Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233651	7.5	危険	iexpress	-	iExpress の Property Pro の vir_login.asp における SQL インジェクションの脆弱性	-	CVE-2007-3992	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233652	7.5	危険	junction quest	-	ImageRacer の SearchResults.asp における SQL インジェクションの脆弱性	-	CVE-2007-3987	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233653	6.8	警告	NetArt Media	-	BlogSite Professional の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3979	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233654	7.5	危険	jblog	-	JBlog の admin/ajoutaut.php における任意のアカウントを作成される脆弱性	-	CVE-2007-3974	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233655	6.8	警告	jblog	-	JBlog におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3973	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233656	9.3	危険	Panda Security	-	Panda Antivirus におけるバッファオーバーフローの脆弱性	-	CVE-2007-3969	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233657	5	警告	iexpress	-	Munch Pro における SQL インジェクションの脆弱性	-	CVE-2007-3966	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233658	5	警告	itaka	-	Itaka における重要な情報を取得される脆弱性	-	CVE-2007-3964	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233659	5	警告	Ipswitch, Inc.	-	ICS の Ipswitch Instant Messaging の IM Server におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3959	2012-09-25 16:47	2007-07-24	Show	GitHub Exploit DB Packet Storm

233660	7.1	危険	マイクロソフト	-	Windows 2000 などで稼働する Microsoft Windows Explorer におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3958	2012-09-25 16:47	2007-07-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1321	6.3	MEDIUM Network	-	-	HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exp…	CWE-287 Improper Authentication	CVE-2026-6729	2026-04-22 03:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1322	-		-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search …	CWE-287 Improper Authentication	CVE-2026-33432	2026-04-22 03:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1323	5.3	MEDIUM Local	-	-	XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) has improper gating of its distributed CSR write-enable path, allowing illegal C…	CWE-284 Improper Access Control	CVE-2026-29644	2026-04-22 03:16	2026-04-22	Show	GitHub Exploit DB Packet Storm

1324	4.5	MEDIUM Network	-	-	A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS…	CWE-400 CWE-770 Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2026-6060	2026-04-22 01:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

1325	4.7	MEDIUM Local	-	-	Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass…	CWE-757 Algorithm Downgrade	CVE-2026-6550	2026-04-22 01:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

1326	-		-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config/<service>/show API endpoint accepts a configver parameter that is dir…	CWE-24 Path Traversal: '../filedir'	CVE-2026-33431	2026-04-22 01:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

1327	-		-	-	Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which w…	CWE-126 Buffer Over-read	CVE-2026-0930	2026-04-22 01:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

1328	-		-	-	StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attacke…	CWE-200 Information Exposure	CVE-2026-22051	2026-04-22 01:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

1329	5.7	MEDIUM Adjacent	-	-	OpenClaw before 2026.4.2 accepts non-loopback cleartext ws:// gateway endpoints and transmits stored gateway credentials over unencrypted connections. Attackers can forge discovery results or craft s…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2026-40045	2026-04-22 01:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

1330	8.6	HIGH Local	-	-	OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious .env file in a…	CWE-15 External Control of System or Configuration Setting	CVE-2026-41294	2026-04-22 01:20	2026-04-21	Show	GitHub Exploit DB Packet Storm