Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241171 10 危険 アップル - Apple Mac OS X の mDNSResponder における任意のコードを実行される脆弱性 - CVE-2007-3828 2012-06-26 15:54 2007-07-17 Show GitHub Exploit DB Packet Storm
241172 9.3 危険 CA Technologies - 複数の CA 製品で使用される CA Alert Notification Server の RPC 実装におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-3825 2012-06-26 15:54 2007-07-17 Show GitHub Exploit DB Packet Storm
241173 2.6 注意 citadel - Webcit におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3822 2012-06-26 15:54 2007-07-16 Show GitHub Exploit DB Packet Storm
241174 7.5 危険 citadel - Webcit におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-3821 2012-06-26 15:54 2007-07-16 Show GitHub Exploit DB Packet Storm
241175 3.5 注意 Drupal - Drupal 用の LoginToboggan モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3818 2012-06-26 15:54 2007-07-12 Show GitHub Exploit DB Packet Storm
241176 4.3 警告 Drupal - Drupal 用の LoginToboggan モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3817 2012-06-26 15:54 2007-07-12 Show GitHub Exploit DB Packet Storm
241177 7.5 危険 CMScout - CMScout の forums.php における SQL インジェクションの脆弱性 - CVE-2007-3812 2012-06-26 15:54 2007-07-16 Show GitHub Exploit DB Packet Storm
241178 7.5 危険 eSyndiCat - eSyndiCat における SQL インジェクションの脆弱性 - CVE-2007-3811 2012-06-26 15:54 2007-07-16 Show GitHub Exploit DB Packet Storm
241179 5.4 警告 Clavister AB - Clavister CorePlus の IKE 実装におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3805 2012-06-26 15:54 2007-07-16 Show GitHub Exploit DB Packet Storm
241180 5 警告 Clavister AB - Clavister CorePlus の AntiVirus エンジンにおけるスキャンを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-3804 2012-06-26 15:54 2007-07-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
591 7.4 HIGH
Network 		- - @fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not accoun… Update CWE-436
 Interpretation Conflict 		CVE-2026-33804 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
592 - - - A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or dee… Update CWE-20
 Improper Input Validation  		CVE-2026-6409 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
593 - - - A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a… Update CWE-331
 Insufficient Entropy 		CVE-2026-2336 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
594 5.4 MEDIUM
Network 		- - A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST Parameter Handler. The manipulation of the argum… New CWE-22
Path Traversal 		CVE-2026-6496 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
595 3.5 LOW
Network 		- - A flaw has been found in lukevella rallly up to 4.7.4. This affects an unknown function of the file apps/web/src/app/[locale]/(auth)/reset-password/components/reset-password-form.tsx of the component… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6493 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
596 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php. Update CWE-89
SQL Injection 		CVE-2026-37336 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
597 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php. Update CWE-89
SQL Injection 		CVE-2026-37337 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
598 9.4 CRITICAL
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php. Update CWE-89
SQL Injection 		CVE-2026-37338 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
599 9.8 CRITICAL
Network 		- - SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php. Update CWE-89
SQL Injection 		CVE-2026-37345 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
600 4.7 MEDIUM
Network 		- - SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=. Update CWE-89
SQL Injection 		CVE-2026-37346 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm