Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225721	5	警告	ソフォス	-	Microsoft Exchange 用の PureMessage におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2008-7104	2012-12-20 19:10	2009-08-27	Show	GitHub Exploit DB Packet Storm

225722	6.8	警告	qsoft-inc	-	Qsoft K-Rate Premium の Manage Templates 機能における任意の PHP コードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2008-7099	2012-12-20 19:10	2009-08-27	Show	GitHub Exploit DB Packet Storm

225723	4.3	警告	qsoft-inc	-	Qsoft K-Rate Premium におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7098	2012-12-20 19:10	2009-08-27	Show	GitHub Exploit DB Packet Storm

225724	7.5	危険	qsoft-inc	-	Qsoft K-Rate Premium における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-7097	2012-12-20 19:10	2009-08-27	Show	GitHub Exploit DB Packet Storm

225725	5	警告	unica	-	Unica Affinium Campaign のリスナーサーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-7094	2012-12-20 19:10	2009-08-26	Show	GitHub Exploit DB Packet Storm

225726	6.8	警告	unica	-	Unica Affinium Campaign におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-7093	2012-12-20 19:10	2009-08-26	Show	GitHub Exploit DB Packet Storm

225727	4.3	警告	unica	-	Unica Affinium Campaign におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7092	2012-12-20 19:10	2009-08-26	Show	GitHub Exploit DB Packet Storm

225728	7.5	危険	Pligg	-	Pligg における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-7091	2012-12-20 19:10	2009-08-26	Show	GitHub Exploit DB Packet Storm

225729	7.8	危険	Pligg	-	Pligg におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-7090	2012-12-20 19:10	2009-08-26	Show	GitHub Exploit DB Packet Storm

225730	4.3	警告	Pligg	-	Pligg におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7089	2012-12-20 19:10	2009-08-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
31	-		-	-	Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtension(C… New	CWE-470 Unsafe Reflection	CVE-2026-42027	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

32	5.3	MEDIUM Network	-	-	Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/{id}, /api/… New	CWE-285 Improper Authorization	CVE-2026-41572	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

33	9.4	CRITICAL Network	-	-	Note Mark is an open-source note-taking application. In version 0.19.2, IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt("null") placeholder whenever a user has no stored pas… New	CWE-287 Improper Authentication	CVE-2026-41571	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

34	7.5	HIGH Network	-	-	Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to en… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-41471	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

35	-		-	-	XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor … New	CWE-611 XXE	CVE-2026-40682	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

36	-		-	-	An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message. New	-	CVE-2026-37459	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

37	8.8	HIGH Network	-	-	An XML external entity (XXE) vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload. Update	CWE-611 XXE	CVE-2026-36765	2026-05-5 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

38	8.8	HIGH Network	-	-	An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary fi… Update	CWE-22 Path Traversal	CVE-2026-36762	2026-05-5 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

39	7.5	HIGH Network	-	-	Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue. New	CWE-126 Buffer Over-read	CVE-2026-34059	2026-05-5 03:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

40	5.3	MEDIUM Network	-	-	Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… New	CWE-125 CWE-170 Out-of-bounds Read Improper Null Termination	CVE-2026-34032	2026-05-5 03:16	2026-05-4	Show	GitHub Exploit DB Packet Storm