Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1171 5.5 警告
Local 		pnpm pnpm pnpmにおける複数の脆弱性 CWE-22
CWE-732
CVE-2026-24131 2026-01-29 15:58 2026-01-26 Show GitHub Exploit DB Packet Storm
1172 6.5 警告
Network 		phpMyFAQ phpMyFAQ phpMyFAQにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-24420 2026-01-29 15:58 2026-01-24 Show GitHub Exploit DB Packet Storm
1173 7.5 重要
Network 		phpMyFAQ phpMyFAQ phpMyFAQにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-24422 2026-01-29 15:58 2026-01-24 Show GitHub Exploit DB Packet Storm
1174 7.5 重要
Network 		mintplexlabs anythingllm mintplexlabsのanythingllmにおける送信データへの重要な情報の挿入に関する脆弱性 CWE-201
送信データへの重要な情報の挿入 		CVE-2026-24477 2026-01-29 15:58 2026-01-27 Show GitHub Exploit DB Packet Storm
1175 7.2 重要
Network 		mintplexlabs anythingllm mintplexlabsのanythingllmにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-24478 2026-01-29 15:58 2026-01-27 Show GitHub Exploit DB Packet Storm
1176 - - 日立 uCosminexus Primary Server Base
uCosminexus Service Platform(64)
uCosminexus Service Platform
uCosminexus Application Server
uCosminexus … 		Cosminexusにおける複数の脆弱性 - CVE-2025-48976
CVE-2025-48988 		2026-01-29 10:21 2026-01-27 Show GitHub Exploit DB Packet Storm
1177 - - struktur AG libheif libheifにおける境界外読み取りの脆弱性 - CVE-2025-65586 2026-01-29 09:47 2026-01-28 Show GitHub Exploit DB Packet Storm
1178 9.8 緊急
Network 		Centreon Centreon AWIE CentreonのCentreon AWIEにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-15029 2026-01-28 12:42 2026-01-5 Show GitHub Exploit DB Packet Storm
1179 9.8 緊急
Network 		ThemeMove Moody ThemeMoveのWordPress用MoodyにおけるPHP リモートファイルインクルージョンの脆弱性 CWE-98
PHP リモートファイルインクルージョン 		CVE-2025-22707 2026-01-28 12:42 2026-01-8 Show GitHub Exploit DB Packet Storm
1180 9.8 緊急
Network 		ThemeMove Mitech ThemeMoveのWordPress用MitechにおけるPHP リモートファイルインクルージョンの脆弱性 CWE-98
PHP リモートファイルインクルージョン 		CVE-2025-22708 2026-01-28 12:42 2026-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283521 - shttp shttp Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. CWE-22
Path Traversal 		CVE-2007-6404 2018-10-16 06:52 2007-12-18 Show GitHub Exploit DB Packet Storm
283522 - shttpd shttpd Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, … CWE-200
Information Exposure 		CVE-2007-6405 2018-10-16 06:52 2007-12-18 Show GitHub Exploit DB Packet Storm
283523 - hp openview_network_node_manager Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-6204 2018-10-16 06:51 2007-12-14 Show GitHub Exploit DB Packet Storm
283524 - s9y serendipity Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML… CWE-79
Cross-site Scripting 		CVE-2007-6205 2018-10-16 06:51 2007-12-12 Show GitHub Exploit DB Packet Storm
283525 - sing sing Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability i… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-6211 2018-10-16 06:51 2007-12-4 Show GitHub Exploit DB Packet Storm
283526 - irola my-time Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password par… CWE-89
SQL Injection 		CVE-2007-6217 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283527 - apc oas
switched_rack_pdu_firmware 		The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login acces… CWE-287
Improper Authentication 		CVE-2007-6226 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283528 - qemu qemu QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflo… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-6227 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283529 - deluxebb deluxebb cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail a… CWE-287
Improper Authentication 		CVE-2007-6237 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283530 - snitz_communications snitz_forums_2000 SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter. CWE-89
SQL Injection 		CVE-2007-6240 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm