Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233541 7.5 危険 phpstore - PHPStore Wholesales の track.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5493 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
233542 9.3 危険 verypdf - VeryDOC PDF Viewer OCX Control の pdfview.ocx におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5492 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
233543 7.5 危険 slimcms - SlimCMS の edit.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5491 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
233544 7.5 危険 phpstore - PHPStore Yahoo Answers の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5490 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
233545 4.3 警告 turnkeyforms - TurnkeyForms Text Link Sales の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5487 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
233546 7.5 危険 turnkeyforms - TurnkeyForms Text Link Sales の admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5486 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
233547 4.3 警告 PunBB - PunBB の moderate.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5435 2012-12-20 18:52 2008-12-11 Show GitHub Exploit DB Packet Storm
233548 6.5 警告 PunBB - PunBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5434 2012-12-20 18:52 2008-12-11 Show GitHub Exploit DB Packet Storm
233549 4.3 警告 PunBB - PunBB の login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5433 2012-12-20 18:52 2008-12-11 Show GitHub Exploit DB Packet Storm
233550 4.3 警告 シマンテック - Norton Internet Security の Norton Antivirus におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5427 2012-12-20 18:52 2008-12-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2121 - - - Flowise before 3.0.13 contains an information exposure vulnerability in the POST /api/v1/account/forgot-password endpoint that returns full user objects including PII to unauthenticated attackers. An… CWE-200
Information Exposure 		CVE-2026-56267 2026-06-23 04:17 2026-06-21 Show GitHub Exploit DB Packet Storm
2122 6.1 MEDIUM
Local 		- - Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks … CWE-59
Link Following 		CVE-2026-56236 2026-06-23 04:17 2026-06-21 Show GitHub Exploit DB Packet Storm
2123 8.8 HIGH
Network 		- - Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey endpoint that allows app-limited API keys to mint unrestricted keys by setting empty limits. Attackers… CWE-269
 Improper Privilege Management 		CVE-2026-56216 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
2124 7.5 HIGH
Network 		- - Capgo before 12.128.2 contains an information disclosure vulnerability in Supabase PostgREST RPC endpoints is_trial_org and is_paying_org that allows unauthenticated attackers to enumerate organizati… CWE-200
Information Exposure 		CVE-2026-56214 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
2125 7.1 HIGH
Network 		- - A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setti… CWE-125
Out-of-bounds Read 		CVE-2026-56210 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
2126 9.1 CRITICAL
Network 		- - Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account bound to a victim's email address before that email is verified. By enabling two-fac… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2026-56081 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
2127 6.5 MEDIUM
Network 		- - Capgo before 12.128.2 contains a cross-tenant authorization bypass vulnerability in PostgREST endpoints that allows org-scoped read API keys to access other tenants' webhook secrets and delivery logs… CWE-200
Information Exposure 		CVE-2026-56079 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
2128 8.8 HIGH
Network 		- - PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in … CWE-22
Path Traversal 		CVE-2026-56078 2026-06-23 04:17 2026-06-19 Show GitHub Exploit DB Packet Storm
2129 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2026-53778 2026-06-23 04:17 2026-06-23 Show GitHub Exploit DB Packet Storm
2130 6.5 MEDIUM
Network 		- - Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network. CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-50519 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm