Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233651 7.5 危険 iexpress - iExpress の Property Pro の vir_login.asp における SQL インジェクションの脆弱性 - CVE-2007-3992 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233652 7.5 危険 junction quest - ImageRacer の SearchResults.asp における SQL インジェクションの脆弱性 - CVE-2007-3987 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233653 6.8 警告 NetArt Media - BlogSite Professional の index.php における SQL インジェクションの脆弱性 - CVE-2007-3979 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233654 7.5 危険 jblog - JBlog の admin/ajoutaut.php における任意のアカウントを作成される脆弱性 - CVE-2007-3974 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233655 6.8 警告 jblog - JBlog におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3973 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233656 9.3 危険 Panda Security - Panda Antivirus におけるバッファオーバーフローの脆弱性 - CVE-2007-3969 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233657 5 警告 iexpress - Munch Pro における SQL インジェクションの脆弱性 - CVE-2007-3966 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233658 5 警告 itaka - Itaka における重要な情報を取得される脆弱性 - CVE-2007-3964 2012-09-25 16:47 2007-07-25 Show GitHub Exploit DB Packet Storm
233659 5 警告 Ipswitch, Inc. - ICS の Ipswitch Instant Messaging の IM Server におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3959 2012-09-25 16:47 2007-07-24 Show GitHub Exploit DB Packet Storm
233660 7.1 危険 マイクロソフト - Windows 2000 などで稼働する Microsoft Windows Explorer におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3958 2012-09-25 16:47 2007-07-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
531 6.7 MEDIUM
Local 		- - OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local scri… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-41360 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
532 7.1 HIGH
Network 		- - OpenClaw before 2026.3.28 contains an SSRF guard bypass vulnerability that fails to block four IPv6 special-use ranges. Attackers can exploit this by crafting URLs targeting internal or non-routable … New CWE-184
 Incomplete Blacklist 		CVE-2026-41361 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
533 4.3 MEDIUM
Network 		dnnsoftware dotnetnuke DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in the friends feature, a user cou… Update CWE-285
Improper Authorization 		CVE-2026-40305 2026-04-24 23:40 2026-04-18 Show GitHub Exploit DB Packet Storm
534 7.5 HIGH
Network 		- - A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, iden… New CWE-306
Missing Authentication for Critical Function 		CVE-2026-35064 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
535 9.8 CRITICAL
Network 		- - A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rath… New CWE-798
 Use of Hard-coded Credentials 		CVE-2026-35503 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
536 8.1 HIGH
Network 		- - A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper handling of credential changes on the backend. After the device… New CWE-522
 Insufficiently Protected Credentials 		CVE-2026-39462 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
537 5.3 MEDIUM
Network 		- - A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-40431 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
538 9.8 CRITICAL
Network 		- - A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config appli… New CWE-306
Missing Authentication for Critical Function 		CVE-2026-40620 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
539 9.8 CRITICAL
Network 		- - A vulnerability in  SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker with network acc… New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-40630 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm
540 8.1 HIGH
Network 		- - A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inad… New CWE-862
 Missing Authorization 		CVE-2026-40623 2026-04-24 23:40 2026-04-24 Show GitHub Exploit DB Packet Storm