Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217941	4	警告	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における CB の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1568	2013-11-8 14:41	2013-04-16	Show	GitHub Exploit DB Packet Storm

217942	3.5	注意	オラクル	-	Oracle MySQL における Data Manipulation Language の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1567	2013-11-8 14:40	2013-04-16	Show	GitHub Exploit DB Packet Storm

217943	3.5	注意	オラクル	-	Oracle MySQL における InnoDB の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1566	2013-11-8 14:39	2013-04-16	Show	GitHub Exploit DB Packet Storm

217944	5	警告	オラクル	-	Oracle Fusion Middleware の Oracle GoldenGate Veridata における脆弱性	CWE-noinfo 情報不足	CVE-2013-1565	2013-11-8 14:38	2013-04-16	Show	GitHub Exploit DB Packet Storm

217945	4	警告	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における HELP の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1562	2013-11-8 14:30	2013-04-16	Show	GitHub Exploit DB Packet Storm

217946	2.1	注意	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における BASE の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1560	2013-11-8 14:29	2013-04-16	Show	GitHub Exploit DB Packet Storm

217947	4	警告	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Content における Content Server の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1559	2013-11-8 14:28	2013-04-16	Show	GitHub Exploit DB Packet Storm

217948	3.5	注意	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における OTH の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1556	2013-11-8 14:27	2013-04-16	Show	GitHub Exploit DB Packet Storm

217949	4	警告	MySQL AB オラクル	-	Oracle MySQL における Server Partition の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1555	2013-11-8 14:25	2013-04-16	Show	GitHub Exploit DB Packet Storm

217950	5	警告	オラクル	-	Oracle Database Server の Network Layer における脆弱性	CWE-noinfo 情報不足	CVE-2013-1554	2013-11-8 14:23	2013-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
231	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an a… New	CWE-94 Code Injection	CVE-2026-41137	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

232	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input ver… New	CWE-94 Code Injection	CVE-2026-41138	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

233	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from… New	CWE-184 Incomplete Blacklist	CVE-2026-41264	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

234	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results… New	CWE-77 Command Injection	CVE-2026-41265	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

235	7.5	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, /api/v1/public-chatbotConfig/:id ep exposes sensitive data including API keys, HTTP authorizat… New	CWE-200 CWE-522 CWE-862 Information Exposure Insufficiently Protected Credentials Missing Authorization	CVE-2026-41266	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

236	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment (JSON injection) vulnerability in the account registration endpoin… New	CWE-639 CWE-915 Authorization Bypass Through User-Controlled Key Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-41267	2026-04-25 00:14	2026-04-24	Show	GitHub Exploit DB Packet Storm

237	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution (RCE) vulnerabili… New	CWE-20 Improper Input Validation	CVE-2026-41268	2026-04-25 00:14	2026-04-24	Show	GitHub Exploit DB Packet Storm

238	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated us… New	CWE-284 CWE-639 CWE-915 Improper Access Control Authorization Bypass Through User-Controlled Key Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-41277	2026-04-25 00:14	2026-04-24	Show	GitHub Exploit DB Packet Storm

239	6.5	MEDIUM Network	totolink	a3300r_firmware	An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi. New	CWE-77 Command Injection	CVE-2026-31159	2026-04-25 00:13	2026-04-24	Show	GitHub Exploit DB Packet Storm

240	6.5	MEDIUM Network	totolink	a3300r_firmware	An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi. New	CWE-77 Command Injection	CVE-2026-31160	2026-04-25 00:13	2026-04-24	Show	GitHub Exploit DB Packet Storm