Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
311 - - Avation Avation Light Engine Pro Avation Light Engine Proにおける重要な機能に対する認証の欠如の脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-1341 2026-02-5 12:32 2026-02-4 Show GitHub Exploit DB Packet Storm
312 7.5 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. D151
D301 		Shenzhen Tenda Technology Co.,Ltd.のD151等の複数製品における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2021-47802 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
313 7.5 重要
Network 		yodinfo Mini Mouse yodinfoのMini Mouseにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-47849 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
314 7.5 重要
Network 		yodinfo Mini Mouse yodinfoのMini Mouseにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-47850 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
315 9.8 緊急
Network 		yodinfo Mini Mouse yodinfoのMini MouseにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-47851 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
316 7.5 重要
Network 		クアルコム MSM8608 ファームウェア
APQ8017 ファームウェア
qcn6224 ファームウェア
Snapdragon 210 Processor Firmware
fastconnect 7800 ファームウェア
snapdragon 425 mobile … 		クアルコムのQualcomm 205 Mobile Platform ファームウェア等の複数製品におけるバッファオーバーリードの脆弱性 CWE-126
バッファオーバーリード 		CVE-2024-23358 2026-02-4 18:42 2024-09-2 Show GitHub Exploit DB Packet Storm
317 9.8 緊急
Network 		Honeywell International Inc. LenelS2 NetBox Honeywell International Inc.のLenelS2 NetBoxにおけるハードコードされたパスワードの使用に関する脆弱性 CWE-259
パスワードがハードコーディングされている 		CVE-2024-2420 2026-02-4 18:42 2024-05-30 Show GitHub Exploit DB Packet Storm
318 9.8 緊急
Network 		Honeywell International Inc. LenelS2 NetBox Honeywell International Inc.のLenelS2 NetBoxにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-2421 2026-02-4 18:42 2024-05-30 Show GitHub Exploit DB Packet Storm
319 8.8 重要
Network 		Honeywell International Inc. LenelS2 NetBox Honeywell International Inc.のLenelS2 NetBoxにおける引数の挿入または変更に関する脆弱性 CWE-88
引数の挿入または変更 		CVE-2024-2422 2026-02-4 18:42 2024-05-30 Show GitHub Exploit DB Packet Storm
320 6.1 警告
Network 		Tiptap tiptap/extension-link Tiptapのtiptap/extension-linkにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-14284 2026-02-4 18:42 2025-12-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 3.5 LOW
Network 		- - The Email Encoder WordPress plugin before 2.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks… New CWE-79
Cross-site Scripting 		CVE-2024-7083 2026-04-20 23:16 2026-04-20 Show GitHub Exploit DB Packet Storm
172 3.5 LOW
Network 		- - A vulnerability was found in Qibo CMS 1.0. Affected by this vulnerability is an unknown functionality of the component Internal Message Module. Performing a manipulation results in cross site scripti… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6648 2026-04-20 22:16 2026-04-20 Show GitHub Exploit DB Packet Storm
173 4.3 MEDIUM
Network 		- - A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API. Performing a manipulati… New CWE-22
Path Traversal 		CVE-2026-6636 2026-04-20 21:16 2026-04-20 Show GitHub Exploit DB Packet Storm
174 7.3 HIGH
Network 		- - A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function tool_call of the file apps/experimental/tools_webhook/app.py of the component tools_webhook. … New CWE-287
Improper Authentication 		CVE-2026-6635 2026-04-20 21:16 2026-04-20 Show GitHub Exploit DB Packet Storm
175 6.3 MEDIUM
Network 		- - A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the ar… New CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-6634 2026-04-20 21:16 2026-04-20 Show GitHub Exploit DB Packet Storm
176 3.5 LOW
Network 		- - A security flaw has been discovered in Yifang CMS up to 2.0.5. The impacted element is the function store of the file plugins/yifang_backend_account/logic/admin/L_rbac_admin.php of the component Exte… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6633 2026-04-20 21:16 2026-04-20 Show GitHub Exploit DB Packet Storm
177 - - - When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-5958 2026-04-20 21:16 2026-04-20 Show GitHub Exploit DB Packet Storm
178 8.8 HIGH
Network 		- - A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd. The manipulatio… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-6632 2026-04-20 20:16 2026-04-20 Show GitHub Exploit DB Packet Storm
179 8.8 HIGH
Network 		- - A vulnerability was determined in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. Executing a manipul… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-6631 2026-04-20 20:16 2026-04-20 Show GitHub Exploit DB Packet Storm
180 8.8 HIGH
Network 		- - A vulnerability was found in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of th… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-6630 2026-04-20 20:16 2026-04-20 Show GitHub Exploit DB Packet Storm