Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226971 4 警告 softalk mail server - Softalk Mail Server の IMAP サーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4041 2012-12-20 18:52 2008-09-11 Show GitHub Exploit DB Packet Storm
226972 7.5 危険 spice classifieds - Spice Classifieds の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4039 2012-12-20 18:52 2008-09-11 Show GitHub Exploit DB Packet Storm
226973 4.3 警告 PunBB - PunBB の userlist.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3968 2012-12-20 18:52 2008-08-20 Show GitHub Exploit DB Packet Storm
226974 2.6 注意 ssmtp - ssmtp の ssmtp.c における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-3962 2012-12-20 18:52 2008-08-10 Show GitHub Exploit DB Packet Storm
226975 7.5 危険 Vastal I-Tech & Co. - Vastal I-Tech Shaadi Zone の keyword_search_action.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3953 2012-12-20 18:52 2008-09-10 Show GitHub Exploit DB Packet Storm
226976 7.5 危険 Vastal I-Tech & Co. - Vastal I-Tech Agent Zone の view_ann.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3951 2012-12-20 18:52 2008-09-10 Show GitHub Exploit DB Packet Storm
226977 7.2 危険 SUSE - Emacs の emacs/lisp/progmodes/python.el における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3949 2012-12-20 18:52 2008-09-19 Show GitHub Exploit DB Packet Storm
226978 7.5 危険 xrms - XRMS の admin/users/self-2.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3948 2012-12-20 18:52 2008-09-5 Show GitHub Exploit DB Packet Storm
226979 7.5 危険 source workshop - Words タグの index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3945 2012-12-20 18:52 2008-09-5 Show GitHub Exploit DB Packet Storm
226980 6.9 警告 r foundation - javareconf における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-3931 2012-12-20 18:52 2008-09-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1961 3.5 LOW
Network 		- - A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripti… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6745 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
1962 6.3 MEDIUM
Network 		- - A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping_config of the component E… CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-6799 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
1963 4.3 MEDIUM
Network 		- - A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host … CWE-350
 Reliance on Reverse DNS Resolution for a Security-Critical Action 		CVE-2026-6874 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
1964 5.6 MEDIUM
Network 		- - A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math_equal of the file prime_math/grader.py. The manipulation leads to sandbox issue. It is possible to initiate… CWE-264
CWE-265
Permissions, Privileges, and Access Controls
 Privilege Issues 		CVE-2026-6878 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
1965 9.8 CRITICAL
Network 		- - Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) t… CWE-94
Code Injection 		CVE-2026-6951 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
1966 7.3 HIGH
Network 		- - A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorizati… CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-6977 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
1967 4.7 MEDIUM
Network 		- - A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sq… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-6978 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
1968 6.3 MEDIUM
Network 		- - A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes serve… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6979 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
1969 4.7 MEDIUM
Network 		- - A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6983 2026-04-29 10:00 2026-04-26 Show GitHub Exploit DB Packet Storm
1970 4.7 MEDIUM
Network 		- - A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create_template of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The mani… CWE-791
CWE-1336
 Incomplete Filtering of Special Elements
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-6984 2026-04-29 10:00 2026-04-26 Show GitHub Exploit DB Packet Storm