Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
91	8.8	重要 Network	Shanghai UTT Technologies Co., Ltd.	520W ファームウェア	Shanghai UTT Technologies Co., Ltd.の520W ファームウェアにおける複数の脆弱性	CWE-119 CWE-120	CVE-2026-1140	2026-02-6 10:37	2026-01-19	Show	GitHub Exploit DB Packet Storm

92	5.4	警告 Network	Django Software Foundation	Django	Django Software FoundationのDjangoにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-1207	2026-02-6 10:37	2026-02-3	Show	GitHub Exploit DB Packet Storm

93	7.5	重要 Network	Django Software Foundation	Django	Django Software FoundationのDjangoにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-1285	2026-02-6 10:37	2026-02-3	Show	GitHub Exploit DB Packet Storm

94	5.4	警告 Network	Django Software Foundation	Django	Django Software FoundationのDjangoにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-1287	2026-02-6 10:37	2026-02-3	Show	GitHub Exploit DB Packet Storm

95	5.4	警告 Network	Django Software Foundation	Django	Django Software FoundationのDjangoにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-1312	2026-02-6 10:37	2026-02-3	Show	GitHub Exploit DB Packet Storm

96	3.1	低 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-1751	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

97	7.5	重要 Network	メディアテック	NR15	メディアテックのNR15における複数の脆弱性	CWE-617 CWE-754	CVE-2026-20401	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

98	7.5	重要 Network	メディアテック	NR15	メディアテックのNR15における境界外書き込みに関する脆弱性	CWE-787 CWE-noinfo	CVE-2026-20402	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

99	7.5	重要 Network	メディアテック	nr16 NR17R NR15 nr17	メディアテックのNR15等の複数製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-20403	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

100	7.5	重要 Network	メディアテック	nr16 NR17R NR15 nr17	メディアテックのNR15等の複数製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-20404	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
831	5.0	MEDIUM Local	-	-	Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln… New	CWE-404 Improper Resource Shutdown or Release	CVE-2026-34317	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

832	5.8	MEDIUM Network	-	-	Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vu… New	CWE-200 Information Exposure	CVE-2026-34318	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

833	5.0	MEDIUM Local	-	-	Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln… New	CWE-204 Response Discrepancy Information Exposure	CVE-2026-34319	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

834	7.5	HIGH Network	-	-	Vulnerability in the Oracle Financial Services Customer Screening product of Oracle Financial Services Applications (component: User Interface). The supported version that is affected is 8.1.2.8.0.… New	CWE-285 Improper Authorization	CVE-2026-34320	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

835	7.5	HIGH Network	-	-	Vulnerability in the Oracle Financial Services Transaction Filtering product of Oracle Financial Services Applications (component: User Interface). The supported version that is affected is 8.1.2.8… New	CWE-284 Improper Access Control	CVE-2026-35231	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

836	5.4	MEDIUM Network	-	-	Vulnerability in Oracle Fusion Middleware (component: Dynamic Monitoring Service). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low pr… New	CWE-284 Improper Access Control	CVE-2026-35232	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

837	5.2	MEDIUM Network	-	-	Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.24.0.000. Easily exploita… New	CWE-284 Improper Access Control	CVE-2026-35244	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

838	6.4	MEDIUM Network	-	-	Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: C Oracle SSL API). Supported versions that are affected are 12.2.1.4.0 and 12.1.3.0.0. Difficult to expl… New	CWE-284 Improper Access Control	CVE-2026-35252	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

839	6.5	MEDIUM Network	-	-	frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style request… New	CWE-287 Improper Authentication	CVE-2026-40910	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm

840	10.0	CRITICAL Network	-	-	WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without saniti… New	CWE-94 Code Injection	CVE-2026-40911	2026-04-23 06:24	2026-04-22	Show	GitHub Exploit DB Packet Storm