Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229611	5.8	警告	xpression news	-	X-News の news.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-1042	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229612	9.3	危険	sandh	-	S&H Computer Systems News Rover におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-1041	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229613	7.5	危険	xpression news	-	X-News の archives.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1040	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229614	5	警告	shemes.com	-	Shemes.com Grabit におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1038	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229615	9.3	危険	rsbr-software	-	News File Grabber におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-1037	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229616	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Emporium モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-1034	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229617	6.8	警告	phpMyFAQ	-	phpMyFAQ における "サーバ上にファイルをアップロードする権限を取得される" 脆弱性	CWE-noinfo 情報不足	CVE-2007-1032	2012-12-20 18:19	2007-02-8	Show	GitHub Exploit DB Packet Storm

229618	6.8	警告	spoonlabs	-	SpoonLabs Vivvo Article Management CMS の include/db_conn.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-1031	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229619	7.6	危険	quicksoft	-	Quiksoft EasyMail Objects の IMAP4 コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1029	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

229620	7.5	危険	scriptdungeon	-	XLAtunes の view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-1026	2012-12-20 18:19	2007-02-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1451	7.5	HIGH Network	-	-	AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but …	CWE-121 Stack-based Buffer Overflow	CVE-2026-42485	2026-05-6 05:24	2026-05-2	Show	GitHub Exploit DB Packet Storm

1452	8.4	HIGH Local	-	-	flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function.	CWE-121 Stack-based Buffer Overflow	CVE-2026-30363	2026-05-6 05:24	2026-05-2	Show	GitHub Exploit DB Packet Storm

1453	6.1	MEDIUM Network	-	-	wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog.	CWE-79 Cross-site Scripting	CVE-2026-38669	2026-05-6 05:24	2026-05-5	Show	GitHub Exploit DB Packet Storm

1454	-		-	-	Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode <%= ... %> for untrusted metadata fields. In this runtime, <%= ..…	CWE-79 Cross-site Scripting	CVE-2026-42052	2026-05-6 05:24	2026-05-5	Show	GitHub Exploit DB Packet Storm

1455	7.5	HIGH Network	-	-	Boundary Community Edition and Boundary Enterprise (“Boundary”) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the w…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-7776	2026-05-6 05:24	2026-05-5	Show	GitHub Exploit DB Packet Storm

1456	-		-	-	Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of th…	CWE-89 SQL Injection	CVE-2026-40329	2026-05-6 05:24	2026-05-6	Show	GitHub Exploit DB Packet Storm

1457	-		-	-	Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the …	CWE-89 SQL Injection	CVE-2026-40330	2026-05-6 05:24	2026-05-6	Show	GitHub Exploit DB Packet Storm

1458	-		-	-	Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, the unauthenticated JSON API accepts an altT…	CWE-89 SQL Injection	CVE-2026-40331	2026-05-6 05:24	2026-05-6	Show	GitHub Exploit DB Packet Storm

1459	4.6	MEDIUM Network	-	-	PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdown_table_to_image. This…	CWE-22 Path Traversal	CVE-2026-42078	2026-05-6 05:19	2026-05-5	Show	GitHub Exploit DB Packet Storm

1460	8.6	HIGH Local	-	-	PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary code execution via Python eval() of LLM-generated code with builtin…	CWE-95 Eval Injection	CVE-2026-42079	2026-05-6 05:19	2026-05-5	Show	GitHub Exploit DB Packet Storm