Google Android GoogleのAndroidにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-0143 2026-06-22 11:45 2026-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191121 8.8 HIGH
Network 		roxy-wi roxy-wi Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and /api/api_funct.py. CWE-77
Command Injection 		CVE-2021-38169 2024-11-21 15:16 2021-08-8 Show GitHub Exploit DB Packet Storm
191122 8.8 HIGH
Network 		roxy-wi roxy-wi Roxy-WI through 5.2.2.0 allows authenticated SQL injection via select_servers. CWE-89
SQL Injection 		CVE-2021-38168 2024-11-21 15:16 2021-08-8 Show GitHub Exploit DB Packet Storm
191123 9.8 CRITICAL
Network 		roxy-wi roxy-wi Roxy-WI through 5.2.2.0 allows SQL Injection via check_login. An unauthenticated attacker can extract a valid uuid to bypass authentication. CWE-89
SQL Injection 		CVE-2021-38167 2024-11-21 15:16 2021-08-8 Show GitHub Exploit DB Packet Storm
191124 7.8 HIGH
Local 		linux
fedoraproject
debian 		linux_kernel
fedora
debian_linux 		In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impracti… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2021-38166 2024-11-21 15:16 2021-08-8 Show GitHub Exploit DB Packet Storm
191125 5.3 MEDIUM
Network 		lynx_project
debian
fedoraproject 		lynx
debian_linux
fedora 		Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. CWE-522
 Insufficiently Protected Credentials 		CVE-2021-38165 2024-11-21 15:16 2021-08-8 Show GitHub Exploit DB Packet Storm
191126 9.8 CRITICAL
Network 		progress moveit_transfer In certain Progress MOVEit Transfer versions before 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the da… CWE-89
SQL Injection 		CVE-2021-38159 2024-11-21 15:16 2021-08-8 Show GitHub Exploit DB Packet Storm
191127 7.8 HIGH
Local 		linux
netapp
debian
redhat 		linux_kernel
hci_bootstrap_os
solidfire
hci_management_node
element_software
debian_linux
enterprise_linux 		In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the… CWE-120
Classic Buffer Overflow 		CVE-2021-38160 2024-11-21 15:16 2021-08-7 Show GitHub Exploit DB Packet Storm
191128 9.8 CRITICAL
Network 		obsidian obsidian Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs. NVD-CWE-noinfo
CVE-2021-38148 2024-11-21 15:16 2021-08-7 Show GitHub Exploit DB Packet Storm
191129 6.1 MEDIUM
Network 		leostream connection_broker LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by t… CWE-79
Cross-site Scripting 		CVE-2021-38157 2024-11-21 15:16 2021-08-7 Show GitHub Exploit DB Packet Storm
191130 7.5 HIGH
Network 		openstack keystone OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). … CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2021-38155 2024-11-21 15:16 2021-08-7 Show GitHub Exploit DB Packet Storm