Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
234961 7.5 危険 Mambo Foundation
Joomla!		 - Mambo および Joomla! 用の Recipes における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0518 2012-09-25 16:59 2008-01-31 Show GitHub Exploit DB Packet Storm
234962 7.5 危険 Mambo Foundation
Joomla!		 - Mambo および Joomla! 用の musepoes における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0515 2012-09-25 16:59 2008-01-31 Show GitHub Exploit DB Packet Storm
234963 7.5 危険 Mambo Foundation
Joomla!		 - Mambo および Joomla! 用の Glossary コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0514 2012-09-25 16:59 2008-01-31 Show GitHub Exploit DB Packet Storm
234964 7.5 危険 Joomla! - Mambo および Joomla! 用の fq における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0512 2012-09-25 16:59 2008-01-31 Show GitHub Exploit DB Packet Storm
234965 9.3 危険 MPlayer project - MPlayer の libmpdemux/demux_mov.c における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2008-0485 2012-09-25 16:59 2008-02-5 Show GitHub Exploit DB Packet Storm
234966 10 危険 move networks inc - Move Networks Upgrade Manager の QMPUpgrade.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0477 2012-09-25 16:59 2008-01-29 Show GitHub Exploit DB Packet Storm
234967 6.4 警告 Zoho Corporation - ManageEngine Applications Manager における設定を変更される脆弱性 CWE-287
不適切な認証 		CVE-2008-0476 2012-09-25 16:59 2008-01-29 Show GitHub Exploit DB Packet Storm
234968 5 警告 Zoho Corporation - ManageEngine Applications Manager における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0475 2012-09-25 16:59 2008-01-29 Show GitHub Exploit DB Packet Storm
234969 4.3 警告 Zoho Corporation - ManageEngine Applications Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0474 2012-09-25 16:59 2008-01-29 Show GitHub Exploit DB Packet Storm
234970 4.3 警告 マイクロソフト
MediaWiki		 - MediaWiki などにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0460 2012-09-25 16:59 2008-01-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
21 4.3 MEDIUM
Network 		- - Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigg… New CWE-940
 Improper Verification of Source of a Communication Channel 		CVE-2026-23866 2026-05-2 03:16 2026-05-2 Show GitHub Exploit DB Packet Storm
22 6.5 MEDIUM
Network 		- - An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the a… New CWE-158
 Improper Neutralization of Null Byte or NUL Character 		CVE-2026-23863 2026-05-2 03:16 2026-05-2 Show GitHub Exploit DB Packet Storm
23 9.6 CRITICAL
Network 		- - A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the proce… New CWE-416
 Use After Free 		CVE-2026-22166 2026-05-2 03:16 2026-05-2 Show GitHub Exploit DB Packet Storm
24 3.3 LOW
Local 		- - An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab() New - CVE-2026-21996 2026-05-2 03:16 2026-05-2 Show GitHub Exploit DB Packet Storm
25 - - - Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90. The `msg` parameter in the `/painel/gateways.php/error` endpoint does not properly sanitize user-suppli… New - CVE-2025-69606 2026-05-2 03:16 2026-05-2 Show GitHub Exploit DB Packet Storm
26 - - - An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet specially crafted to bear a non-valid value in any Boolean field. New - CVE-2025-63548 2026-05-2 03:16 2026-05-2 Show GitHub Exploit DB Packet Storm
27 - - - An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted packet to the MTU length field New - CVE-2025-63547 2026-05-2 03:16 2026-05-2 Show GitHub Exploit DB Packet Storm
28 5.5 MEDIUM
Local 		wireshark wireshark Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New CWE-1325
 Improperly Controlled Sequential Memory Allocation 		CVE-2026-6535 2026-05-2 03:16 2026-04-30 Show GitHub Exploit DB Packet Storm
29 5.5 MEDIUM
Local 		wireshark wireshark DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 New CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-6536 2026-05-2 03:16 2026-04-30 Show GitHub Exploit DB Packet Storm
30 5.5 MEDIUM
Local 		wireshark wireshark ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New CWE-121
Stack-based Buffer Overflow 		CVE-2026-6537 2026-05-2 03:15 2026-04-30 Show GitHub Exploit DB Packet Storm