Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
234621	4	警告	オラクル	-	Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性	-	CVE-2007-0297	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234622	2.1	注意	オラクル	-	Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性	-	CVE-2007-0296	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234623	7.8	危険	オラクル	-	Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性	-	CVE-2007-0295	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234624	1.7	注意	オラクル	-	Oracle Enterprise Manager における脆弱性	-	CVE-2007-0294	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234625	6.4	警告	オラクル	-	Oracle Enterprise Manager における脆弱性	CWE-noinfo 情報不足	CVE-2007-0293	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234626	7.5	危険	オラクル	-	Oracle Enterprise Manager における脆弱性	CWE-noinfo 情報不足	CVE-2007-0292	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234627	4	警告	オラクル	-	Oracle E-Business Suite and Applications における脆弱性	-	CVE-2007-0291	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234628	5.5	警告	オラクル	-	Oracle E-Business Suite and Applications における脆弱性	-	CVE-2007-0290	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234629	6.4	警告	オラクル	-	Oracle Collaboration Suite における脆弱性	-	CVE-2007-0289	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

234630	5	警告	nwom	-	Nwom topsites の index.php における重要な情報を取得される脆弱性	-	CVE-2007-0250	2012-09-25 16:47	2007-01-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	5.3	MEDIUM Network	-	-	Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the applicati… New	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2026-41459	2026-04-25 05:16	2026-04-23	Show	GitHub Exploit DB Packet Storm

72	8.8	HIGH Adjacent	-	-	arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-41429	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

73	-		-	-	Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.5, the clientPrivileges option documents a create action, but the OAuth client creation endpoints did not invok… New	CWE-863 Incorrect Authorization	CVE-2026-41427	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

74	6.1	MEDIUM Network	-	-	pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malforme… New	CWE-79 CWE-116 Cross-site Scripting Improper Encoding or Escaping of Output	CVE-2026-41426	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

75	5.4	MEDIUM Network	-	-	Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.11, there is no CSRF protection on the cache feature in authlib.integrations.starlette_client.OAuth. This vuln… New	CWE-352 Origin Validation Error	CVE-2026-41425	2026-04-25 05:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

76	9.8	CRITICAL Network	-	-	Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an i… New	CWE-184 Incomplete Blacklist	CVE-2026-34415	2026-04-25 05:16	2026-04-23	Show	GitHub Exploit DB Packet Storm

77	7.1	HIGH Network	-	-	Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in re… New	CWE-22 Path Traversal	CVE-2026-34414	2026-04-25 05:16	2026-04-23	Show	GitHub Exploit DB Packet Storm

78	8.6	HIGH Network	-	-	Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unaut… New	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2026-34413	2026-04-25 05:16	2026-04-23	Show	GitHub Exploit DB Packet Storm

79	8.2	HIGH Network	firebirdsql	firebird	Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the server assumes s… Update	CWE-119 CWE-787 Incorrect Access of Indexable Resource ('Range Error') Out-of-bounds Write	CVE-2026-27890	2026-04-25 05:05	2026-04-18	Show	GitHub Exploit DB Packet Storm

80	7.5	HIGH Network	firebirdsql	firebird	Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an op_slice network packet, the server passes an unprepared stru… Update	CWE-476 NULL Pointer Dereference	CVE-2026-28212	2026-04-25 04:54	2026-04-18	Show	GitHub Exploit DB Packet Storm