Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233701 5 警告 Mozilla Foundation - Mozilla Firefox における任意のドメイン間で情報を受け渡される脆弱性 - CVE-2007-3827 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
233702 10 危険 mehmet zati karahan - MzK Blog の katgoster.asp における SQL インジェクションの脆弱性 - CVE-2007-3824 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
233703 7.8 危険 Ipswitch, Inc. - IPSwitch WS_FTP の Logsrv.exe におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3823 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
233704 5 警告 Opera Software ASA - Opera におけるアドレスバーの data: URI スキームを偽造される脆弱性 CWE-DesignError
CVE-2007-3819 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
233705 7.5 危険 mkportal - MKPortal における SQL インジェクションの脆弱性 - CVE-2007-3814 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
233706 4.3 警告 mkportal - MKPortal 用の NoBoard モジュールの include/user.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3813 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
233707 7.5 危険 it747 - Realtor 747 の index.php における SQL インジェクションの脆弱性 - CVE-2007-3810 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
233708 7.5 危険 php arena - paFileDB の includes/search.php における SQL インジェクションの脆弱性 - CVE-2007-3808 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
233709 7.6 危険 mailmarshal - MailMarshal SMTP 用の Spam Quarantine HTTP インターフェースにおけるアカウントを変更される脆弱性 - CVE-2007-3796 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
233710 7.1 危険 日立 - Hitachi TP1/Server Base におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3795 2012-09-25 16:47 2007-07-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1651 6.4 MEDIUM
Network 		- - Server-Side Request Forgery (SSRF) vulnerability in Getty Images Getty Images getty-images allows Server Side Request Forgery.This issue affects Getty Images: from n/a through <= 4.1.0. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-39630 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1652 5.3 MEDIUM
Network 		- - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through <… CWE-80
Basic XSS 		CVE-2026-39628 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1653 5.3 MEDIUM
Network 		- - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through <= 1.4.8. CWE-80
Basic XSS 		CVE-2026-39626 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1654 9.6 CRITICAL
Network 		- - Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: from n/a through <= 3.5.5. CWE-352
 Origin Validation Error 		CVE-2026-39620 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1655 4.3 MEDIUM
Network 		- - Cross-Site Request Forgery (CSRF) vulnerability in themearile NewsExo newsexo allows Cross Site Request Forgery.This issue affects NewsExo: from n/a through <= 7.1. CWE-352
 Origin Validation Error 		CVE-2026-39618 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1656 5.3 MEDIUM
Network 		- - Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-39616 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1657 7.5 HIGH
Network 		- - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This iss… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2026-39538 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1658 5.4 MEDIUM
Network 		- - Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-39526 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1659 5.3 MEDIUM
Network 		- - Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue … CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-39516 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm
1660 8.5 HIGH
Network 		- - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Fe… CWE-89
SQL Injection 		CVE-2026-39475 2026-04-15 00:16 2026-04-8 Show GitHub Exploit DB Packet Storm