Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241071 4.3 警告 brian carrier - Brian Carrier TSK の icat における特定の NTFS ファイルの検査を阻止される脆弱性 - CVE-2007-4197 2012-06-26 15:54 2007-08-7 Show GitHub Exploit DB Packet Storm
241072 4.3 警告 brian carrier - Brian Carrier TSK の icat における特定の NTFS ファイルの検査を阻止される脆弱性 - CVE-2007-4196 2012-06-26 15:54 2007-08-7 Show GitHub Exploit DB Packet Storm
241073 4.3 警告 amg soft - WebDirector の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4178 2012-06-26 15:54 2007-08-7 Show GitHub Exploit DB Packet Storm
241074 6.8 警告 eqdkp - EQDKP Plus における詳細不明な脆弱性 - CVE-2007-4176 2012-06-26 15:54 2007-08-7 Show GitHub Exploit DB Packet Storm
241075 7.5 危険 AuraCMS - auraCMS の Forum Module の komentar.php における SQL インジェクションの脆弱性 - CVE-2007-4171 2012-06-26 15:54 2007-08-7 Show GitHub Exploit DB Packet Storm
241076 10 危険 al-athkar - AL-Athkar における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4170 2012-06-26 15:54 2007-08-7 Show GitHub Exploit DB Packet Storm
241077 7.5 危険 al-caricatier - AL-Caricatier の cat_viewed.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4167 2012-06-26 15:54 2007-08-7 Show GitHub Exploit DB Packet Storm
241078 9.3 危険 DELL EMC (旧 EMC Corporation) - EMC VMware の vielib.dll の特定の ActiveX コントロールにおける絶対パストラバーサルの脆弱性 - CVE-2007-4155 2012-06-26 15:54 2007-08-3 Show GitHub Exploit DB Packet Storm
241079 4.3 警告 bluesky - v2.ocx の BlueSkychat ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-4145 2012-06-26 15:54 2007-08-3 Show GitHub Exploit DB Packet Storm
241080 7.5 危険 firestorm technologies - Joomla! の gmaps コンポーネントにおける SQL インジェクションの脆弱性 - CVE-2007-4128 2012-06-26 15:54 2007-08-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
591 7.4 HIGH
Network 		- - @fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not accoun… Update CWE-436
 Interpretation Conflict 		CVE-2026-33804 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
592 - - - A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or dee… Update CWE-20
 Improper Input Validation  		CVE-2026-6409 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
593 - - - A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a… Update CWE-331
 Insufficient Entropy 		CVE-2026-2336 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
594 5.4 MEDIUM
Network 		- - A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST Parameter Handler. The manipulation of the argum… New CWE-22
Path Traversal 		CVE-2026-6496 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
595 3.5 LOW
Network 		- - A flaw has been found in lukevella rallly up to 4.7.4. This affects an unknown function of the file apps/web/src/app/[locale]/(auth)/reset-password/components/reset-password-form.tsx of the component… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6493 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
596 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php. Update CWE-89
SQL Injection 		CVE-2026-37336 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
597 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php. Update CWE-89
SQL Injection 		CVE-2026-37337 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
598 9.4 CRITICAL
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php. Update CWE-89
SQL Injection 		CVE-2026-37338 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
599 9.8 CRITICAL
Network 		- - SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php. Update CWE-89
SQL Injection 		CVE-2026-37345 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
600 4.7 MEDIUM
Network 		- - SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=. Update CWE-89
SQL Injection 		CVE-2026-37346 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm