Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194861	9.8	緊急 Network	Web-Dorado	-	WordPress 用 Spider Event Calendar プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-7719	2017-04-24 15:59	2017-04-6	Show	GitHub Exploit DB Packet Storm

194862	6.5	警告 Network	Google	-	Google Chrome における認証情報を検証する前に TLS セッションをキャッシュされる脆弱性	CWE-295 不正な証明書検証	CVE-2013-6662	2017-04-24 15:59	2013-10-8	Show	GitHub Exploit DB Packet Storm

194863	3.5	低 Network	サイボウズ	-	サイボウズ Office における意図しないファイルをダウンロードさせられる脆弱性	CWE-Other その他	CVE-2016-4874	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

194864	4.3	警告 Network	サイボウズ	-	サイボウズ Office のプロジェクト機能における操作制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-4873	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

194865	4.3	警告 Network	サイボウズ	-	サイボウズ Office のパンくずリストにおける閲覧制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-4872	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

194866	6.5	警告 Network	サイボウズ	-	サイボウズ Office におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-4871	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

194867	5.4	警告 Network	サイボウズ	-	サイボウズ Office のスケジュール機能に関するクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-4870	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

194868	6.5	警告 Network	サイボウズ	-	サイボウズ Office における情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2016-4869	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

194869	4.3	警告 Network	サイボウズ	-	サイボウズ Office におけるメールヘッダインジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2016-4868	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

194870	4.3	警告 Network	サイボウズ	-	サイボウズ Office のプロジェクト機能におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-4867	2017-04-24 15:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1341	4.5	MEDIUM Network	-	-	Admidio is an open-source user management solution. Prior to version 5.0.9, the add mode in modules/documents-files.php accepts a name parameter validated only as 'string' type (HTML encoding), allow…	CWE-22 Path Traversal	CVE-2026-41656	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

1342	7.5	HIGH Network	-	-	GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP where a mal…	CWE-129 Improper Validation of Array Index	CVE-2026-41643	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

1343	7.2	HIGH Network	-	-	NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks dangerous SQL …	CWE-89 CWE-284 SQL Injection Improper Access Control	CVE-2026-41641	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

1344	-		-	-	CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0.0 to before version 0.31.7.0, a theme…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-41587	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

1345	-		-	-	CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Theme::upload extracts u…	CWE-22 Path Traversal	CVE-2026-41203	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

1346	7.1	HIGH Adjacent	-	-	AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted fro…	CWE-126 Buffer Over-read	CVE-2026-37532	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

1347	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision_call function in src/afb-supervision.c explicitl…	CWE-269 Improper Privilege Management	CVE-2026-37525	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

1348	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without authenticatio…	CWE-284 Improper Access Control	CVE-2026-37526	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

1349	9.8	CRITICAL Network	-	-	AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename fu…	CWE-22 CWE-367 Path Traversal Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-37531	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

1350	3.1	LOW Network	google	chrome	Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted …	CWE-352 CWE-1021 Origin Validation Error Improper Restriction of Rendered UI Layers or Frames	CVE-2026-8022	2026-05-8 00:15	2026-05-7	Show	GitHub Exploit DB Packet Storm