Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233621 5 警告 Joomla! - Joomla! における重要な情報を取得される脆弱性 - CVE-2007-4185 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
233622 7.5 危険 Joomla! - Joomla! の administrator/popups/pollwindow.php における SQL インジェクションの脆弱性 - CVE-2007-4184 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
233623 7.5 危険 php arena - paBugs の main.php における SQL インジェクションの脆弱性 - CVE-2007-4183 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
233624 4.3 警告 interact - Interact におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4177 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
233625 4.3 警告 openrat - OpenRat CMS の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4175 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
233626 7.5 危険 hunkaray okul - Hunkaray Okul の Portali の duyuruoku.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4173 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
233627 4.3 警告 open webmail - OWM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4172 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
233628 7.5 危険 index script - IndexScript における SQL インジェクションの脆弱性 - CVE-2007-4163 2012-09-25 16:59 2007-07-26 Show GitHub Exploit DB Packet Storm
233629 5 警告 mldonkey - MLDonkey における IP ブロックリストを回避される脆弱性 - CVE-2007-4100 2012-09-25 16:59 2007-07-31 Show GitHub Exploit DB Packet Storm
233630 7.5 危険 idevSpot - IDevSpot PhpHostBot における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4094 2012-09-25 16:59 2007-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1281 7.5 HIGH
Network 		mozilla firefox
thunderbird 		Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. CWE-416
 Use After Free 		CVE-2026-6758 2026-04-22 23:55 2026-04-21 Show GitHub Exploit DB Packet Storm
1282 7.5 HIGH
Network 		mozilla firefox
thunderbird 		Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. CWE-416
 Use After Free 		CVE-2026-6754 2026-04-22 23:53 2026-04-21 Show GitHub Exploit DB Packet Storm
1283 7.5 HIGH
Network 		mozilla firefox
thunderbird 		Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thund… CWE-908
 Use of Uninitialized Resource 		CVE-2026-6749 2026-04-22 23:52 2026-04-21 Show GitHub Exploit DB Packet Storm
1284 9.9 CRITICAL
Network 		asustor data_master A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf() and passing user-controlled data directly to printf(). Due to t… CWE-121
Stack-based Buffer Overflow 		CVE-2026-6643 2026-04-22 23:43 2026-04-20 Show GitHub Exploit DB Packet Storm
1285 9.1 CRITICAL
Network 		asustor data_master A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary co… CWE-78
OS Command  		CVE-2026-6644 2026-04-22 23:42 2026-04-20 Show GitHub Exploit DB Packet Storm
1286 9.8 CRITICAL
Network 		mozilla firefox
thunderbird 		Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. CWE-457
 Use of Uninitialized Variable 		CVE-2026-6748 2026-04-22 23:40 2026-04-21 Show GitHub Exploit DB Packet Storm
1287 7.5 HIGH
Network 		mozilla firefox
thunderbird 		Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. CWE-416
 Use After Free 		CVE-2026-6747 2026-04-22 23:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1288 7.5 HIGH
Network 		mozilla firefox
thunderbird 		Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. CWE-416
 Use After Free 		CVE-2026-6746 2026-04-22 23:38 2026-04-21 Show GitHub Exploit DB Packet Storm
1289 5.3 MEDIUM
Network 		apache doris_mcp_server Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of inten… CWE-89
SQL Injection 		CVE-2025-66335 2026-04-22 23:17 2026-04-20 Show GitHub Exploit DB Packet Storm
1290 - - - Rejected reason: REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such t… - CVE-2026-5358 2026-04-22 23:17 2026-04-21 Show GitHub Exploit DB Packet Storm