Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227091 4.3 警告 TYPO3 Association - TYPO3 用の KJ Image Lightbox 2 エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2490 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
227092 7.5 危険 TYPO3 Association - TYPO3 用の Frontend プラグインエクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2489 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
227093 6.8 警告 xomol - Xomol CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2484 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
227094 6.8 警告 xomol - Xomol CMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2483 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
227095 10 危険 phpraider - phpRaider の authentication/phpbb3/phpbb3.functions.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2481 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
227096 10 危険 plusphp - plusPHP Short URL Multi-User Script の plus.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2480 2012-12-20 18:52 2008-05-28 Show GitHub Exploit DB Packet Storm
227097 7.5 危険 vBulletin Solutions, Inc. - vBulletin Gold の faq.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2460 2012-12-20 18:52 2008-05-27 Show GitHub Exploit DB Packet Storm
227098 7.5 危険 phpclassifiedsscript - PHP Classifieds Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2453 2012-12-20 18:52 2008-05-27 Show GitHub Exploit DB Packet Storm
227099 4.3 警告 TYPO3 Association - TYPO3 用の Questionaire エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2452 2012-12-20 18:52 2008-05-27 Show GitHub Exploit DB Packet Storm
227100 7.5 危険 TYPO3 Association - TYPO3 用の Statistics エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2451 2012-12-20 18:52 2008-05-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1991 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock btintel_hw_error() issues two __hci_cmd_sync() calls (HCI… CWE-416
 Use After Free 		CVE-2026-31500 2026-04-28 22:57 2026-04-22 Show GitHub Exploit DB Packet Storm
1992 9.8 CRITICAL
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path cppi5_hdesc_get_psdata() returns a pointer into the CPPI … CWE-416
 Use After Free 		CVE-2026-31501 2026-04-28 22:50 2026-04-22 Show GitHub Exploit DB Packet Storm
1993 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: s390/entry: Scrub r12 register on kernel entry Before commit f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP"), all entry handlers … NVD-CWE-noinfo
CVE-2026-31482 2026-04-28 22:46 2026-04-22 Show GitHub Exploit DB Packet Storm
1994 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but d… NVD-CWE-noinfo
CVE-2026-31483 2026-04-28 22:40 2026-04-22 Show GitHub Exploit DB Packet Storm
1995 7.1 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: io_uring/fdinfo: fix OOB read in SQE_MIXED wrap check __io_uring_show_fdinfo() iterates over pending SQEs and, for 128-byte SQEs … CWE-125
Out-of-bounds Read 		CVE-2026-31484 2026-04-28 22:39 2026-04-22 Show GitHub Exploit DB Packet Storm
1996 4.3 MEDIUM
Network 		- - A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRole can inject arbitrary environment variables, such as `LD_PRELOAD` or `http_proxy`, into `docker-bu… CWE-426
 Untrusted Search Path 		CVE-2026-7309 2026-04-28 22:19 2026-04-28 Show GitHub Exploit DB Packet Storm
1997 5.3 MEDIUM
Network 		- - A vulnerability was detected in DV0x creative-ad-agent up to 751b9e5146604dc65049bd0f62dcbdad6212f8a3. Impacted is an unknown function of the file server/sdk-server.ts of the component creative-ad-ag… CWE-22
Path Traversal 		CVE-2026-7271 2026-04-28 22:19 2026-04-28 Show GitHub Exploit DB Packet Storm
1998 - - - P4 Server versions prior to 2026.1 are configured with insecure default settings that, when exposed to untrusted networks, allow unauthenticated attackers to create arbitrary user accounts, enumerate… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-6043 2026-04-28 22:19 2026-04-24 Show GitHub Exploit DB Packet Storm
1999 8.8 HIGH
Network 		- - The ConsulRegistry in the camel-consul component (class org.apache.camel.component.consul.ConsulRegistry and its inner ConsulRegistryUtils.deserialize method) read Java-serialized values from the Con… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-27172 2026-04-28 22:18 2026-04-27 Show GitHub Exploit DB Packet Storm
2000 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue (UAF) There is a teardown order issue in the driver. The SPI controller is registere… CWE-416
 Use After Free 		CVE-2026-31485 2026-04-28 22:12 2026-04-22 Show GitHub Exploit DB Packet Storm