Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208661	6.5	警告	osCommerce	-	osCommerce Online Merchant の catalog/admin/geo_zones.php の update_zone 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-10033	2015-01-19 13:44	2014-02-4	Show	GitHub Exploit DB Packet Storm

208662	6.5	警告	Script Brasil	-	Taboada MacroNews の news_popup.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-10032	2015-01-19 13:37	2014-01-4	Show	GitHub Exploit DB Packet Storm

208663	7.5	危険	クアルコム	-	Qualcomm Eudora WorldMail の IMAPd サービスにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-10031	2015-01-19 12:29	2014-02-16	Show	GitHub Exploit DB Packet Storm

208664	2.1	注意	Malwarebytes	-	Malwarebytes Anti-Exploit の mbae.sys におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-100039	2015-01-19 12:16	2014-12-1	Show	GitHub Exploit DB Packet Storm

208665	4.3	警告	Storytlr	-	Storytlr におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-100038	2015-01-19 12:10	2014-03-6	Show	GitHub Exploit DB Packet Storm

208666	4.3	警告	Storytlr	-	Storytlr におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-100037	2015-01-19 12:08	2014-07-21	Show	GitHub Exploit DB Packet Storm

208667	7.5	危険	LicensePal	-	LicensePal ArcticDesk の管理者インターフェースの ticket グリッドにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-100035	2015-01-19 11:48	2014-03-7	Show	GitHub Exploit DB Packet Storm

208668	4.3	警告	LicensePal	-	LicensePal ArcticDesk の frontend インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-100034	2015-01-19 11:45	2014-03-7	Show	GitHub Exploit DB Packet Storm

208669	5	警告	LicensePal	-	LicensePal ArcticDesk におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-100033	2015-01-19 11:43	2014-03-7	Show	GitHub Exploit DB Packet Storm

208670	7.5	危険	Ganesha Digital Library project	-	Ganesha Digital Library における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-100031	2015-01-19 11:39	2014-02-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1	7.2	HIGH Network	-	-	A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. T… New	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-6992	2026-04-26 03:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

2	6.3	MEDIUM Network	-	-	A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Exec… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6991	2026-04-26 03:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

3	3.5	LOW Network	-	-	A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descriçã… New	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-6990	2026-04-26 03:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

4	6.3	MEDIUM Network	-	-	A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injecti… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-6989	2026-04-26 03:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

5	8.8	HIGH Network	-	-	A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-6988	2026-04-26 03:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

6	9.8	CRITICAL Network	filigran	openaev	OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's… Update	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-24467	2026-04-26 03:00	2026-04-21	Show	GitHub Exploit DB Packet Storm

7	7.3	HIGH Network	-	-	A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation result… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-6987	2026-04-26 02:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

8	3.7	LOW Network	-	-	A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Han… New	CWE-345 CWE-347 Insufficient Verification of Data Authenticity Improper Verification of Cryptographic Signature	CVE-2026-6986	2026-04-26 02:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

9	5.3	MEDIUM Network	-	-	A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation… New	CWE-404 CWE-835 Improper Resource Shutdown or Release Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-6985	2026-04-26 02:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

10	4.7	MEDIUM Network	-	-	A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create_template of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The mani… New	CWE-791 CWE-1336 Incomplete Filtering of Special Elements Improper Neutralization of Special Elements Used in a Template Engine	CVE-2026-6984	2026-04-26 01:16	2026-04-26	Show	GitHub Exploit DB Packet Storm