Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192781 9.8 緊急
Network 		DragonWave Inc. - DragonWave Horizon におけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2017-7576 2017-05-10 15:50 2017-04-6 Show GitHub Exploit DB Packet Storm
192782 9.8 緊急
Network 		F5 Networks - F5 SSL Intercept iApp におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-0305 2017-05-10 15:44 2017-04-5 Show GitHub Exploit DB Packet Storm
192783 7.4 重要
Network 		F5 Networks - F5 SSL Intercept iApp および SSL Orchestrator におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2017-6130 2017-05-10 15:44 2017-04-5 Show GitHub Exploit DB Packet Storm
192784 6.1 警告
Network 		ClipBucket - ClipBucket におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1000307 2017-05-10 15:36 2016-12-14 Show GitHub Exploit DB Packet Storm
192785 5.4 警告
Network 		ClipBucket - ClipBucket におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-4673 2017-05-10 15:36 2015-06-18 Show GitHub Exploit DB Packet Storm
192786 9.8 緊急
Network 		Airtame Inc. - AIRTAME HDMI dongle のファームウェアにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-7450 2017-05-10 15:30 2017-04-4 Show GitHub Exploit DB Packet Storm
192787 7.8 重要
Local 		ベリタス - Veritas System Recovery における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-7444 2017-05-10 15:30 2017-04-3 Show GitHub Exploit DB Packet Storm
192788 6.1 警告
Network 		Debian - apt-cacher および apt-cacher-ng における HTTP レスポンス分割を許可される脆脆弱性 CWE-113
HTTP レスポンスの分割 		CVE-2017-7443 2017-05-10 15:30 2017-03-25 Show GitHub Exploit DB Packet Storm
192789 8.8 重要
Network 		IBM - IBM Atlas Policy Suite コンポーネントの複数の製品におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2016-6100 2017-05-10 15:30 2016-06-29 Show GitHub Exploit DB Packet Storm
192790 7.5 重要
Network 		SUSE
FreeRADIUS		 - FreeRADIUS における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2015-4680 2017-05-10 15:30 2015-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
181 - - - A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality. New - CVE-2025-54505 2026-04-29 13:16 2026-04-28 Show GitHub Exploit DB Packet Storm
182 6.3 MEDIUM
Network 		- - A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6744 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
183 3.5 LOW
Network 		- - A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripti… Update CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6745 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
184 6.3 MEDIUM
Network 		- - A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping_config of the component E… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-6799 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
185 4.3 MEDIUM
Network 		- - A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host … Update CWE-350
 Reliance on Reverse DNS Resolution for a Security-Critical Action 		CVE-2026-6874 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
186 5.6 MEDIUM
Network 		- - A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math_equal of the file prime_math/grader.py. The manipulation leads to sandbox issue. It is possible to initiate… Update CWE-264
CWE-265
Permissions, Privileges, and Access Controls
 Privilege Issues 		CVE-2026-6878 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
187 9.8 CRITICAL
Network 		- - Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) t… Update CWE-94
Code Injection 		CVE-2026-6951 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
188 7.3 HIGH
Network 		- - A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorizati… Update CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-6977 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
189 4.7 MEDIUM
Network 		- - A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sq… Update CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-6978 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
190 6.3 MEDIUM
Network 		- - A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes serve… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6979 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm