Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2081	7.5	重要 Network	Spree Commerce	Spree	Spree CommerceのSpreeにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-22589	2026-01-23 14:18	2026-01-10	Show	GitHub Exploit DB Packet Storm

2082	7.1	重要 Local	PNG Development Group	libpng	PNG Development Groupのlibpngにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-22695	2026-01-23 14:18	2026-01-12	Show	GitHub Exploit DB Packet Storm

2083	8.8	重要 Network	appsmith	appsmith	appsmithにおける同一生成元ポリシー違反に関する脆弱性	CWE-346 同一生成元ポリシー違反	CVE-2026-22794	2026-01-23 14:18	2026-01-12	Show	GitHub Exploit DB Packet Storm

2084	8.8	重要 Network	emlog	emlog	emlogにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-22799	2026-01-23 14:18	2026-01-12	Show	GitHub Exploit DB Packet Storm

2085	4.5	警告 Network	thm	PILOS (Platform for Interactive Live-Online Seminars)	Technischen Hochschule MittelhessenのPILOS (Platform for Interactive Live-Online Seminars)におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-22800	2026-01-23 14:18	2026-01-12	Show	GitHub Exploit DB Packet Storm

2086	7.8	重要 Local	PNG Development Group	libpng	PNG Development Groupのlibpngにおける複数の脆弱性	CWE-125 CWE-125 CWE-190	CVE-2026-22801	2026-01-23 14:18	2026-01-12	Show	GitHub Exploit DB Packet Storm

2087	7.5	重要 Network	Svelte project	kit	Svelte projectのkitにおける複数の脆弱性	CWE-770 CWE-789	CVE-2026-22803	2026-01-23 14:18	2026-01-15	Show	GitHub Exploit DB Packet Storm

2088	7.5	重要 Network	Deno Land	Deno	Deno Land Inc.のDenoにおける暗号化処理の不備に関する脆弱性	CWE-325 暗号化処理の不備	CVE-2026-22863	2026-01-23 14:18	2026-01-15	Show	GitHub Exploit DB Packet Storm

2089	9.8	緊急 Network	Deno Land	Deno	Deno Land Inc.のDenoにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-22864	2026-01-23 14:17	2026-01-15	Show	GitHub Exploit DB Packet Storm

2090	7.5	重要 Network	Datadog	guarddog	Datadogのguarddogにおける高圧縮データの処理 (データ増幅)に関する脆弱性	CWE-409 高圧縮データの不適切な処理 (データ増幅)	CVE-2026-22870	2026-01-23 14:17	2026-01-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
11	4.7	MEDIUM Network	-	-	A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-6983	2026-04-26 01:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

12	6.3	MEDIUM Network	-	-	A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.cl… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6982	2026-04-26 00:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

13	6.3	MEDIUM Network	-	-	A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of th… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-6981	2026-04-26 00:16	2026-04-26	Show	GitHub Exploit DB Packet Storm

14	7.3	HIGH Network	-	-	A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repo_path of the file main.py. Such manipulation of the argumen… New	CWE-74 CWE-77 Injection Command Injection	CVE-2026-6980	2026-04-25 23:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

15	6.3	MEDIUM Network	-	-	A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes serve… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-6979	2026-04-25 21:15	2026-04-25	Show	GitHub Exploit DB Packet Storm

16	4.7	MEDIUM Network	-	-	A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sq… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6978	2026-04-25 21:15	2026-04-25	Show	GitHub Exploit DB Packet Storm

17	7.3	HIGH Network	-	-	A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorizati… New	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-6977	2026-04-25 20:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

18	9.8	CRITICAL Network	-	-	Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) t… New	CWE-94 Code Injection	CVE-2026-6951	2026-04-25 20:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

19	-		-	-	In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()` derives a modified EUI-64 from the Ethernet source… New	-	CVE-2026-31685	2026-04-25 18:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

20	-		-	-	In the Linux kernel, the following vulnerability has been resolved: net: sched: act_csum: validate nested VLAN headers tcf_csum_act() walks nested VLAN headers directly from skb->data when an skb s… New	-	CVE-2026-31684	2026-04-25 18:16	2026-04-25	Show	GitHub Exploit DB Packet Storm