Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245811 7.5 危険 angel learning - LMS の section/default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-1250 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245812 6.8 警告 contelligent - C1 Financial Services Contelligent の MoveSortedContentAction におけるコンポーネントを並べ替えられる脆弱性 CWE-362
競合状態 		CVE-2007-1249 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245813 4.3 警告 built2go - built2go News Manager Blog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1248 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245814 6.8 警告 aweb labs - aWeb Labs aWebNews における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1247 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245815 7.5 危険 audins audiens - Audins Audiens における製品をアンインストールされる脆弱性 - CVE-2007-1243 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245816 7.5 危険 audins audiens - Audins Audiens の system/index.php における SQL インジェクションの脆弱性 - CVE-2007-1242 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245817 5.8 警告 audins audiens - Audins Audiens の setup.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1241 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245818 4.3 警告 Docebo - Docebo CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1240 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245819 5 警告 bjsintay - sitex における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-1237 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
245820 7.5 危険 bjsintay - sitex における任意の PHP コードをアップロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-1235 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
491 5.9 MEDIUM
Local 		- - Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability. New CWE-840
 Business Logic Errors 		CVE-2026-41968 2026-05-15 23:08 2026-05-15 Show GitHub Exploit DB Packet Storm
492 6.2 MEDIUM
Physics 		- - Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. New CWE-275
 Permission Issues 		CVE-2026-41969 2026-05-15 23:08 2026-05-15 Show GitHub Exploit DB Packet Storm
493 6.8 MEDIUM
Adjacent 		- - Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability. New CWE-787
 Out-of-bounds Write 		CVE-2026-41970 2026-05-15 23:08 2026-05-15 Show GitHub Exploit DB Packet Storm
494 5.5 MEDIUM
Local 		- - Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. New CWE-840
 Business Logic Errors 		CVE-2026-41971 2026-05-15 23:08 2026-05-15 Show GitHub Exploit DB Packet Storm
495 8.3 HIGH
Network 		pyload-ng_project pyload-ng pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates … Update CWE-441
CWE-863
CWE-918
Confused Deputy
 Incorrect Authorization
Server-Side Request Forgery (SSRF)  		CVE-2026-42313 2026-05-15 23:04 2026-05-12 Show GitHub Exploit DB Packet Storm
496 6.7 MEDIUM
Local 		fortinet fortiap
fortiap-u
fortiap-w2 		An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5… Update CWE-78
OS Command  		CVE-2025-53680 2026-05-15 23:04 2026-05-13 Show GitHub Exploit DB Packet Storm
497 7.2 HIGH
Network 		fortinet fortimail An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerability [CWE-89] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5,… Update CWE-89
SQL Injection 		CVE-2025-53681 2026-05-15 23:04 2026-05-13 Show GitHub Exploit DB Packet Storm
498 8.8 HIGH
Network 		fortinet fortios A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via spe… Update CWE-787
 Out-of-bounds Write 		CVE-2025-53844 2026-05-15 23:04 2026-05-13 Show GitHub Exploit DB Packet Storm
499 5.3 MEDIUM
Network 		fortinet fortianalyzer
fortimanager 		A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions,… Update CWE-676
 Use of Potentially Dangerous Function 		CVE-2025-67604 2026-05-15 23:03 2026-05-13 Show GitHub Exploit DB Packet Storm
500 7.2 HIGH
Network 		ivanti virtual_traffic_manager OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Update CWE-78
OS Command  		CVE-2026-8051 2026-05-15 22:58 2026-05-13 Show GitHub Exploit DB Packet Storm