Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233271	4.3	警告	Joomla!	-	Joomla! におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5577	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

233272	6.8	警告	LimeSurvey	-	LimeSurvey の classes/core/language.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5573	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

233273	4.3	警告	ネットギア	-	Netgear SSL312 PROSAFE SSL VPN-Concentrator におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5562	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

233274	10	危険	オラクル	-	Oracle OPMN デーモンの logging 関数コンポーネントにおけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2007-5561	2012-09-25 16:59	2007-01-16	Show	GitHub Exploit DB Packet Storm

233275	10	危険	ジュニパーネットワークス	-	Juniper HTTP Service におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5560	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

233276	10	危険	IBM	-	IBM ThinkVantage TPM Service におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5559	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

233277	7.8	危険	LG Electronics	-	LG Mobile ハンドセットにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2007-5558	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

233278	7.1	危険	オラクル	-	Oracle におけるサーバのメモリコンテンツを取得される脆弱性	CWE-200 情報漏えい	CVE-2007-5554	2012-09-25 16:59	2007-10-16	Show	GitHub Exploit DB Packet Storm

233279	9.3	危険	miranda-im	-	Miranda IM におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5543	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

233280	9.3	危険	miranda-im	-	Miranda IM におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5542	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1911	7.8	HIGH Local	khyrenz	parseusbs	parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is passed unsanitized into an os.popen() shell command with ls, allowing arbitrary…	CWE-78 OS Command	CVE-2026-40030	2026-04-14 05:27	2026-04-9	Show	GitHub Exploit DB Packet Storm

1912	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.31 (patched in 2026.4.8) contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attack…	CWE-601 Open Redirect	CVE-2026-40037	2026-04-14 05:27	2026-04-9	Show	GitHub Exploit DB Packet Storm

1913	4.3	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals…	CWE-863 Incorrect Authorization	CVE-2026-35619	2026-04-14 05:27	2026-04-11	Show	GitHub Exploit DB Packet Storm

1914	5.4	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change own…	CWE-862 Missing Authorization	CVE-2026-35620	2026-04-14 05:27	2026-04-11	Show	GitHub Exploit DB Packet Storm

1915	6.3	MEDIUM Network	-	-	A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulatio…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-6215	2026-04-14 05:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1916	6.3	MEDIUM Network	-	-	A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6202	2026-04-14 05:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1917	5.4	MEDIUM Network	-	-	A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manip…	CWE-266 CWE-284 Incorrect Privilege Assignment Improper Access Control	CVE-2026-6201	2026-04-14 05:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1918	6.5	MEDIUM Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.Thi…	CWE-79 Cross-site Scripting	CVE-2026-39703	2026-04-14 05:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

1919	5.4	MEDIUM Network	-	-	Server-Side Request Forgery (SSRF) vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through <= 1.4.0.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-39695	2026-04-14 05:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

1920	5.9	MEDIUM Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fesomia FSM Custom Featured Image Caption fsm-custom-featured-image-caption allows DOM-Based XSS.…	CWE-79 Cross-site Scripting	CVE-2026-39693	2026-04-14 05:16	2026-04-8	Show	GitHub Exploit DB Packet Storm