Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
220421 6.8 警告 マカフィー - McAfee Network Data Loss Prevention におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-8523 2014-10-31 14:06 2014-10-3 Show GitHub Exploit DB Packet Storm
220422 7.5 危険 マカフィー - McAfee Network Data Loss Prevention の MySQL データベースにおけるアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2014-8522 2014-10-31 14:05 2014-10-3 Show GitHub Exploit DB Packet Storm
220423 3.5 注意 マカフィー - McAfee Network Data Loss Prevention におけるクロスサイトスクリプティングの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-8521 2014-10-31 14:05 2014-10-3 Show GitHub Exploit DB Packet Storm
220424 5 警告 マカフィー - McAfee Network Data Loss Prevention における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-8520 2014-10-31 14:04 2014-10-3 Show GitHub Exploit DB Packet Storm
220425 2.1 注意 マカフィー - McAfee Network Data Loss Prevention における任意のファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2014-8519 2014-10-31 14:04 2014-10-3 Show GitHub Exploit DB Packet Storm
220426 6.3 警告 マカフィー - McAfee File and Removable Media Protection および Endpoint Encryption for Files and Folders におけるパスワード取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2014-8518 2014-10-31 14:04 2014-10-27 Show GitHub Exploit DB Packet Storm
220427 7.5 危険 Etiko - Etiko CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-8506 2014-10-30 17:01 2014-10-13 Show GitHub Exploit DB Packet Storm
220428 4.3 警告 Etiko - Etiko CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8505 2014-10-30 17:01 2014-10-13 Show GitHub Exploit DB Packet Storm
220429 4.3 警告 wp-football project - WordPress 用 wp-football プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4586 2014-10-30 16:53 2014-06-12 Show GitHub Exploit DB Packet Storm
220430 6.4 警告 Pidgin - Pidgin の win32/untar.c 内の untar_block 関数の nmevent.c における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-3697 2014-10-30 16:39 2014-03-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
981 8.2 HIGH
Network 		- - Supabase Capgo before 12.128.2 contains an authorization bypass vulnerability in the SECURITY DEFINER record_build_time RPC function that allows unauthenticated attackers to insert arbitrary build-ti… New CWE-269
 Improper Privilege Management 		CVE-2026-56245 2026-06-25 23:03 2026-06-24 Show GitHub Exploit DB Packet Storm
982 7.1 HIGH
Network 		- - Capgo before 12.128.2 enforces mandatory two-factor authentication only at the UI level. Sensitive Organization (ORG) management API endpoints (e.g., editing organization details, inviting users) do … New CWE-602
 Client-Side Enforcement of Server-Side Security 		CVE-2026-56256 2026-06-25 23:03 2026-06-24 Show GitHub Exploit DB Packet Storm
983 6.5 MEDIUM
Network 		- - Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons. Remote attackers ca… New CWE-284
Improper Access Control 		CVE-2026-56302 2026-06-25 23:03 2026-06-24 Show GitHub Exploit DB Packet Storm
984 5.3 MEDIUM
Network 		- - Capgo before 12.128.2 contains an information disclosure vulnerability in the public.exist_app_v2 RPC function that allows unauthenticated attackers to enumerate app_ids by calling POST /rest/v1/rpc/… New CWE-200
Information Exposure 		CVE-2026-56337 2026-06-25 23:03 2026-06-24 Show GitHub Exploit DB Packet Storm
985 5.3 MEDIUM
Network 		- - Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authen… New CWE-703
 Improper Check or Handling of Exceptional Conditions 		CVE-2026-56338 2026-06-25 23:03 2026-06-24 Show GitHub Exploit DB Packet Storm
986 8.8 HIGH
Network 		- - Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed for-each loops in sandboxed Groovy scripts, allowing attacker… New CWE-693
 Protection Mechanism Failure 		CVE-2026-57280 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
987 7.5 HIGH
Network 		- - Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations carrying an extensions member, allowing attackers able to run sandboxed Groovy scri… New CWE-93
CWE-693
CRLF Injection
 Protection Mechanism Failure 		CVE-2026-57281 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
988 5.0 MEDIUM
Network 		- - Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, allowing attackers able to control the name… New CWE-78
OS Command  		CVE-2026-57282 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
989 4.3 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier allows attackers to instantiate types related to job or system configuration other … New CWE-352
 Origin Validation Error 		CVE-2026-57283 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
990 4.3 MEDIUM
Network 		- - Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline Snippet Generator, allowing attackers to instantiate types rel… New CWE-470
Unsafe Reflection 		CVE-2026-57284 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm