Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
234661	5	警告	カスペルスキー	-	Kaspersky Lab Antivurus Engine におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0125	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

234662	6.8	警告	michael romedahl	-	RI Blog の search.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0121	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

234663	6.8	警告	packeteer	-	Packeteer PacketShaper PacketWise におけるバッファオーバーフローの脆弱性	-	CVE-2007-0113	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

234664	6.8	警告	Novell	-	Novell Access Manager Identity Server の nidp/idff/sso におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0110	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

234665	6	警告	Novell	-	Windows 2000/XP/2003 用の Novell Client における別のユーザプロファイルを呼び出される脆弱性	-	CVE-2007-0108	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

234666	10	危険	Perforce Software	-	Perforce クライアントにおける任意のファイルを上書きされる脆弱性	-	CVE-2007-0100	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

234667	7.5	危険	katy whitton web development	-	newsCMSlite におけるパスワードを含むデータベースをダウンロードされる脆弱性	-	CVE-2007-0091	2012-09-25 15:36	2007-01-5	Show	GitHub Exploit DB Packet Storm

234668	7.5	危険	jgbbs	-	jgbbs におけるパスワードを含むデータベースをダウンロードされる脆弱性	-	CVE-2007-0089	2012-09-25 15:36	2007-01-5	Show	GitHub Exploit DB Packet Storm

234669	5	警告	openmedia	-	openmedia におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-0088	2012-09-25 15:36	2007-01-5	Show	GitHub Exploit DB Packet Storm

234670	6	警告	OpenBSD	-	OpenBSD の wscons 用の VGA グラフィックドライバにおける権限を取得される脆弱性	-	CVE-2007-0085	2012-09-25 15:36	2007-01-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
51	5.3	MEDIUM Network	-	-	Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold … New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6966	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

52	3.1	LOW Network	-	-	LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's _url_to_size() helper (used by get_num_tokens_from_messages for image token counting) va… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41488	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

53	6.5	MEDIUM Network	-	-	LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.split_text_from_url() validated the initial URL using valid… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41481	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

54	9.9	CRITICAL Network	-	-	Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authen… New	CWE-89 SQL Injection	CVE-2026-41478	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

55	-		-	-	Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's clipboard deserialization allows a connected peer to trigger an out-of-bounds re… New	CWE-120 Classic Buffer Overflow	CVE-2026-41476	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

56	-		-	-	CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the da… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-41473	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

57	-		-	-	CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows una… New	CWE-79 Cross-site Scripting	CVE-2026-41472	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

58	9.1	CRITICAL Network	-	-	Budibase is an open-source low-code platform. Prior to 3.35.4, the authenticated middleware uses unanchored regular expressions to match public (no-auth) endpoint patterns against ctx.request.url. Si… New	CWE-287 Improper Authentication	CVE-2026-41428	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

59	9.1	CRITICAL Network	-	-	Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the … New	CWE-943 Improper Neutralization of Special Elements in Data Query Logic	CVE-2026-41328	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

60	9.1	CRITICAL Network	-	-	Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowi… New	CWE-436 CWE-863 Interpretation Conflict Incorrect Authorization	CVE-2026-41248	2026-04-25 06:16	2026-04-25	Show	GitHub Exploit DB Packet Storm