Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209411 5.4 警告 designtoolkits - Android 用 Blocked in Free アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7587 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209412 5.4 警告 Group Builder - Android 用 Biplane Forum アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7585 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209413 5.4 警告 dataparadigm - Android 用 ACN2GO アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7584 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209414 5.4 警告 c2ae - Android 用 Water Lateral Sizer アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7582 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209415 5.4 警告 quotes of travis barker project - Android 用 Quotes of Travis Barker アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7581 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209416 5.4 警告 thailand investor news project - Android 用 Thailand Investor News アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7580 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209417 5.4 警告 biebernoticias - Android 用 Bieber News Now アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7578 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209418 5.4 警告 bandh - Android 用 B&H Photo Video Pro Audio アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7577 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209419 5.4 警告 phimviethoa - Android 用 Chien Binh Bakugan 2 LongTieng アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7576 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209420 5.4 警告 ebiblio - Android 用 eBiblio Andalucia アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-7575 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
741 6.5 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a … New CWE-79
Cross-site Scripting 		CVE-2025-62110 2026-04-23 23:28 2026-04-23 Show GitHub Exploit DB Packet Storm
742 6.5 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects Taxi Bo… New CWE-79
Cross-site Scripting 		CVE-2026-28040 2026-04-23 23:28 2026-04-23 Show GitHub Exploit DB Packet Storm
743 9.9 CRITICAL
Network 		- - Improper Control of Generation of Code ('Code Injection') vulnerability in Funnelforms LLC FunnelFormsPro allows Remote Code Inclusion.This issue affects FunnelFormsPro: from n/a through 3.8.1. New CWE-94
Code Injection 		CVE-2026-39440 2026-04-23 23:28 2026-04-23 Show GitHub Exploit DB Packet Storm
744 7.1 HIGH
Network 		connectwise automate ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur wi… Update CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-6066 2026-04-23 23:18 2026-04-21 Show GitHub Exploit DB Packet Storm
745 7.3 HIGH
Network 		fortra goanywhere_managed_file_transfer The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH ke… New CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2025-14362 2026-04-23 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm
746 7.8 HIGH
Local 		- - Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file Update CWE-277
 Insecure Inherited Permissions 		CVE-2026-30266 2026-04-23 23:16 2026-04-21 Show GitHub Exploit DB Packet Storm
747 4.9 MEDIUM
Network 		fortra goanywhere_agents
goanywhere_managed_file_transfer 		Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin users to brute-force decryption of data. New CWE-326
Inadequate Encryption Strength 		CVE-2025-1241 2026-04-23 23:12 2026-04-22 Show GitHub Exploit DB Packet Storm
748 7.5 HIGH
Network 		vexa vexa Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa transcription-collector service exposes an internal endpoint `GET /internal/… Update CWE-306
CWE-862
Missing Authentication for Critical Function
 Missing Authorization 		CVE-2026-25058 2026-04-23 23:11 2026-04-21 Show GitHub Exploit DB Packet Storm
749 5.8 MEDIUM
Network 		vexa vexa Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa webhook feature allows authenticated users to configure an arbitrary URL tha… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-25883 2026-04-23 23:10 2026-04-21 Show GitHub Exploit DB Packet Storm
750 4.3 MEDIUM
Network 		fortra goanywhere_managed_file_transfer An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAML configured Web Users being redirected to the regular login page instead of the SAML login page. New CWE-613
 Insufficient Session Expiration 		CVE-2026-0971 2026-04-23 23:00 2026-04-22 Show GitHub Exploit DB Packet Storm