Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250481 5 警告 オラクル - Oracle Fusion Middleware の Oracle Business Intelligence Enterprise Edition コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-2241 2011-08-1 11:42 2011-07-19 Show GitHub Exploit DB Packet Storm
250482 4 警告 オラクル - Oracle Fusion Middleware の Oracle BPEL Process Manager コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0884 2011-08-1 11:40 2011-07-19 Show GitHub Exploit DB Packet Storm
250483 4 警告 オラクル - Oracle Fusion Middleware の Oracle Containers for J2EE コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0883 2011-08-1 11:33 2011-07-19 Show GitHub Exploit DB Packet Storm
250484 6 警告 オラクル - Oracle Database Server および Oracle Fusion Middleware における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2232 2011-08-1 11:32 2011-07-19 Show GitHub Exploit DB Packet Storm
250485 4.3 警告 オラクル - Oracle Database Server および Oracle Fusion Middleware における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2231 2011-08-1 11:31 2011-07-19 Show GitHub Exploit DB Packet Storm
250486 10 危険 オラクル - Oracle Secure Backup における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2261 2011-08-1 11:30 2011-07-19 Show GitHub Exploit DB Packet Storm
250487 5.1 警告 サイバートラスト株式会社
Carnegie Mellon University (Project Cyrus)
レッドハット		 - Cyrus IMAP Server の STARTTLS 実装における暗号化セッションにコマンドを挿入される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1926 2011-08-1 11:02 2011-05-23 Show GitHub Exploit DB Packet Storm
250488 6.9 警告 GNU Project
サイバートラスト株式会社
レッドハット		 - bash-doc における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-5374 2011-08-1 10:58 2008-12-8 Show GitHub Exploit DB Packet Storm
250489 2.1 注意 レッドハット
fedorahosted.org		 - SSSD の pam_parse_in_data_v2 関数におけるサービス運用妨害 (無限ループ、クラッシュおよびログイン防止) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4341 2011-08-1 10:57 2011-01-25 Show GitHub Exploit DB Packet Storm
250490 10 危険 rsync.samba.org
アップル
レッドハット		 - rsync における隠しファイルを読込/書込される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6200 2011-08-1 10:54 2007-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
181 - - - A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality. New - CVE-2025-54505 2026-04-29 13:16 2026-04-28 Show GitHub Exploit DB Packet Storm
182 6.3 MEDIUM
Network 		- - A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6744 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
183 3.5 LOW
Network 		- - A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripti… Update CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6745 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
184 6.3 MEDIUM
Network 		- - A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping_config of the component E… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-6799 2026-04-29 10:00 2026-04-22 Show GitHub Exploit DB Packet Storm
185 4.3 MEDIUM
Network 		- - A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host … Update CWE-350
 Reliance on Reverse DNS Resolution for a Security-Critical Action 		CVE-2026-6874 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
186 5.6 MEDIUM
Network 		- - A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math_equal of the file prime_math/grader.py. The manipulation leads to sandbox issue. It is possible to initiate… Update CWE-264
CWE-265
Permissions, Privileges, and Access Controls
 Privilege Issues 		CVE-2026-6878 2026-04-29 10:00 2026-04-23 Show GitHub Exploit DB Packet Storm
187 9.8 CRITICAL
Network 		- - Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) t… Update CWE-94
Code Injection 		CVE-2026-6951 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
188 7.3 HIGH
Network 		- - A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorizati… Update CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-6977 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
189 4.7 MEDIUM
Network 		- - A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sq… Update CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-6978 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm
190 6.3 MEDIUM
Network 		- - A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes serve… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6979 2026-04-29 10:00 2026-04-25 Show GitHub Exploit DB Packet Storm