Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2001 9.8 緊急
Network 		opensagres XDocReport opensagresのXDocReportにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2025-64087 2026-02-5 15:50 2026-01-20 Show GitHub Exploit DB Packet Storm
2002 8.8 重要
Network 		ajax file browser File Browserにおける複数の脆弱性 CWE-285
CWE-639
CWE-639
CVE-2025-64523 2026-02-5 15:50 2025-11-12 Show GitHub Exploit DB Packet Storm
2003 6.1 警告
Physics 		Blurams Dome Flare Firmware BluramsのDome Flare Firmwareにおける複数の脆弱性 CWE-119
CWE-125
CWE-1274
CVE-2025-65396 2026-02-5 15:50 2026-01-14 Show GitHub Exploit DB Packet Storm
2004 6.8 警告
Physics 		Blurams Dome Flare Firmware BluramsのDome Flare Firmwareにおける複数の脆弱性 CWE-20
CWE-287
CVE-2025-65397 2026-02-5 15:50 2026-01-14 Show GitHub Exploit DB Packet Storm
2005 9.8 緊急
Network 		opensagres XDocReport opensagresのXDocReportにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2025-65482 2026-02-5 15:50 2026-01-20 Show GitHub Exploit DB Packet Storm
2006 5.3 警告
Network 		pymdown extensions project pymdown extensions facelessuserのPyMdown Extensionsにおける非効率的な正規表現の複雑さに関する脆弱性 CWE-1333
非効率的な正規表現の複雑さ 		CVE-2025-68142 2026-02-5 15:50 2025-12-16 Show GitHub Exploit DB Packet Storm
2007 9.8 緊急
Network 		code-projects Computer Book Store carmelo (Carmelo Garcia)のComputer Book Storeにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2025-69559 2026-02-5 15:50 2026-01-27 Show GitHub Exploit DB Packet Storm
2008 6.5 警告
Network 		TMS Global Software TMS Management Console TMS Global SoftwareのTMS Management Consoleにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2025-69612 2026-02-5 15:50 2026-01-22 Show GitHub Exploit DB Packet Storm
2009 6.5 警告
Network 		Keichi Takahashi binary-parser Keichi TakahashiのBinary-parserにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-1245 2026-02-5 15:50 2026-01-20 Show GitHub Exploit DB Packet Storm
2010 9.8 緊急
Network 		csa-iot matter GoogleのMatterにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-20418 2026-02-5 15:50 2026-02-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
261 8.8 HIGH
Network 		tenda fh1202_firmware A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the ar… Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-7034 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
262 8.8 HIGH
Network 		tenda fh1202_firmware A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument G… Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-7035 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
263 9.8 CRITICAL
Network 		tenda i9_firmware A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal… Update CWE-22
Path Traversal 		CVE-2026-7036 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
264 8.8 HIGH
Network 		tenda hg10_firmware A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-6988 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
265 8.8 HIGH
Network 		tenda f453_firmware A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injecti… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-6989 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
266 7.2 HIGH
Network 		linksys mr9600_firmware A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. T… Update CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-6992 2026-04-30 23:09 2026-04-26 Show GitHub Exploit DB Packet Storm
267 7.3 HIGH
Network 		dlink dir-822_firmware A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argumen… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-7067 2026-04-30 23:09 2026-04-27 Show GitHub Exploit DB Packet Storm
268 8.8 HIGH
Adjacent 		dlink dir-825_firmware A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack ca… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7068 2026-04-30 23:08 2026-04-27 Show GitHub Exploit DB Packet Storm
269 8.0 HIGH
Adjacent 		dlink dir-825_firmware A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argum… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7069 2026-04-30 23:08 2026-04-27 Show GitHub Exploit DB Packet Storm
270 7.8 HIGH
Local 		openclaw openclaw OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can… New CWE-863
 Incorrect Authorization 		CVE-2026-42432 2026-04-30 23:06 2026-04-29 Show GitHub Exploit DB Packet Storm