Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1141 9.1 緊急
Network 		mindsdb MindsDB MindsDB IncのMindsDBにおける複数の脆弱性 CWE-22
CWE-23
CWE-36
CVE-2025-68472 2026-01-29 16:00 2026-01-12 Show GitHub Exploit DB Packet Storm
1142 6.1 警告
Network 		shopfiles ebook store shopfilesのWordPress用ebook storeにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-8113 2026-01-29 16:00 2025-08-16 Show GitHub Exploit DB Packet Storm
1143 8.8 重要
Network 		SAP SAP HANA Database SAPのSAP HANA Databaseにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-0492 2026-01-29 16:00 2026-01-13 Show GitHub Exploit DB Packet Storm
1144 9.9 緊急
Network 		Cloudflare, Inc. wrangler Cloudflare, Inc.のwranglerにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-0933 2026-01-29 15:59 2026-01-20 Show GitHub Exploit DB Packet Storm
1145 8.8 重要
Network 		PHPGurukul News Portal Project in PHP and MySql PHPGurukulのNews Portal Project in PHP and MySqlにおける複数の脆弱性 CWE-266
CWE-285
CVE-2026-1141 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1146 6.5 警告
Network 		PHPGurukul News Portal Project in PHP and MySql PHPGurukulのNews Portal Project in PHP and MySqlにおける複数の脆弱性 CWE-352
CWE-862
CVE-2026-1142 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1147 3.3
Local 		GPAC GPAC GPACにおける複数の脆弱性 CWE-404
CWE-476
CWE-476
CVE-2026-1415 2026-01-29 15:59 2026-01-26 Show GitHub Exploit DB Packet Storm
1148 3.3
Local 		GPAC GPAC GPACにおける複数の脆弱性 CWE-404
CWE-476
CWE-476
CVE-2026-1416 2026-01-29 15:59 2026-01-26 Show GitHub Exploit DB Packet Storm
1149 3.3
Local 		GPAC GPAC GPACにおける複数の脆弱性 CWE-404
CWE-476
CWE-476
CVE-2026-1417 2026-01-29 15:59 2026-01-26 Show GitHub Exploit DB Packet Storm
1150 7.8 重要
Local 		GPAC GPAC GPACにおける複数の脆弱性 CWE-119
CWE-787
CWE-787
CVE-2026-1418 2026-01-29 15:59 2026-01-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283731 - phpbb_wordsearch phpbb_wordsearch PHP remote file inclusion vulnerability in admin_rebuild_search.php in phpbb_wordsearch allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NVD-CWE-Other
CVE-2007-1048 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283732 - abledesign mycalendar Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via (1) the go parameter, (2) the keyword param… CWE-79
Cross-site Scripting 		CVE-2007-1050 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283733 - comodo comodo_firewall_pro Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass secur… NVD-CWE-Other
CVE-2007-1051 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283734 - mediawiki mediawiki Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML… NVD-CWE-Other
CVE-2007-1054 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283735 - mediawiki mediawiki Successful exploitation requires that "$wgUseAjax" is enabled NVD-CWE-Other
CVE-2007-1054 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283736 - vmware workstation VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, acce… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-1056 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283737 - interspire sendstudio Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, when register_globals and allow_fopenurl are enabled, allow remote attackers to execute arbitrary PHP … NVD-CWE-Other
CVE-2007-1060 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283738 - francisco_burzi php-nuke SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via th… NVD-CWE-Other
CVE-2007-1061 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283739 - vmware workstation The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF). NVD-CWE-Other
CVE-2007-1069 2018-10-17 01:36 2007-05-3 Show GitHub Exploit DB Packet Storm
283740 - trend_micro serverprotect Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafte… NVD-CWE-Other
CVE-2007-1070 2018-10-17 01:36 2007-02-21 Show GitHub Exploit DB Packet Storm