Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227321	7.5	危険	viksoe	-	viksoe GMail Drive シェルエクステンションにおける仮想ファイルシステムのアクションを実行される脆弱性	-	CVE-2006-5902	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

227322	6.8	警告	Zend Technologies Ltd.	-	Zend Framework Preview の incubator/tests/Zend/Http/_files/testRedirections.php サンプルコードにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5900	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

227323	5	警告	php heaven	-	PhpMyChat の localization/languages.lib.php3 におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5898	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

227324	5	警告	php heaven	-	PhpMyChat Plus におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2006-5897	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

227325	5	警告	remlab	-	REMLAB Web Mech Designer におけるスクリプトのフルパスを取得される脆弱性	-	CVE-2006-5896	2012-12-20 18:02	2006-11-27	Show	GitHub Exploit DB Packet Storm

227326	6.8	警告	rama cms	-	Rama CMS の lang.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5894	2012-12-20 18:02	2006-11-14	Show	GitHub Exploit DB Packet Storm

227327	7.5	危険	the net guys	-	The Net Guys ASPired2Poll の MoreInfo.asp における SQL インジェクションの脆弱性	-	CVE-2006-5892	2012-12-20 18:02	2006-11-14	Show	GitHub Exploit DB Packet Storm

227328	7.5	危険	superfreaker studios	-	Superfreaker Studios Ustore の detail.asp における SQL インジェクションの脆弱性	-	CVE-2006-5891	2012-12-20 18:02	2006-11-14	Show	GitHub Exploit DB Packet Storm

227329	7.5	危険	superfreaker studios	-	Superfreaker Studios Usupport の detail.asp における SQL インジェクションの脆弱性	-	CVE-2006-5890	2012-12-20 18:02	2006-11-14	Show	GitHub Exploit DB Packet Storm

227330	7.5	危険	superfreaker studios	-	Superfreaker Studios UPublisher の viewarticle.asp における SQL インジェクションの脆弱性	-	CVE-2006-5888	2012-12-20 18:02	2006-11-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
231	9.8	CRITICAL Network	-	-	SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.	CWE-122 Heap-based Buffer Overflow	CVE-2026-32956	2026-04-20 13:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

232	8.8	HIGH Network	-	-	SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.	CWE-121 Stack-based Buffer Overflow	CVE-2026-32955	2026-04-20 13:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

233	2.7	LOW Network	-	-	A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flo…	CWE-255 CWE-256 Credentials Management Plaintext Storage of a Password	CVE-2026-6597	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

234	7.3	HIGH Network	-	-	A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component …	CWE-284 CWE-434 Improper Access Control Unrestricted Upload of File with Dangerous Type	CVE-2026-6596	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

235	7.3	HIGH Network	-	-	A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of t…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6595	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

236	7.3	HIGH Network	-	-	A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly co…	CWE-94 CWE-1321 Code Injection Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-6594	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

237	3.5	LOW Network	-	-	A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cros…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-6593	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

238	3.5	LOW Network	-	-	A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/user_manager.py of the component userdata Endpoint. Such manipulatio…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-6592	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

239	4.3	MEDIUM Network	-	-	A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argum…	CWE-22 Path Traversal	CVE-2026-6591	2026-04-20 10:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

240	4.3	MEDIUM Network	-	-	A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview of the file app/model_manager.py of the component Model Preview Endpoint. The manipulation results in…	CWE-22 Path Traversal	CVE-2026-6590	2026-04-20 10:16	2026-04-20	Show	GitHub Exploit DB Packet Storm