Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223371 7.5 危険 rd-media - Joomla! 用の RD-Autos コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1258 2012-12-20 19:10 2009-04-7 Show GitHub Exploit DB Packet Storm
223372 6.5 警告 podcast generator - Podcast Generator の index.php における config.php へ任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-1230 2012-12-20 19:10 2009-04-2 Show GitHub Exploit DB Packet Storm
223373 7.5 危険 podcast generator - Podcast Generator の core/admin/delete.php における任意のファイルを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1226 2012-12-20 19:10 2009-04-2 Show GitHub Exploit DB Packet Storm
223374 4.3 警告 platinumprofitzone - Turnkey Ebook Store の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1225 2012-12-20 19:10 2009-04-2 Show GitHub Exploit DB Packet Storm
223375 7.5 危険 scivox - vsp stats プロセッサの vsp-core/pub/themes/bismarck/gamestat.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1224 2012-12-20 19:10 2009-04-2 Show GitHub Exploit DB Packet Storm
223376 5.1 警告 webEdition e.V. - webEdition の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-1222 2012-12-20 19:10 2009-04-2 Show GitHub Exploit DB Packet Storm
223377 7.8 危険 precisionid - DMATRIXLib.Datamatrix の PRECIS~2.DLL における任意のファイルを上書きされる脆弱性 CWE-Other
その他 		CVE-2009-1212 2012-12-20 19:10 2009-04-1 Show GitHub Exploit DB Packet Storm
223378 9.3 危険 w3 - W3C Amaya Web Browser におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1209 2012-12-20 19:10 2009-04-1 Show GitHub Exploit DB Packet Storm
223379 4.3 警告 Tiki Software Community Association - Tiki CMS/Groupware におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1204 2012-12-20 19:10 2009-03-18 Show GitHub Exploit DB Packet Storm
223380 5 警告 サン・マイクロシステムズ - Sun JDK の java.util.regex.Pattern.compile メソッドにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1190 2012-12-20 19:10 2009-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1451 7.8 HIGH
Local 		fleetdm fleet Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation flow on collects a local user's password via a GUI dialog and interpolates i… CWE-78
OS Command  		CVE-2026-27806 2026-04-15 04:31 2026-04-9 Show GitHub Exploit DB Packet Storm
1452 5.7 MEDIUM
Adjacent 		lfprojects mcp_java_sdk MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to 1.0.0, the java-sdk contains a DNS rebinding vulnerability. This vulnerability allows an attacker to acc… CWE-346
 Origin Validation Error 		CVE-2026-35568 2026-04-15 04:31 2026-04-8 Show GitHub Exploit DB Packet Storm
1453 9.1 CRITICAL
Network 		qd-today qd QD 20230821 is vulnerable to Server-side request forgery (SSRF) via a crafted request CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2023-46945 2026-04-15 04:29 2026-04-9 Show GitHub Exploit DB Packet Storm
1454 7.2 HIGH
Network 		dreamfactory dreamfactory_core An issue in the component /Controllers/RestController.php of DreamFactory Core v1.0.3 allows attackers to execute a directory traversal via an unsanitized URI path. CWE-22
Path Traversal 		CVE-2025-55988 2026-04-15 04:27 2026-03-21 Show GitHub Exploit DB Packet Storm
1455 7.2 HIGH
Network 		dreamfactory dreamfactory_core Un problema en el componente /Controllers/RestController.php de DreamFactory Core v1.0.3 permite a los atacantes ejecutar un salto de directorio a través de una ruta URI no saneada. CWE-22
Path Traversal 		CVE-2025-55988 2026-04-15 04:27 2026-03-21 Show GitHub Exploit DB Packet Storm
1456 5.4 MEDIUM
Network 		syncfusion syncfusion SyncFusion 30.1.37 is vulnerable to Cross Site Scripting (XSS) via the Document-Editor reply to comment field and Chat-UI Chat message. CWE-79
Cross-site Scripting 		CVE-2025-63260 2026-04-15 04:26 2026-03-21 Show GitHub Exploit DB Packet Storm
1457 5.4 MEDIUM
Network 		syncfusion syncfusion SyncFusion 30.1.37 es vulnerable a Cross Site Scripting (XSS) a través del campo de respuesta a comentarios del Editor de Documentos y el mensaje de chat de la interfaz de usuario de chat. CWE-79
Cross-site Scripting 		CVE-2025-63260 2026-04-15 04:26 2026-03-21 Show GitHub Exploit DB Packet Storm
1458 6.3 MEDIUM
Network 		librechat librechat LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the execute_code sandbox when persisting code-generated artifacts. On deployments us… CWE-22
Path Traversal 		CVE-2026-34371 2026-04-15 04:24 2026-04-8 Show GitHub Exploit DB Packet Storm
1459 5.5 MEDIUM
Local 		flatpak xdg-dbus-proxy xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules b… CWE-1289
NVD-CWE-noinfo
 Improper Validation of Unsafe Equivalence in Input 		CVE-2026-34080 2026-04-15 04:23 2026-04-8 Show GitHub Exploit DB Packet Storm
1460 5.3 MEDIUM
Network 		- - Insertion of Sensitive Information Into Sent Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Retrieve Embedded Sensitive Data.This issue affects Sunshine Photo … CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2026-39564 2026-04-15 04:16 2026-04-8 Show GitHub Exploit DB Packet Storm