Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243191 6.8 警告 pathos - Pathos CMS の warn.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1907 2012-09-25 16:47 2007-04-10 Show GitHub Exploit DB Packet Storm
243192 5.8 警告 jetbox - Jetbox CMS の formmail.php におけるスパムを送信される脆弱性 - CVE-2007-1898 2012-09-25 16:47 2007-05-16 Show GitHub Exploit DB Packet Storm
243193 7.5 危険 The PHP Group - PHP の msg_receive 関数における整数オーバーフローの脆弱性 - CVE-2007-1890 2012-09-25 16:47 2007-03-31 Show GitHub Exploit DB Packet Storm
243194 7.5 危険 The PHP Group - PHP の Zend Memory Manager における整数符号エラーの脆弱性 - CVE-2007-1889 2012-09-25 16:47 2007-03-31 Show GitHub Exploit DB Packet Storm
243195 7.5 危険 The PHP Group - SQLite の src/encode.c におけるバッファオーバーフローの脆弱性 - CVE-2007-1888 2012-09-25 16:47 2007-03-31 Show GitHub Exploit DB Packet Storm
243196 6.8 警告 The PHP Group - PHP における整数オーバーフローの脆弱性 - CVE-2007-1886 2012-09-25 16:47 2007-03-31 Show GitHub Exploit DB Packet Storm
243197 7.5 危険 The PHP Group - PHP の str_replace 関数における整数オーバーフローの脆弱性 - CVE-2007-1885 2012-09-25 16:47 2007-04-5 Show GitHub Exploit DB Packet Storm
243198 6.8 警告 The PHP Group - PHP の printf 関数ファミリにおける整数符号エラーの脆弱性 - CVE-2007-1884 2012-09-25 16:47 2007-04-5 Show GitHub Exploit DB Packet Storm
243199 7.8 危険 The PHP Group - PHP における任意のメモリ領域を読まれる脆弱性 - CVE-2007-1883 2012-09-25 16:47 2007-03-29 Show GitHub Exploit DB Packet Storm
243200 6.5 警告 ヒューレット・パッカード - HP Mercury Quality Center における任意の SQL コマンドを実行される脆弱性 - CVE-2007-1882 2012-09-25 16:47 2007-04-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1921 6.1 MEDIUM
Local 		- - Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks … CWE-59
Link Following 		CVE-2026-56236 2026-06-23 04:17 2026-06-21 Show GitHub Exploit DB Packet Storm
1922 8.8 HIGH
Network 		- - Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey endpoint that allows app-limited API keys to mint unrestricted keys by setting empty limits. Attackers… CWE-269
 Improper Privilege Management 		CVE-2026-56216 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
1923 7.5 HIGH
Network 		- - Capgo before 12.128.2 contains an information disclosure vulnerability in Supabase PostgREST RPC endpoints is_trial_org and is_paying_org that allows unauthenticated attackers to enumerate organizati… CWE-200
Information Exposure 		CVE-2026-56214 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
1924 7.1 HIGH
Network 		- - A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setti… CWE-125
Out-of-bounds Read 		CVE-2026-56210 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
1925 9.1 CRITICAL
Network 		- - Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account bound to a victim's email address before that email is verified. By enabling two-fac… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2026-56081 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
1926 6.5 MEDIUM
Network 		- - Capgo before 12.128.2 contains a cross-tenant authorization bypass vulnerability in PostgREST endpoints that allows org-scoped read API keys to access other tenants' webhook secrets and delivery logs… CWE-200
Information Exposure 		CVE-2026-56079 2026-06-23 04:17 2026-06-20 Show GitHub Exploit DB Packet Storm
1927 8.8 HIGH
Network 		- - PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in … CWE-22
Path Traversal 		CVE-2026-56078 2026-06-23 04:17 2026-06-19 Show GitHub Exploit DB Packet Storm
1928 3.7 LOW
Network 		- - Starlette is a lightweight ASGI framework/toolkit. Prior to 1.3.0, the HTTP request path is not validated before being used to reconstruct request.url. Because request.url is rebuilt by concatenating… CWE-706
 Use of Incorrectly-Resolved Name or Reference 		CVE-2026-54282 2026-06-23 04:17 2026-06-23 Show GitHub Exploit DB Packet Storm
1929 - - - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a pa… CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-54280 2026-06-23 04:17 2026-06-23 Show GitHub Exploit DB Packet Storm
1930 - - - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() l… CWE-665
 Improper Initialization 		CVE-2026-54279 2026-06-23 04:17 2026-06-23 Show GitHub Exploit DB Packet Storm