Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228941 7.5 危険 wf-links - XOOPS 用の WF-Links モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-2373 2012-12-20 18:19 2005-06-22 Show GitHub Exploit DB Packet Storm
228942 9.3 危険 シマンテック - Windows 用の Symantec Storage Foundation における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-2279 2012-12-20 18:19 2007-06-1 Show GitHub Exploit DB Packet Storm
228943 7.5 危険 Plogger Project - Plogger におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-2277 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
228944 9.4 危険 rajneel lal totaram - Rajneel Lal TotaRam USP FOSS におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2271 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
228945 5 警告 swsoft - Windows 用の SWsoft Plesk の top.php3 におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2269 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
228946 5 警告 swsoft - Windows 用の SWsoft Plesk におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2268 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
228947 6.8 警告 サン・マイクロシステムズ - Sun Cluster および Solaris Cluster におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2267 2012-12-20 18:19 2007-04-24 Show GitHub Exploit DB Packet Storm
228948 10 危険 Progress Software Corporation - Progress Webspeed Messenger における任意のファイルを実行される脆弱性 CWE-DesignError
CVE-2007-2266 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
228949 6.8 警告 phpee - YA Book におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2265 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
228950 7.5 危険 sinato - Sinato jmuffin の html/php/detail.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2262 2012-12-20 18:19 2007-04-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2031 7.2 HIGH
Network 		- - A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function is_cmd_string_valid of the file /boafrm/formWsc of the component libapmib.so. Performing a manipu… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7218 2026-04-28 12:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2032 5.3 MEDIUM
Network 		- - A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf of the file packages/mcp-of… CWE-22
CWE-36
Path Traversal
 Absolute Path Traversal 		CVE-2026-7217 2026-04-28 12:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2033 7.2 HIGH
Network 		- - A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50(ABVY.7.1)C0 could al… CWE-78
OS Command  		CVE-2026-1460 2026-04-28 12:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2034 6.8 MEDIUM
Adjacent 		- - A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated, adjacent attacker with a… CWE-78
OS Command  		CVE-2026-0711 2026-04-28 12:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2035 9.8 CRITICAL
Network 		- - A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulati… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-7204 2026-04-28 10:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2036 9.8 CRITICAL
Network 		- - A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipul… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-7203 2026-04-28 10:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2037 9.8 CRITICAL
Network 		- - A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of th… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-7202 2026-04-28 10:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2038 6.8 MEDIUM
Network 		- - A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras. CWE-78
OS Command  		CVE-2026-32649 2026-04-28 10:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2039 9.8 CRITICAL
Network 		- - Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys. CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-32644 2026-04-28 10:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2040 8.8 HIGH
Network 		- - An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras. CWE-122
Heap-based Buffer Overflow 		CVE-2026-20766 2026-04-28 10:16 2026-04-28 Show GitHub Exploit DB Packet Storm