Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202731 7.1 危険 シスコシステムズ - Cisco ASR 5000 デバイス上で稼動する StarOS の SSH 実装における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1335 2016-03-15 16:52 2016-02-18 Show GitHub Exploit DB Packet Storm
202732 5 警告 シスコシステムズ - Cisco Small Business 500 Wireless Access Point デバイスのファームウェアにおけるシステム時刻を設定される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1334 2016-03-15 16:52 2016-02-16 Show GitHub Exploit DB Packet Storm
202733 6.8 警告 シスコシステムズ - Cisco 1000 Connected Grid ルータ上で稼動する Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-1333 2016-03-15 16:52 2016-02-16 Show GitHub Exploit DB Packet Storm
202734 5.4 警告 ヒューレット・パッカード - 特定の HP Commercial PC 2015 上で稼動する Sure Start におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-2243 2016-03-15 16:10 2016-02-25 Show GitHub Exploit DB Packet Storm
202735 5 警告 Squid-cache.org - Squid の http.cc におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2571 2016-03-15 15:23 2016-02-23 Show GitHub Exploit DB Packet Storm
202736 5 警告 Squid-cache.org - Squid の Edge Side Includes パーサにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2570 2016-03-15 15:23 2016-02-23 Show GitHub Exploit DB Packet Storm
202737 5 警告 Squid-cache.org - Squid におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2569 2016-03-15 15:23 2016-02-23 Show GitHub Exploit DB Packet Storm
202738 10 危険 デル - 複数の Dell SonicWALL 製品の cliserver の実装における逆シリアル化される脆弱性 CWE-Other
その他 		CVE-2016-2397 2016-03-15 15:23 2016-02-10 Show GitHub Exploit DB Packet Storm
202739 4.3 警告 シトリックス・システムズ - Citrix NetScaler Application Delivery Controller および NetScaler Gateway の管理 Web インターフェースにおけるクリックジャッキング攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2016-2072 2016-03-15 14:55 2016-02-10 Show GitHub Exploit DB Packet Storm
202740 10 危険 シトリックス・システムズ - Citrix NetScaler Application Delivery Controller および NetScaler Gateway における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2071 2016-03-15 14:55 2016-02-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
561 8.1 HIGH
Network 		- - The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to and including 3.14.5. This is due to the use of PHP's maybe_unserialize() function on the atta… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2026-7647 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
562 6.3 MEDIUM
Network 		- - A security flaw has been discovered in JeecgBoot up to 3.9.1. This vulnerability affects the function CommonController.uploadImgByHttp/HttpFileToMultipartFileUtil.httpFileToMultipartFile/HttpFileToMu… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-7605 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
563 8.8 HIGH
Network 		- - The Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.2 via… Update CWE-94
Code Injection 		CVE-2026-2052 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
564 6.5 MEDIUM
Network 		- - The Geo Mashup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geo_mashup_null_fields' parameter in all versions up to, and including, 1.13.19 due to insufficient escapi… Update CWE-89
SQL Injection 		CVE-2026-6457 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
565 5.3 MEDIUM
Network 		- - The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due to missing authorization and nonce verification in the… Update CWE-862
 Missing Authorization 		CVE-2026-4650 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
566 4.7 MEDIUM
Network 		- - A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the file /edit_user.php. Executing a manipulation of the argument ID can lead to sql i… Update CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-7612 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
567 6.3 MEDIUM
Network 		- - A security vulnerability has been detected in 8nite metatrader-4-mcp 1.0.0. This vulnerability affects the function CallToolRequestSchema of the file src/index.ts of the component sync_ea_from_file. … Update CWE-22
Path Traversal 		CVE-2026-7627 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
568 7.5 HIGH
Network 		- - The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'sort' parameter in all versions up to, and including, 1.13.18. This is due to insufficient escaping on the user … Update CWE-89
SQL Injection 		CVE-2026-4060 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
569 7.5 HIGH
Network 		- - The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'map_post_type' parameter in all versions up to, and including, 1.13.18. This is due to the `SearchResults` hook … Update CWE-89
SQL Injection 		CVE-2026-4061 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm
570 5.4 MEDIUM
Network 		- - The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_svg' parameter in versions up to, and inclu… Update CWE-79
Cross-site Scripting 		CVE-2026-4790 2026-05-6 04:15 2026-05-2 Show GitHub Exploit DB Packet Storm