Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242911 5 警告 david bennett - David Bennett PHPp の footer.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4878 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242912 5 警告 david bennett - David Bennett PHPp における任意のプログラム変数を上書きされる脆弱性 - CVE-2006-4877 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242913 7.5 危険 aewebworks - AEDating における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4870 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242914 7.5 危険 gnuturk - GNUTurk 2G の mods.php における SQL インジェクションの脆弱性 - CVE-2006-4867 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242915 4.6 警告 アップル - Apple OS X の kextload におけるバッファオーバーフローの脆弱性 - CVE-2006-4866 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242916 7.5 危険 all enthusiast inc - All Enthusiast ReviewPost の index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4864 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242917 7.5 危険 easypagecms - easypage の default.aspx における SQL インジェクションの脆弱性 - CVE-2006-4862 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242918 7.5 危険 clicktech - ClickTech ClickBlog の default.asp における SQL インジェクションの脆弱性 - CVE-2006-4857 2012-06-26 15:37 2006-09-19 Show GitHub Exploit DB Packet Storm
242919 7.5 危険 bolinos - BolinOS の system/_b/contentFiles/gBHTMLEditor.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4851 2012-06-26 15:37 2006-09-18 Show GitHub Exploit DB Packet Storm
242920 5.1 警告 bolinos - BolinOS の system/_b/contentFiles/gBIndex.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4850 2012-06-26 15:37 2006-09-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 4.7 MEDIUM
Local 		- - Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator (!==) to verify the HMAC-SHA256 in… New CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-41244 2026-04-25 06:16 2026-04-25 Show GitHub Exploit DB Packet Storm
62 6.5 MEDIUM
Network 		linuxfoundation tekton_pipelines Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API toke… New CWE-201
NVD-CWE-noinfo
 Insertion of Sensitive Information Into Sent Data 		CVE-2026-40161 2026-04-25 05:55 2026-04-22 Show GitHub Exploit DB Packet Storm
63 7.5 HIGH
Network 		signalk signal_k_server Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service (ReDoS) attack within … New CWE-400
CWE-1333
 Uncontrolled Resource Consumption
 Inefficient Regular Expression Complexity 		CVE-2026-39320 2026-04-25 05:51 2026-04-21 Show GitHub Exploit DB Packet Storm
64 7.1 HIGH
Local 		craigjbass clearancekit ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Si… New CWE-863
 Incorrect Authorization 		CVE-2026-40599 2026-04-25 05:50 2026-04-22 Show GitHub Exploit DB Packet Storm
65 4.4 MEDIUM
Local 		craigjbass clearancekit ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension (bundle ID uk.craigbass.clearancek… New CWE-693
 Protection Mechanism Failure 		CVE-2026-40604 2026-04-25 05:49 2026-04-22 Show GitHub Exploit DB Packet Storm
66 8.8 HIGH
Network 		goshs goshs goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to file… New CWE-22
Path Traversal 		CVE-2026-40876 2026-04-25 05:38 2026-04-22 Show GitHub Exploit DB Packet Storm
67 - - - BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder… New CWE-125
Out-of-bounds Read 		CVE-2026-41503 2026-04-25 05:16 2026-04-25 Show GitHub Exploit DB Packet Storm
68 9.8 CRITICAL
Network 		- - Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is … New CWE-200
Information Exposure 		CVE-2026-41492 2026-04-25 05:16 2026-04-25 Show GitHub Exploit DB Packet Storm
69 7.8 HIGH
Local 		- - Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes pr… New CWE-306
CWE-862
Missing Authentication for Critical Function
 Missing Authorization 		CVE-2026-41477 2026-04-25 05:16 2026-04-25 Show GitHub Exploit DB Packet Storm
70 - - - BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service decoder allows … New CWE-125
Out-of-bounds Read 		CVE-2026-41475 2026-04-25 05:16 2026-04-25 Show GitHub Exploit DB Packet Storm