Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233401 7.5 危険 neuron news - Neuron News の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5050 2012-09-25 16:59 2007-09-23 Show GitHub Exploit DB Packet Storm
233402 4.3 警告 IceWarp, Inc. - IceWarp の Merak Mail Server 用の Webmail インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5046 2012-09-25 16:59 2007-09-23 Show GitHub Exploit DB Packet Storm
233403 4.4 警告 カスペルスキー - Kaspersky Internet Security におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-264
CVE-2007-5043 2012-09-25 16:59 2007-09-23 Show GitHub Exploit DB Packet Storm
233404 7.5 危険 Mozilla Foundation - Bugzilla の WebService の User.pm におけるアカウント作成の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5038 2012-09-25 16:59 2007-09-18 Show GitHub Exploit DB Packet Storm
233405 6.8 警告 inotify - inotify-tools library の src/inotifytools.c の inotifytools_snprintf 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5037 2012-09-25 16:59 2007-09-23 Show GitHub Exploit DB Packet Storm
233406 4.3 警告 level one - WBR3404TX ブロードバンドルータの Web 管理パネルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5027 2012-09-25 16:59 2007-09-21 Show GitHub Exploit DB Packet Storm
233407 5 警告 IBM - IBM TSM クライアントにおけるクライアントのデータを読み取られる脆弱性 CWE-200
情報漏えい 		CVE-2007-5022 2012-09-25 16:59 2007-09-20 Show GitHub Exploit DB Packet Storm
233408 7.5 危険 InsaneVisions - OneCMS の userreviews.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5016 2012-09-25 16:59 2007-09-20 Show GitHub Exploit DB Packet Storm
233409 4.3 警告 phormer - Phormer の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5013 2012-09-25 16:59 2007-09-20 Show GitHub Exploit DB Packet Storm
233410 6.9 警告 Linux - cp における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2007-4998 2012-09-25 16:59 2007-10-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1621 8.8 HIGH
Network 		ajax30 bravecms Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/{id} l… CWE-862
 Missing Authorization 		CVE-2026-35182 2026-04-15 00:50 2026-04-7 Show GitHub Exploit DB Packet Storm
1622 5.4 MEDIUM
Network 		ajax30 bravecms Brave CMS is an open-source CMS. Prior to 2.0.6, an Insecure Direct Object Reference (IDOR) vulnerability exists in the article image deletion feature. It is located in app/Http/Controllers/Dashboard… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-35183 2026-04-15 00:50 2026-04-7 Show GitHub Exploit DB Packet Storm
1623 7.8 HIGH
Local 		tokfinity infcode InfCode's terminal auto-execution module contains a critical command filtering vulnerability that renders its blacklist security mechanism completely ineffective. The predefined blocklist fails to co… CWE-78
OS Command  		CVE-2026-30309 2026-04-15 00:49 2026-04-1 Show GitHub Exploit DB Packet Storm
1624 7.5 HIGH
Network 		openairinterface oai-cn5g-amf OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response (For example 100 byt… CWE-120
Classic Buffer Overflow 		CVE-2026-30075 2026-04-15 00:47 2026-04-9 Show GitHub Exploit DB Packet Storm
1625 7.5 HIGH
Network 		openairinterface oai-cn5g-amf OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configuration has supported integrity NIA1 and NIA2. But if an UE sends initial registration request with only… CWE-294
Authentication Bypass by Capture-replay  		CVE-2026-30080 2026-04-15 00:47 2026-04-9 Show GitHub Exploit DB Packet Storm
1626 9.1 CRITICAL
Network 		frappe erpnext
frappe 		A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized befor… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-31017 2026-04-15 00:46 2026-04-9 Show GitHub Exploit DB Packet Storm
1627 6.1 MEDIUM
Network 		kantorge yaffa yaffa v2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript into the "Add Account Group" function on the account-group page, allowing execution of arbitrary … CWE-94
Code Injection 		CVE-2025-70844 2026-04-15 00:46 2026-04-8 Show GitHub Exploit DB Packet Storm
1628 9.8 CRITICAL
Network 		openairinterface oai-cn5g-amf In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeCom… CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-30079 2026-04-15 00:45 2026-04-8 Show GitHub Exploit DB Packet Storm
1629 7.5 HIGH
Network 		dlink di-8100_firmware
di-8100g_firmware
di-8004w_firmware
di-8003g_firmware
di-8003_firmware
di-8500_firmware
di-8200g_firmware
di-8200_firmware
di-8400_firmware 		D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.2… CWE-120
Classic Buffer Overflow 		CVE-2025-52222 2026-04-15 00:45 2026-04-9 Show GitHub Exploit DB Packet Storm
1630 6.1 MEDIUM
Network 		homarr homarr Homarr is an open-source dashboard. Prior to version 1.43.3, stored XSS vulnerability exists, allowing the execution of arbitrary JavaScript in a user's browser, with minimal or no user interaction r… CWE-20
CWE-434
 Improper Input Validation 
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-64759 2026-04-15 00:42 2025-11-20 Show GitHub Exploit DB Packet Storm