Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217951	6.4	警告	オラクル	-	Oracle Fusion Middleware の Oracle Web Services Manager における Web Services Security の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1553	2013-11-8 14:22	2013-04-16	Show	GitHub Exploit DB Packet Storm

217952	6	警告	MySQL AB オラクル	-	Oracle MySQL における脆弱性	CWE-noinfo 情報不足	CVE-2013-1552	2013-11-8 14:19	2013-04-16	Show	GitHub Exploit DB Packet Storm

217953	6	警告	オラクル	-	Oracle Siebel CRM の Siebel Enterprise Application Integration における Integration Business Services の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1551	2013-11-8 14:18	2013-04-16	Show	GitHub Exploit DB Packet Storm

217954	4.3	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における WorkCenter の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1550	2013-11-8 14:17	2013-04-16	Show	GitHub Exploit DB Packet Storm

217955	3.5	注意	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における BASE の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1549	2013-11-8 14:14	2013-04-16	Show	GitHub Exploit DB Packet Storm

217956	3.5	注意	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における BASE の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1547	2013-11-8 14:13	2013-04-16	Show	GitHub Exploit DB Packet Storm

217957	1.5	注意	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における BASE の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1546	2013-11-8 14:13	2013-04-16	Show	GitHub Exploit DB Packet Storm

217958	5	警告	オラクル	-	Oracle Fusion Middleware の Oracle HTTP Server における Web Listener の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1545	2013-11-8 14:10	2013-04-16	Show	GitHub Exploit DB Packet Storm

217959	4	警告	オラクル	-	Oracle Siebel CRM の Siebel UI Framework における Open UI Client の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1543	2013-11-8 14:05	2013-04-16	Show	GitHub Exploit DB Packet Storm

217960	4.3	警告	オラクル	-	Oracle Fusion Middleware の Oracle Containers for J2EE における Servlet Runtime の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1542	2013-11-8 14:04	2013-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
231	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an a… New	CWE-94 Code Injection	CVE-2026-41137	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

232	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input ver… New	CWE-94 Code Injection	CVE-2026-41138	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

233	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from… New	CWE-184 Incomplete Blacklist	CVE-2026-41264	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

234	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results… New	CWE-77 Command Injection	CVE-2026-41265	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

235	7.5	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, /api/v1/public-chatbotConfig/:id ep exposes sensitive data including API keys, HTTP authorizat… New	CWE-200 CWE-522 CWE-862 Information Exposure Insufficiently Protected Credentials Missing Authorization	CVE-2026-41266	2026-04-25 00:15	2026-04-24	Show	GitHub Exploit DB Packet Storm

236	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment (JSON injection) vulnerability in the account registration endpoin… New	CWE-639 CWE-915 Authorization Bypass Through User-Controlled Key Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-41267	2026-04-25 00:14	2026-04-24	Show	GitHub Exploit DB Packet Storm

237	9.8	CRITICAL Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution (RCE) vulnerabili… New	CWE-20 Improper Input Validation	CVE-2026-41268	2026-04-25 00:14	2026-04-24	Show	GitHub Exploit DB Packet Storm

238	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated us… New	CWE-284 CWE-639 CWE-915 Improper Access Control Authorization Bypass Through User-Controlled Key Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-41277	2026-04-25 00:14	2026-04-24	Show	GitHub Exploit DB Packet Storm

239	6.5	MEDIUM Network	totolink	a3300r_firmware	An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi. New	CWE-77 Command Injection	CVE-2026-31159	2026-04-25 00:13	2026-04-24	Show	GitHub Exploit DB Packet Storm

240	6.5	MEDIUM Network	totolink	a3300r_firmware	An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi. New	CWE-77 Command Injection	CVE-2026-31160	2026-04-25 00:13	2026-04-24	Show	GitHub Exploit DB Packet Storm