Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226581 7.5 危険 sidb - Scientific Image DataBase の projects.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2834 2012-12-20 18:52 2008-06-24 Show GitHub Exploit DB Packet Storm
226582 10 危険 worldlevel - le.cms の admin/upload.php における管理者の認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-2833 2012-12-20 18:52 2008-06-24 Show GitHub Exploit DB Packet Storm
226583 10 危険 tmsnc - tmsnc におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-2828 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
226584 4.3 警告 Xerox - Xerox WorkCentre M123 などの組込み Web Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2825 2012-12-20 18:52 2008-06-12 Show GitHub Exploit DB Packet Storm
226585 10 危険 Xerox - Xerox WorkCentre 7655 などの Web Services における変更を設定される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2824 2012-12-20 18:52 2008-06-12 Show GitHub Exploit DB Packet Storm
226586 7.5 危険 phpeasynews - PHPeasyblog の newsarchive.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2823 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
226587 4.3 警告 shoutcastadmin - WallCity-Server Shoutcast Admin Panel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2814 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
226588 6.8 警告 shoutcastadmin - WallCity-Server Shoutcast Admin Panel の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2813 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
226589 6.8 警告 シマンテック - Symantec Altiris Notification Server Agent の GUI における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2794 2012-12-20 18:52 2008-06-17 Show GitHub Exploit DB Packet Storm
226590 6.4 警告 Spamdyke - spamdyke の smtp_filter 関数におけるオープンメールリレーとしてサーバを使用される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2784 2012-12-20 18:52 2008-06-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
181 - - - A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality. New - CVE-2025-54505 2026-04-29 13:16 2026-04-28 Show GitHub Exploit DB Packet Storm
182 6.3 MEDIUM
Network 		- - A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6744 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
183 3.5 LOW
Network 		- - A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripti… Update CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6745 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
184 6.3 MEDIUM
Network 		- - A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping_config of the component E… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-6799 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
185 4.3 MEDIUM
Network 		- - A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host … Update CWE-350
 Reliance on Reverse DNS Resolution for a Security-Critical Action 		CVE-2026-6874 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
186 5.6 MEDIUM
Network 		- - A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math_equal of the file prime_math/grader.py. The manipulation leads to sandbox issue. It is possible to initiate… Update CWE-264
CWE-265
Permissions, Privileges, and Access Controls
 Privilege Issues 		CVE-2026-6878 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
187 9.8 CRITICAL
Network 		- - Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) t… Update CWE-94
Code Injection 		CVE-2026-6951 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
188 7.3 HIGH
Network 		- - A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorizati… Update CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-6977 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
189 4.7 MEDIUM
Network 		- - A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sq… Update CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-6978 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
190 6.3 MEDIUM
Network 		- - A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes serve… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6979 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm