Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226971	6.8	警告	sazcart	-	SazCart における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2224	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

226972	7.5	危険	scorpnews	-	Thomas Gossmann ScorpNews の example.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2193	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

226973	6.8	警告	postnuke software foundation	-	PostNuke 用の pnEncyclopedia モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2191	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

226974	6.8	警告	romedchim international srl	-	Online Rent の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2190	2012-12-20 18:52	2008-05-14	Show	GitHub Exploit DB Packet Storm

226975	4.3	警告	Toocharger	-	SMartBlog の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2185	2012-12-20 18:52	2008-05-13	Show	GitHub Exploit DB Packet Storm

226976	7.5	危険	Toocharger	-	SMartBlog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2184	2012-12-20 18:52	2008-05-13	Show	GitHub Exploit DB Packet Storm

226977	7.5	危険	Toocharger	-	SMartBlog の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2183	2012-12-20 18:52	2008-05-13	Show	GitHub Exploit DB Packet Storm

226978	4.3	警告	TYPO3 Association	-	TYPO3 用の powermail エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2182	2012-12-20 18:52	2008-05-13	Show	GitHub Exploit DB Packet Storm

226979	4.3	警告	zomp	-	Zomplog の admin/category.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2176	2012-12-20 18:52	2008-05-13	Show	GitHub Exploit DB Packet Storm

226980	6.5	警告	shelter manager	-	Robin Rawson-Tetley ASM における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2174	2012-12-20 18:52	2008-05-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1661	9.8	CRITICAL Network	-	-	A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulatio…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7243	2026-04-28 18:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1662	9.8	CRITICAL Network	-	-	A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipul…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7242	2026-04-28 18:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1663	9.8	CRITICAL Network	-	-	A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipula…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7241	2026-04-28 18:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1664	9.8	CRITICAL Network	-	-	A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such ma…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7240	2026-04-28 17:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1665	5.3	MEDIUM Network	-	-	A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file …	CWE-22 Path Traversal	CVE-2026-7235	2026-04-28 17:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1666	5.3	MEDIUM Network	-	-	The Booking Package plugin for WordPress is vulnerable to Price Manipulation in versions up to, and including, 1.7.06 This is due to the intentForStripe() function passing user-controlled $_POST['amo…	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-4911	2026-04-28 17:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1667	6.4	MEDIUM Network	-	-	The Woostify plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.5.0 This is due to insufficient input sanitization and output escaping in the bundle…	CWE-79 Cross-site Scripting	CVE-2026-4805	2026-04-28 17:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1668	6.5	MEDIUM Local	-	-	KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of …	CWE-669 Incorrect Resource Transfer Between Spheres	CVE-2026-41525	2026-04-28 17:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1669	-		-	-	Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to prot…	CWE-306 Missing Authentication for Critical Function	CVE-2024-54013	2026-04-28 17:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

1670	-		-	-	Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be e…	CWE-78 OS Command	CVE-2024-54012	2026-04-28 17:16	2026-04-28	Show	GitHub Exploit DB Packet Storm