Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228321	10	危険	phpBB	-	phpBB における脆弱性	-	CVE-2006-6840	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

228322	10	危険	phpBB	-	phpBB における脆弱性	-	CVE-2006-6839	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

228323	7.5	危険	rediff	-	Rediff Bol Downloader OCX コントロールにおける重要な情報 (ユーザ名およびパス名) を取得される脆弱性	-	CVE-2006-6838	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

228324	6.8	警告	sergey oblomov	-	Total Commander 用の ISO プラグインの LoadTree などの関数におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-6837	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

228325	7.5	危険	yrch	-	Yrch! の plugins/metasearch/plug.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6823	2012-12-20 18:02	2006-12-29	Show	GitHub Exploit DB Packet Storm

228326	7.5	危険	vladimir menshakov	-	Vladimir Menshakov buratinable templator の process.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6809	2012-12-20 18:02	2006-12-29	Show	GitHub Exploit DB Packet Storm

228327	6.8	警告	WordPress.org	-	WordPress の wp-admin/templates.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6808	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

228328	7.5	危険	softwebsnepal	-	Softwebs Nepal Ananda Real Estate の list.asp における SQL インジェクションの脆弱性	-	CVE-2006-6807	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

228329	6.8	警告	sh-news	-	SH-News の misc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6801	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

228330	7.5	危険	The Cacti Group	-	Cacti における SQL インジェクションの脆弱性	-	CVE-2006-6799	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1201	5.3	MEDIUM Network	hcltech	aion	HCL AION se ve afectado por una vulnerabilidad donde ciertos identificadores pueden ser predecibles por naturaleza. Los identificadores predecibles pueden permitir a un atacante inferir o adivinar va…	CWE-200 Information Exposure	CVE-2025-52649	2026-04-26 03:04	2026-03-17	Show	GitHub Exploit DB Packet Storm

1202	5.3	MEDIUM Network	hcltech	aion	HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification. This may allow the possibility of unverified or modifie…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2025-52645	2026-04-26 03:04	2026-03-17	Show	GitHub Exploit DB Packet Storm

1203	5.3	MEDIUM Network	hcltech	aion	HCL AION está afectado por una vulnerabilidad donde los mecanismos de empaquetado y distribución de modelos podrían no incluir suficiente verificación de autenticidad. Esto podría permitir la posibil…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2025-52645	2026-04-26 03:04	2026-03-17	Show	GitHub Exploit DB Packet Storm

1204	7.8	HIGH Local	hcltech	aion	HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment. This may expose the application to potential security …	CWE-693 Protection Mechanism Failure	CVE-2025-52643	2026-04-26 03:04	2026-03-17	Show	GitHub Exploit DB Packet Storm

1205	7.8	HIGH Local	hcltech	aion	HCL AION está afectado por una vulnerabilidad donde las operaciones de análisis de archivos no confiables no se ejecutan dentro de un entorno de sandbox debidamente aislado. Esto puede exponer la apl…	CWE-693 Protection Mechanism Failure	CVE-2025-52643	2026-04-26 03:04	2026-03-17	Show	GitHub Exploit DB Packet Storm

1206	7.5	HIGH Network	hcltech	aion	HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially…	CWE-400 Uncontrolled Resource Consumption	CVE-2025-52636	2026-04-26 03:04	2026-03-17	Show	GitHub Exploit DB Packet Storm

1207	7.5	HIGH Network	hcltech	aion	HCL AION se ve afectado por una vulnerabilidad relacionada con el manejo de los límites de tamaño de carga. Un control o validación inadecuados de los tamaños de carga puede permitir un consumo exces…	CWE-400 Uncontrolled Resource Consumption	CVE-2025-52636	2026-04-26 03:04	2026-03-17	Show	GitHub Exploit DB Packet Storm

1208	7.5	HIGH Network	fedify	fedify\/fedify fedify\/vocab-runtime	Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1, @fedify/fedify follows HTTP redirects recursively in its remote doc…	CWE-400 CWE-770 Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2026-34148	2026-04-26 03:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

1209	6.5	MEDIUM Network	mattermost	mattermost_server	Mattermost Plugins versions <=2.3.1 fail to limit the request body size on the {{/lifecycle}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service …	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-21388	2026-04-26 03:02	2026-04-9	Show	GitHub Exploit DB Packet Storm

1210	3.7	LOW Network	linuxfoundation	backstage\/backend_defaults	Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-24048	2026-04-26 03:01	2026-01-22	Show	GitHub Exploit DB Packet Storm