Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
210381	5.4	警告	wegoi	-	Android 用 RE-VOLT 2 : Best RC 3D Racing アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5743	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210382	5.4	警告	geteversnap	-	Android 用 Eversnap Private Photo Album アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5742	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210383	5.4	警告	ウェブルート株式会社	-	Android 用 Security - Complete アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5741	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210384	5.4	警告	ウェブルート株式会社	-	Android 用 Security - Free アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5740	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210385	5.4	警告	webprancer	-	Android 用 Garfield's Diner アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5739	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210386	5.4	警告	webprancer	-	Android 用 Garfield's Defense アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5738	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210387	5.4	警告	cdsoft	-	Android 用 CDsoft アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5737	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210388	5.4	警告	buycoins	-	Android 用 Buy Coins アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5736	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210389	5.4	警告	home shopping apps	-	Android 用 Buy A Gift アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5735	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210390	5.4	警告	app maker ks	-	Android 用 Buy Books アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5734	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
321	7.7	HIGH Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the ZIP download feature didn't verify downloaded files, potentially following symlinks outside the repository. This issue has be… New	CWE-22 CWE-59 CWE-200 Path Traversal Link Following Information Exposure	CVE-2026-34242	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

322	5.0	MEDIUM Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation servi… New	CWE-200 CWE-918 Information Exposure Server-Side Request Forgery (SSRF)	CVE-2026-34244	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

323	8.8	HIGH Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the user patching API endpoint didn't properly limit the scope of edits. This issue has been fixed in version 5.17. New	CWE-269 Improper Privilege Management	CVE-2026-34393	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

324	4.1	MEDIUM Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the webhook add-on did not utilize existing SSRF protections. This issue has been fixed in version 5.17. If developers are unable … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-39845	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

325	5.0	MEDIUM Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses s… New	CWE-22 Path Traversal	CVE-2026-40256	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

326	7.8	HIGH Local	-	-	Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on th… New	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-22676	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

327	9.4	CRITICAL Network	-	-	Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered o… New	CWE-200 CWE-215 Information Exposure Insertion of Sensitive Information Into Debugging Code	CVE-2026-40173	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

328	-		-	-	Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role. New	CWE-80 Basic XSS	CVE-2026-1564	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

329	-		-	-	Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role. New	CWE-79 Cross-site Scripting	CVE-2026-1711	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

330	6.8	MEDIUM Network	-	-	ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows authenticated administrators to supply arb… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-40500	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm