Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242321 7.5 危険 dieselscripts - Diesel Job Site の jobs/jobseekers/job-info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6467 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
242322 7.5 危険 e107.org
akirapowered		 - Akira Powered Image Gallery プラグインの image_gallery.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6466 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
242323 7.5 危険 dieter mayer
TYPO3 Association		 - TYPO3 の dmaddredit の FE address edit における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6458 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
242324 7.5 危険 brian wilson - ol'bookmarks manager の show.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6410 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242325 7.5 危険 brian wilson - ol'bookmarks manager の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6409 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242326 7.5 危険 brian wilson - ol'bookmarks manager の frame.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6408 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242327 7.5 危険 brian wilson - ol'bookmarks manager の frame.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6407 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242328 4.3 警告 datalifecms - DLE の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6406 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242329 7.5 危険 greatclone - Hotscripts Clone の showcategory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6405 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242330 4.3 警告 extrosoft - eXtrovert Software Thyme の add_calendars.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6404 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1291 7.2 HIGH
Network 		hcltech bigfix_service_management HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system comp… Update CWE-1188
 Insecure Default Initialization of Resource 		CVE-2025-31974 2026-05-11 22:51 2026-05-7 Show GitHub Exploit DB Packet Storm
1292 6.5 MEDIUM
Network 		open5gs open5gs A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogs_sbi_discovery_option_add_snssais in the library /lib/sbi/message.c of the component NSSF. This manipulation causes… Update CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8123 2026-05-11 22:39 2026-05-8 Show GitHub Exploit DB Packet Storm
1293 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ntfs: ->d_compare() must not block ... so don't use __getname() there. Switch it (and ntfs_d_hash(), while we are at it) to kmal… Update NVD-CWE-noinfo
CVE-2026-43245 2026-05-11 22:34 2026-05-6 Show GitHub Exploit DB Packet Storm
1294 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906_probe() In one of the error paths in tw9906_probe(), the memory allocated … Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-43246 2026-05-11 22:32 2026-05-6 Show GitHub Exploit DB Packet Storm
1295 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. T… Update NVD-CWE-noinfo
CVE-2026-43247 2026-05-11 22:28 2026-05-6 Show GitHub Exploit DB Packet Storm
1296 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: vhost: move vdpa group bound check to vhost_vdpa Remove duplication by consolidating these here. This reduces the posibility of … Update CWE-787
 Out-of-bounds Write 		CVE-2026-43248 2026-05-11 22:14 2026-05-6 Show GitHub Exploit DB Packet Storm
1297 8.8 HIGH
Adjacent 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen_9pfs_front_free against concurrent calls The xenwatch thread can race with other back-end change notification… Update CWE-415
 Double Free 		CVE-2026-43249 2026-05-11 22:10 2026-05-6 Show GitHub Exploit DB Packet Storm
1298 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in ima_restore_measurement_… Update NVD-CWE-noinfo
CVE-2026-43129 2026-05-11 22:08 2026-05-6 Show GitHub Exploit DB Packet Storm
1299 6.1 MEDIUM
Network 		jupyter jupyter_server Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._red… Update CWE-601
Open Redirect 		CVE-2025-61669 2026-05-11 22:01 2026-05-6 Show GitHub Exploit DB Packet Storm
1300 8.8 HIGH
Network 		tenda cx12l_firmware A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based buffer overflow.… Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-8138 2026-05-11 22:00 2026-05-8 Show GitHub Exploit DB Packet Storm