Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226301 7.5 危険 yapbb - YapBB の forumhop.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0768 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
226302 10 危険 xvid - Windows Media Player などで使用される Xvid の xvidcore/src/decoder.c の初期化機能におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0894 2012-12-20 19:10 2007-04-16 Show GitHub Exploit DB Packet Storm
226303 10 危険 xvid - Windows Media Player など使用される Xvid の xvidcore/src/decoder.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0893 2012-12-20 19:10 2007-04-16 Show GitHub Exploit DB Packet Storm
226304 4.3 警告 Scriptsez.net - ScriptsEz Ez PHP Comment におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0762 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
226305 4.3 警告 team5.team board - Team Board の online.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0761 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
226306 5 警告 team5 - Team Board における資格情報を含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-0760 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
226307 6.5 警告 ZNC - ZNC の webadmin における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0759 2012-12-20 19:10 2009-02-24 Show GitHub Exploit DB Packet Storm
226308 5 警告 freedesktop.org - Poppler の JBIG2Stream::readSymbolDictSeg 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-0756 2012-12-20 19:10 2009-01-23 Show GitHub Exploit DB Packet Storm
226309 5 警告 freedesktop.org - Poppler の FormWidgetChoice::loadDefaults 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-0755 2012-12-20 19:10 2009-03-3 Show GitHub Exploit DB Packet Storm
226310 10 危険 シックス・アパート株式会社 - Movable Type Pro などにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-0752 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1451 7.5 HIGH
Network 		- - AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but … Update CWE-121
Stack-based Buffer Overflow 		CVE-2026-42485 2026-05-6 05:24 2026-05-2 Show GitHub Exploit DB Packet Storm
1452 8.4 HIGH
Local 		- - flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function. Update CWE-121
Stack-based Buffer Overflow 		CVE-2026-30363 2026-05-6 05:24 2026-05-2 Show GitHub Exploit DB Packet Storm
1453 6.1 MEDIUM
Network 		- - wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog. Update CWE-79
Cross-site Scripting 		CVE-2026-38669 2026-05-6 05:24 2026-05-5 Show GitHub Exploit DB Packet Storm
1454 - - - Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode <%= ... %> for untrusted metadata fields. In this runtime, <%= ..… Update CWE-79
Cross-site Scripting 		CVE-2026-42052 2026-05-6 05:24 2026-05-5 Show GitHub Exploit DB Packet Storm
1455 7.5 HIGH
Network 		- - Boundary Community Edition and Boundary Enterprise (“Boundary”) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the w… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-7776 2026-05-6 05:24 2026-05-5 Show GitHub Exploit DB Packet Storm
1456 - - - Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of th… New CWE-89
SQL Injection 		CVE-2026-40329 2026-05-6 05:24 2026-05-6 Show GitHub Exploit DB Packet Storm
1457 - - - Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the … New CWE-89
SQL Injection 		CVE-2026-40330 2026-05-6 05:24 2026-05-6 Show GitHub Exploit DB Packet Storm
1458 - - - Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, the unauthenticated JSON API accepts an altT… New CWE-89
SQL Injection 		CVE-2026-40331 2026-05-6 05:24 2026-05-6 Show GitHub Exploit DB Packet Storm
1459 4.6 MEDIUM
Network 		- - PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdown_table_to_image. This… Update CWE-22
Path Traversal 		CVE-2026-42078 2026-05-6 05:19 2026-05-5 Show GitHub Exploit DB Packet Storm
1460 8.6 HIGH
Local 		- - PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary code execution via Python eval() of LLM-generated code with builtin… Update CWE-95
Eval Injection 		CVE-2026-42079 2026-05-6 05:19 2026-05-5 Show GitHub Exploit DB Packet Storm