Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2011	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2023-53488	2026-01-23 14:21	2025-10-1	Show	GitHub Exploit DB Packet Storm

2012	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2023-53489	2026-01-23 14:21	2025-10-1	Show	GitHub Exploit DB Packet Storm

2013	9.8	緊急 Network	phpFileManager project	phpFileManager	dullduskのphpfilemanagerにおける弱い認証に関する脆弱性	CWE-1390 脆弱な認証	CVE-2023-53894	2026-01-23 14:21	2025-12-16	Show	GitHub Exploit DB Packet Storm

2014	6.7	警告 Network	ヒューレット・パッカード	Plantronics Hub	ヒューレット・パッカードのPlantronics Hubにおける不適切な権限設定に関する脆弱性	CWE-266 不適切な権限設定	CVE-2024-27460	2026-01-23 14:21	2024-05-14	Show	GitHub Exploit DB Packet Storm

2015	5.4	警告 Network	Church Admin Plugin	Church Admin	Church Admin PluginのWordPress用Church Adminにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-30193	2026-01-23 14:21	2024-03-27	Show	GitHub Exploit DB Packet Storm

2016	5.4	警告 Network	Church Admin Plugin	Church Admin	Church Admin PluginのWordPress用Church Adminにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-30197	2026-01-23 14:21	2024-03-27	Show	GitHub Exploit DB Packet Storm

2017	8.8	重要 Network	Church Admin Plugin	Church Admin	Church Admin PluginのWordPress用Church AdminにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-30244	2026-01-23 14:20	2024-03-28	Show	GitHub Exploit DB Packet Storm

2018	4.3	警告 Network	Church Admin Plugin	Church Admin	Church Admin PluginのWordPress用Church Adminにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-30493	2026-01-23 14:20	2024-03-29	Show	GitHub Exploit DB Packet Storm

2019	5.4	警告 Network	Church Admin Plugin	Church Admin	Church Admin PluginのWordPress用Church Adminにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-30505	2026-01-23 14:20	2024-03-29	Show	GitHub Exploit DB Packet Storm

2020	8.8	重要 Network	Church Admin Plugin	Church Admin	Church Admin PluginのWordPress用Church Adminにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2024-31280	2026-01-23 14:20	2024-04-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
61	4.7	MEDIUM Local	-	-	Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator (!==) to verify the HMAC-SHA256 in… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-41244	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

62	6.5	MEDIUM Network	linuxfoundation	tekton_pipelines	Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API toke… New	CWE-201 NVD-CWE-noinfo Insertion of Sensitive Information Into Sent Data	CVE-2026-40161	2026-04-25 05:55	2026-04-22	Show	GitHub Exploit DB Packet Storm

63	7.5	HIGH Network	signalk	signal_k_server	Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service (ReDoS) attack within … New	CWE-400 CWE-1333 Uncontrolled Resource Consumption Inefficient Regular Expression Complexity	CVE-2026-39320	2026-04-25 05:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

64	7.1	HIGH Local	craigjbass	clearancekit	ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Si… New	CWE-863 Incorrect Authorization	CVE-2026-40599	2026-04-25 05:50	2026-04-22	Show	GitHub Exploit DB Packet Storm

65	4.4	MEDIUM Local	craigjbass	clearancekit	ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension (bundle ID uk.craigbass.clearancek… New	CWE-693 Protection Mechanism Failure	CVE-2026-40604	2026-04-25 05:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

66	8.8	HIGH Network	goshs	goshs	goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to file… New	CWE-22 Path Traversal	CVE-2026-40876	2026-04-25 05:38	2026-04-22	Show	GitHub Exploit DB Packet Storm

67	-		-	-	BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder… New	CWE-125 Out-of-bounds Read	CVE-2026-41503	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

68	9.8	CRITICAL Network	-	-	Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is … New	CWE-200 Information Exposure	CVE-2026-41492	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

69	7.8	HIGH Local	-	-	Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes pr… New	CWE-306 CWE-862 Missing Authentication for Critical Function Missing Authorization	CVE-2026-41477	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

70	-		-	-	BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service decoder allows … New	CWE-125 Out-of-bounds Read	CVE-2026-41475	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm