Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2081 7.5 重要
Network 		Spree Commerce Spree Spree CommerceのSpreeにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-22589 2026-01-23 14:18 2026-01-10 Show GitHub Exploit DB Packet Storm
2082 7.1 重要
Local 		PNG Development Group libpng PNG Development Groupのlibpngにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-22695 2026-01-23 14:18 2026-01-12 Show GitHub Exploit DB Packet Storm
2083 8.8 重要
Network 		appsmith appsmith appsmithにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-22794 2026-01-23 14:18 2026-01-12 Show GitHub Exploit DB Packet Storm
2084 8.8 重要
Network 		emlog emlog emlogにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-22799 2026-01-23 14:18 2026-01-12 Show GitHub Exploit DB Packet Storm
2085 4.5 警告
Network 		thm PILOS (Platform for Interactive Live-Online Seminars) Technischen Hochschule MittelhessenのPILOS (Platform for Interactive Live-Online Seminars)におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-22800 2026-01-23 14:18 2026-01-12 Show GitHub Exploit DB Packet Storm
2086 7.8 重要
Local 		PNG Development Group libpng PNG Development Groupのlibpngにおける複数の脆弱性 CWE-125
CWE-125
CWE-190
CVE-2026-22801 2026-01-23 14:18 2026-01-12 Show GitHub Exploit DB Packet Storm
2087 7.5 重要
Network 		Svelte project kit Svelte projectのkitにおける複数の脆弱性 CWE-770
CWE-789
CVE-2026-22803 2026-01-23 14:18 2026-01-15 Show GitHub Exploit DB Packet Storm
2088 7.5 重要
Network 		Deno Land Deno Deno Land Inc.のDenoにおける暗号化処理の不備に関する脆弱性 CWE-325
暗号化処理の不備 		CVE-2026-22863 2026-01-23 14:18 2026-01-15 Show GitHub Exploit DB Packet Storm
2089 9.8 緊急
Network 		Deno Land Deno Deno Land Inc.のDenoにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-22864 2026-01-23 14:17 2026-01-15 Show GitHub Exploit DB Packet Storm
2090 7.5 重要
Network 		Datadog guarddog Datadogのguarddogにおける高圧縮データの処理 (データ増幅)に関する脆弱性 CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-22870 2026-01-23 14:17 2026-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283321 - macrovision flexnet_connect
update_service 		Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second … NVD-CWE-Other
CVE-2007-2419 2018-10-17 01:43 2007-06-6 Show GitHub Exploit DB Packet Storm
283322 - burak_yilmaz burak_yilmaz_blog SQL injection vulnerability in bry.asp in Burak Yilmaz Blog 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NVD-CWE-Other
CVE-2007-2420 2018-10-17 01:43 2007-05-2 Show GitHub Exploit DB Packet Storm
283323 - ahhp-portal ahhp-portal Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp-Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) fp or (2) sc parameter. CWE-94
Code Injection 		CVE-2007-2428 2018-10-17 01:43 2007-05-2 Show GitHub Exploit DB Packet Storm
283324 - vim_development_group vim The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines. NVD-CWE-Other
CVE-2007-2438 2018-10-17 01:43 2007-05-3 Show GitHub Exploit DB Packet Storm
283325 - vim_development_group vim Successful exploitation requires that the "modelines" option is enabled and the user is tricked into opening a malicious file. NVD-CWE-Other
CVE-2007-2438 2018-10-17 01:43 2007-05-3 Show GitHub Exploit DB Packet Storm
283326 - vim_development_group vim The vendor has addressed this issue with the following patches: VIM Development Group VIM 7.0- VIM Development Group patch 7.0.234 ftp://ftp.vim.org/pub/vim/patches/7.0/7.0.234 VIM Developm… NVD-CWE-Other
CVE-2007-2438 2018-10-17 01:43 2007-05-3 Show GitHub Exploit DB Packet Storm
283327 - png_reference_library libpng The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a ba… NVD-CWE-noinfo
CVE-2007-2445 2018-10-17 01:43 2007-05-17 Show GitHub Exploit DB Packet Storm
283328 - samba samba Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (ne… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-2446 2018-10-17 01:43 2007-05-15 Show GitHub Exploit DB Packet Storm
283329 - samba samba The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when th… NVD-CWE-Other
CVE-2007-2447 2018-10-17 01:43 2007-05-15 Show GitHub Exploit DB Packet Storm
283330 - oracle database_server Unspecified vulnerability in the Authentication component for Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and attack vectors, aka DB05. NOTE: as of 20070424, Oracle has not disputed rel… NVD-CWE-noinfo
CVE-2007-2112 2018-10-17 01:42 2007-04-19 Show GitHub Exploit DB Packet Storm