Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223631 7.5 危険 site2nite - Site2Nite Real Estate Web における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7030 2012-12-20 19:10 2009-08-24 Show GitHub Exploit DB Packet Storm
223632 10 危険 skalinks - Skalfa Software SkaLinks Exchange Script における管理者を追加される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7010 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223633 7.5 危険 phpversion - Free PHP VX Guestbook における管理者アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-7007 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223634 5 警告 phpversion - Free PHP VX Guestbook におけるデータベースのバックアップをダウンロードされる脆弱性 CWE-287
不適切な認証 		CVE-2008-7006 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223635 7.5 危険 the-rat-cms - The Rat CMS の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7003 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223636 7.5 危険 phpauction - PHPAuction の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-7000 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223637 5 警告 phpauction - phpAuction における設定情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-6999 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223638 10 危険 シーメンス - Siemens Gigaset WLAN Camera における許可されていない操作を実行される脆弱性 CWE-310
暗号の問題 		CVE-2008-6993 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223639 6.8 警告 Zen Cart - Zen Cart の includes/classes/shopping_cart.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6986 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
223640 6.8 警告 Zen Cart - Zen Cart の includes/classes/shopping_cart.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6985 2012-12-20 19:10 2009-08-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1771 2.7 LOW
Network 		djangoproject django An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Admin changelist forms using `ModelAdmin.list_editable` incorrectly allowed new instances to be created via for… CWE-862
 Missing Authorization 		CVE-2026-4292 2026-04-14 02:34 2026-04-8 Show GitHub Exploit DB Packet Storm
1772 6.5 MEDIUM
Network 		emlog emlog Emlog is an open source website building system. In versions 2.6.2 and prior, a Local File Inclusion (LFI) vulnerability exists in admin/plugin.php at line 80. The $plugin parameter from the GET requ… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2026-34787 2026-04-14 02:32 2026-04-4 Show GitHub Exploit DB Packet Storm
1773 6.5 MEDIUM
Network 		emlog emlog Emlog is an open source website building system. In versions 2.6.2 and prior, a SQL injection vulnerability exists in include/model/tag_model.php at line 168. The updateTagName() function directly in… CWE-89
SQL Injection 		CVE-2026-34788 2026-04-14 02:29 2026-04-4 Show GitHub Exploit DB Packet Storm
1774 7.5 HIGH
Network 		mesop-dev mesop Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocke… CWE-125
CWE-770
Out-of-bounds Read
 Allocation of Resources Without Limits or Throttling 		CVE-2026-34824 2026-04-14 02:28 2026-04-4 Show GitHub Exploit DB Packet Storm
1775 5.5 MEDIUM
Local 		avahi avahi Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a … CWE-617
 Reachable Assertion 		CVE-2026-34933 2026-04-14 02:26 2026-04-4 Show GitHub Exploit DB Packet Storm
1776 9.8 CRITICAL
Network 		capricorn86 happy_dom Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. In versions 15.10.0 through 20.8.7, a code injection vulnerability in `ECMAScriptModuleCompiler` allows… CWE-94
Code Injection 		CVE-2026-33943 2026-04-14 02:24 2026-03-28 Show GitHub Exploit DB Packet Storm
1777 8.8 HIGH
Network 		google chrome Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) CWE-122
Heap-based Buffer Overflow 		CVE-2026-5858 2026-04-14 02:24 2026-04-9 Show GitHub Exploit DB Packet Storm
1778 8.8 HIGH
Network 		google chrome Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CWE-472
 External Control of Assumed-Immutable Web Parameter 		CVE-2026-5859 2026-04-14 02:23 2026-04-9 Show GitHub Exploit DB Packet Storm
1779 8.8 HIGH
Network 		google chrome Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-5860 2026-04-14 02:23 2026-04-9 Show GitHub Exploit DB Packet Storm
1780 8.8 HIGH
Network 		google chrome Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-5861 2026-04-14 02:23 2026-04-9 Show GitHub Exploit DB Packet Storm