Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198581	6.1	警告 Network	parsi-font project	-	WordPress 用 parsi-font プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000142	2016-10-19 16:54	2016-02-9	Show	GitHub Exploit DB Packet Storm

198582	6.1	警告 Network	Page Layout Builder project	-	WordPress 用 page-layout-builder プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000141	2016-10-19 16:54	2016-02-9	Show	GitHub Exploit DB Packet Storm

198583	6.1	警告 Network	new-year-firework project	-	WordPress 用 new-year-firework プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000140	2016-10-19 16:54	2016-02-9	Show	GitHub Exploit DB Packet Storm

198584	6.1	警告 Network	Katz Web Services, Inc.	-	WordPress 用 Infusionsoft Gravity Forms プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000139	2016-10-19 16:54	2016-02-9	Show	GitHub Exploit DB Packet Storm

198585	6.1	警告 Network	indexisto project	-	WordPress 用 indexisto プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000138	2016-10-19 16:54	2016-02-9	Show	GitHub Exploit DB Packet Storm

198586	6.1	警告 Network	Hero Plugins	-	WordPress 用 Hero Maps Pro プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000137	2016-10-19 16:54	2016-02-9	Show	GitHub Exploit DB Packet Storm

198587	6.1	警告 Network	heat-trackr project	-	WordPress 用 heat-trackr プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000136	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

198588	6.1	警告 Network	HDW Tube project	-	WordPress 用 HDW Tube プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000135	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

198589	6.1	警告 Network	HDW Tube project	-	WordPress 用 HDW Tube プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000134	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

198590	6.1	警告 Network	Designs & Code	-	WordPress 用 Forget About Shortcode Buttons プラグインにおける反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1000133	2016-10-19 16:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
801	7.3	HIGH Network	-	-	A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument room_type le…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7506	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

802	6.3	MEDIUM Network	-	-	A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulat…	CWE-74 CWE-94 Injection Code Injection	CVE-2026-7508	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

803	6.3	MEDIUM Network	-	-	A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulati…	CWE-285 CWE-639 Improper Authorization Authorization Bypass Through User-Controlled Key	CVE-2026-7510	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

804	8.8	HIGH Network	-	-	A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack …	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7512	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

805	8.8	HIGH Network	-	-	A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. Th…	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7513	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

806	4.3	MEDIUM Network	-	-	A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amf_namf_callback_handle_sdm_data_change_notify of the file /namf-callback/v1/{id}/sdmsubscription-notify of the componen…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-7518	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

807	7.3	HIGH Network	-	-	A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename…	CWE-22 Path Traversal	CVE-2026-7519	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

808	4.3	MEDIUM Network	-	-	A vulnerability was found in Open5GS up to 2.7.7. This affects the function amf_namf_comm_handle_registration_status_update_request in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-con…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-7535	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

809	5.3	MEDIUM Network	-	-	A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf_sess_add_by_ip_address of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-7536	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

810	9.8	CRITICAL Network	-	-	A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation o…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7538	2026-05-2 00:26	2026-05-1	Show	GitHub Exploit DB Packet Storm