Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224521 7.5 危険 quicksilver forums - Quicksilver Forums の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3601 2012-12-20 18:52 2008-08-12 Show GitHub Exploit DB Packet Storm
224522 7.5 危険 psi-labs - psipuss における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3598 2012-12-20 18:52 2008-08-12 Show GitHub Exploit DB Packet Storm
224523 5 警告 skulltag team - Skulltag におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3597 2012-12-20 18:52 2008-08-12 Show GitHub Exploit DB Packet Storm
224524 9.3 危険 txtsql - txtSQL の examples/txtSQLAdmin/startup.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3595 2012-12-20 18:52 2008-08-12 Show GitHub Exploit DB Packet Storm
224525 7.5 危険 syzygycms - SyzygyCMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3593 2012-12-20 18:52 2008-08-11 Show GitHub Exploit DB Packet Storm
224526 7.5 危険 phsblog - phsBlog における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3588 2012-12-20 18:52 2008-08-11 Show GitHub Exploit DB Packet Storm
224527 7.5 危険 pozscripts - PozScripts GreenCart PHP Shopping Cart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3585 2012-12-20 18:52 2008-08-11 Show GitHub Exploit DB Packet Storm
224528 4.3 警告 qsoft - Qsoft K-Links の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3581 2012-12-20 18:52 2008-08-10 Show GitHub Exploit DB Packet Storm
224529 7.5 危険 qsoft - Qsoft K-Links における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3580 2012-12-20 18:52 2008-08-10 Show GitHub Exploit DB Packet Storm
224530 2.6 注意 Pluck CMS - Pluck におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3574 2012-12-20 18:52 2008-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1431 8.8 HIGH
Network 		google chrome Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) CWE-416
 Use After Free 		CVE-2026-5877 2026-04-15 05:02 2026-04-9 Show GitHub Exploit DB Packet Storm
1432 4.3 MEDIUM
Network 		google chrome Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-5878 2026-04-15 05:02 2026-04-9 Show GitHub Exploit DB Packet Storm
1433 4.3 MEDIUM
Network 		google chrome Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar)… CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-5880 2026-04-15 05:01 2026-04-9 Show GitHub Exploit DB Packet Storm
1434 6.5 MEDIUM
Network 		google chrome Policy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CWE-284
Improper Access Control 		CVE-2026-5881 2026-04-15 05:01 2026-04-9 Show GitHub Exploit DB Packet Storm
1435 4.3 MEDIUM
Network 		google chrome Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-5882 2026-04-15 05:01 2026-04-9 Show GitHub Exploit DB Packet Storm
1436 9.8 CRITICAL
Network 		pgx_project pgx Memory-safety vulnerability in github.com/jackc/pgx/v5. NVD-CWE-noinfo
CVE-2026-33816 2026-04-15 05:01 2026-04-8 Show GitHub Exploit DB Packet Storm
1437 9.8 CRITICAL
Network 		pgx_project pgx Memory-safety vulnerability in github.com/jackc/pgx/v5. NVD-CWE-noinfo
CVE-2026-33815 2026-04-15 04:58 2026-04-8 Show GitHub Exploit DB Packet Storm
1438 7.5 HIGH
Network 		ech0 ech0 Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, Ech0 implements link preview (editor fetches a page title) through GET /api/website/title. That is l… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-35036 2026-04-15 04:58 2026-04-7 Show GitHub Exploit DB Packet Storm
1439 8.8 HIGH
Network 		devcode openstamanager OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to 2.10.2, confronta_righe.php files across different modules in OpenSTAManager contain an SQL Injec… CWE-89
SQL Injection 		CVE-2026-35470 2026-04-15 04:58 2026-04-7 Show GitHub Exploit DB Packet Storm
1440 4.3 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In versions 26.0 and prior, the player skin configuration endpoint at admin/playerUpdate.json.php does not validate CSRF tokens. The plugins table is exp… CWE-352
 Origin Validation Error 		CVE-2026-35181 2026-04-15 04:57 2026-04-7 Show GitHub Exploit DB Packet Storm