Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233841	6.8	警告	jffnms	-	JFFNMS の auth.php における SQL インジェクションの脆弱性	-	CVE-2007-3190	2012-09-25 16:47	2007-06-12	Show	GitHub Exploit DB Packet Storm

233842	4.3	警告	jffnms	-	JFFNMS の auth.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3189	2012-09-25 16:47	2007-06-12	Show	GitHub Exploit DB Packet Storm

233843	9.4	危険	ヒューレット・パッカード	-	HP Windows システムの Help および Support Center におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-3180	2012-09-25 16:47	2007-06-12	Show	GitHub Exploit DB Packet Storm

233844	7.5	危険	particle blogger	-	Particle Blogger の archives.php における SQL インジェクションの脆弱性	-	CVE-2007-3179	2012-09-25 16:47	2007-06-11	Show	GitHub Exploit DB Packet Storm

233845	5	警告	ingate	-	Ingate Firewall などにおける SIP 認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2007-3177	2012-09-25 16:47	2007-06-11	Show	GitHub Exploit DB Packet Storm

233846	4	警告	ingate	-	Ingate Firewall などにおける Support Report をダウンロードをされる脆弱性	-	CVE-2007-3176	2012-09-25 16:47	2007-06-11	Show	GitHub Exploit DB Packet Storm

233847	5.8	警告	マイクロソフト	-	Microsoft Internet Explorer 7 におけるフィッシング攻撃を実行される脆弱性	-	CVE-2007-3164	2012-09-25 16:47	2007-06-11	Show	GitHub Exploit DB Packet Storm

233848	7.5	危険	php real estate classifieds	-	PHP Real Estate Classifieds Premium Plus の admin/header.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3160	2012-09-25 16:47	2007-06-11	Show	GitHub Exploit DB Packet Storm

233849	5	警告	miniweb http server	-	MiniWeb Http Server の http.c におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3159	2012-09-25 16:47	2007-06-11	Show	GitHub Exploit DB Packet Storm

233850	5	警告	packeteer	-	Packeteer PacketShaper の Web management interface におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3151	2012-09-25 16:47	2007-06-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1911	7.8	HIGH Local	khyrenz	parseusbs	parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is passed unsanitized into an os.popen() shell command with ls, allowing arbitrary…	CWE-78 OS Command	CVE-2026-40030	2026-04-14 05:27	2026-04-9	Show	GitHub Exploit DB Packet Storm

1912	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.31 (patched in 2026.4.8) contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attack…	CWE-601 Open Redirect	CVE-2026-40037	2026-04-14 05:27	2026-04-9	Show	GitHub Exploit DB Packet Storm

1913	4.3	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals…	CWE-863 Incorrect Authorization	CVE-2026-35619	2026-04-14 05:27	2026-04-11	Show	GitHub Exploit DB Packet Storm

1914	5.4	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change own…	CWE-862 Missing Authorization	CVE-2026-35620	2026-04-14 05:27	2026-04-11	Show	GitHub Exploit DB Packet Storm

1915	6.3	MEDIUM Network	-	-	A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulatio…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-6215	2026-04-14 05:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1916	6.3	MEDIUM Network	-	-	A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6202	2026-04-14 05:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1917	5.4	MEDIUM Network	-	-	A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manip…	CWE-266 CWE-284 Incorrect Privilege Assignment Improper Access Control	CVE-2026-6201	2026-04-14 05:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1918	6.5	MEDIUM Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.Thi…	CWE-79 Cross-site Scripting	CVE-2026-39703	2026-04-14 05:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

1919	5.4	MEDIUM Network	-	-	Server-Side Request Forgery (SSRF) vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through <= 1.4.0.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-39695	2026-04-14 05:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

1920	5.9	MEDIUM Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fesomia FSM Custom Featured Image Caption fsm-custom-featured-image-caption allows DOM-Based XSS.…	CWE-79 Cross-site Scripting	CVE-2026-39693	2026-04-14 05:16	2026-04-8	Show	GitHub Exploit DB Packet Storm