Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232981 6.4 警告 Bharat Mediratta - Menalto Gallery におけるオープンリダイレクトの脆弱性 CWE-59
リンク解釈の問題 		CVE-2007-6692 2012-09-25 16:59 2007-12-24 Show GitHub Exploit DB Packet Storm
232982 10 危険 Bharat Mediratta - Menalto Gallery における脆弱性 CWE-noinfo
情報不足 		CVE-2007-6691 2012-09-25 16:59 2007-12-24 Show GitHub Exploit DB Packet Storm
232983 10 危険 Bharat Mediratta - Menalto Gallery の Gallery Remote モジュールにおける脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6690 2012-09-25 16:59 2007-12-24 Show GitHub Exploit DB Packet Storm
232984 7.5 危険 Bharat Mediratta - Menalto Gallery における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6689 2012-09-25 16:59 2007-12-24 Show GitHub Exploit DB Packet Storm
232985 10 危険 Bharat Mediratta - Menalto Gallery のインストールアプリケーションにおける脆弱性 CWE-noinfo
情報不足 		CVE-2007-6688 2012-09-25 16:59 2007-12-24 Show GitHub Exploit DB Packet Storm
232986 4.3 警告 Bharat Mediratta - Menalto Gallery におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6687 2012-09-25 16:59 2007-12-24 Show GitHub Exploit DB Packet Storm
232987 10 危険 Bharat Mediratta - Menalto Gallery の URL rewrite モジュールにおける任意のローカルファイルを実行される脆弱性 CWE-DesignError
CWE-noinfo
CVE-2007-6686 2012-09-25 16:59 2007-12-24 Show GitHub Exploit DB Packet Storm
232988 2.1 注意 IBM - IBM AIX の Trusted Execution における信頼済みファイルを変更される脆弱性 CWE-DesignError
CVE-2007-6680 2012-09-25 16:59 2008-01-10 Show GitHub Exploit DB Packet Storm
232989 4.3 警告 peters software
WordPress.org		 - WordPress 用の Peter's Random Anti-Spam Image におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6677 2012-09-25 16:59 2008-01-9 Show GitHub Exploit DB Packet Storm
232990 4.3 警告 makale scripti - Makale Scripti におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6673 2012-09-25 16:59 2008-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1971 6.1 MEDIUM
Network 		- - Reflected Cross-Site Scripting (XSS) Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized a… - CVE-2026-5754 2026-04-18 00:17 2026-04-15 Show GitHub Exploit DB Packet Storm
1972 7.5 HIGH
Network 		- - Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services (COS) allows an attacker to modify the server's configuration file, potentially leading to mass data exfil… - CVE-2026-5756 2026-04-18 00:17 2026-04-15 Show GitHub Exploit DB Packet Storm
1973 7.8 HIGH
Local 		- - It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninterruptible Power Supply) management application, whereby improper permissions on the installation directory allow a malic… CWE-427
 Uncontrolled Search Path Element 		CVE-2026-5397 2026-04-18 00:17 2026-04-15 Show GitHub Exploit DB Packet Storm
1974 2.9 LOW
Local 		- - HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying … CWE-209
Information Exposure Through an Error Message 		CVE-2025-52641 2026-04-18 00:17 2026-04-15 Show GitHub Exploit DB Packet Storm
1975 7.5 HIGH
Network 		- - Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface. CWE-400
 Uncontrolled Resource Consumption 		CVE-2024-33618 2026-04-18 00:17 2026-04-15 Show GitHub Exploit DB Packet Storm
1976 6.1 MEDIUM
Network 		- - Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer va… CWE-79
Cross-site Scripting 		CVE-2026-5160 2026-04-18 00:17 2026-04-15 Show GitHub Exploit DB Packet Storm
1977 6.5 MEDIUM
Network 		- - JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve… - CVE-2026-5758 2026-04-18 00:17 2026-04-16 Show GitHub Exploit DB Packet Storm
1978 7.3 HIGH
Local 		- - A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a spec… CWE-120
Classic Buffer Overflow 		CVE-2026-6384 2026-04-18 00:17 2026-04-16 Show GitHub Exploit DB Packet Storm
1979 6.5 MEDIUM
Network 		- - A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability i… CWE-190
 Integer Overflow or Wraparound 		CVE-2026-6385 2026-04-18 00:17 2026-04-16 Show GitHub Exploit DB Packet Storm
1980 - - - Inadequate Encryption Strength vulnerability in TP-Link Archer C7 v5 and v5.8 (uhttpd modules) allows Password Recovery Exploitation. The web interface encrypts the admin password client-side using R… CWE-326
Inadequate Encryption Strength 		CVE-2026-5363 2026-04-18 00:17 2026-04-16 Show GitHub Exploit DB Packet Storm