Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 12:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228551 7.5 危険 vb marketing - VB Marketing の tseekdir.cgi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0488 2012-12-20 18:34 2008-01-30 Show GitHub Exploit DB Packet Storm
228552 7.5 危険 the net guys - ASPired2Protect の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0487 2012-12-20 18:34 2008-01-30 Show GitHub Exploit DB Packet Storm
228553 5 警告 webwiz - Web Wiz Rich Text Editor の RTE_file_browser.asp におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0481 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
228554 5 警告 webwiz - Web Wiz Forums におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0480 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
228555 5 警告 webwiz - Web Wiz NewsPad の RTE_file_browser.asp におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0479 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
228556 6.8 警告 setcms - SetCMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0478 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
228557 6.4 警告 webwiz - Web Wiz Rich Text Editor の RTE_popup_save_file.asp における .html ファイルなどをアップロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0473 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
228558 4.3 警告 woltlab - wBB の modcp.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-0472 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
228559 4.3 警告 phpBB - phpBB の privmsg.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-0471 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
228560 7.5 危険 tiger php news system - TPNS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0469 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2621 8.8 HIGH
Network 		tenda hg10_firmware A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-6988 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
2622 8.8 HIGH
Network 		tenda f453_firmware A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injecti… CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-6989 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
2623 7.2 HIGH
Network 		linksys mr9600_firmware A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. T… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-6992 2026-04-30 23:09 2026-04-26 Show GitHub Exploit DB Packet Storm
2624 7.3 HIGH
Network 		dlink dir-822_firmware A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argumen… CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-7067 2026-04-30 23:09 2026-04-27 Show GitHub Exploit DB Packet Storm
2625 8.8 HIGH
Adjacent 		dlink dir-825_firmware A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack ca… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7068 2026-04-30 23:08 2026-04-27 Show GitHub Exploit DB Packet Storm
2626 8.0 HIGH
Adjacent 		dlink dir-825_firmware A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argum… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7069 2026-04-30 23:08 2026-04-27 Show GitHub Exploit DB Packet Storm
2627 7.8 HIGH
Local 		openclaw openclaw OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can… CWE-863
 Incorrect Authorization 		CVE-2026-42432 2026-04-30 23:06 2026-04-29 Show GitHub Exploit DB Packet Storm
2628 8.1 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the … CWE-863
 Incorrect Authorization 		CVE-2026-42431 2026-04-30 23:06 2026-04-29 Show GitHub Exploit DB Packet Storm
2629 7.1 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.8 contains a privilege escalation vulnerability in the gateway plugin HTTP authentication mechanism that widens identity-bearing operator.read requests into runtime operator.wr… CWE-863
 Incorrect Authorization 		CVE-2026-42429 2026-04-30 23:06 2026-04-29 Show GitHub Exploit DB Packet Storm
2630 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks. Attackers can exploit request-time na… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42430 2026-04-30 23:05 2026-04-29 Show GitHub Exploit DB Packet Storm