Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241091 7.8 危険 Digium - Asterisk Open の IAX2 チャネルドライバ (chan_iax2) におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4103 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241092 6.8 警告 global centre - Madoa Poll における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4101 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241093 7.5 危険 bsm store - BSM Store Dependent Forums における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4095 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
241094 4.3 警告 AlstraSoft - AlstraSoft Video Share Enterprise における重要な情報 (フルパス) を取得される脆弱性 - CVE-2007-4087 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
241095 6.8 警告 AlstraSoft - AlstraSoft Video Share Enterprise における SQL インジェクションの脆弱性 - CVE-2007-4086 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
241096 6.8 警告 AlstraSoft - AlstraSoft AskMe Pro における SQL インジェクションの脆弱性 - CVE-2007-4085 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
241097 7.5 危険 AlstraSoft - AlstraSoft Affiliate Network Pro における SQL インジェクションの脆弱性 - CVE-2007-4084 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
241098 4.3 警告 AlstraSoft - AlstraSoft AskMe Pro におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4083 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
241099 4.3 警告 AlstraSoft - AlstraSoft Article Manager Pro の contact_author.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4082 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
241100 4.3 警告 AlstraSoft - AlstraSoft Affiliate Network Pro におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4081 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
591 7.4 HIGH
Network 		- - @fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not accoun… Update CWE-436
 Interpretation Conflict 		CVE-2026-33804 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
592 - - - A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or dee… Update CWE-20
 Improper Input Validation  		CVE-2026-6409 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
593 - - - A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a… Update CWE-331
 Insufficient Entropy 		CVE-2026-2336 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
594 5.4 MEDIUM
Network 		- - A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST Parameter Handler. The manipulation of the argum… New CWE-22
Path Traversal 		CVE-2026-6496 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
595 3.5 LOW
Network 		- - A flaw has been found in lukevella rallly up to 4.7.4. This affects an unknown function of the file apps/web/src/app/[locale]/(auth)/reset-password/components/reset-password-form.tsx of the component… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6493 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
596 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php. Update CWE-89
SQL Injection 		CVE-2026-37336 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
597 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php. Update CWE-89
SQL Injection 		CVE-2026-37337 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
598 9.4 CRITICAL
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php. Update CWE-89
SQL Injection 		CVE-2026-37338 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
599 9.8 CRITICAL
Network 		- - SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php. Update CWE-89
SQL Injection 		CVE-2026-37345 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
600 4.7 MEDIUM
Network 		- - SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=. Update CWE-89
SQL Injection 		CVE-2026-37346 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm