Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233981 10 危険 MicroWorld Technologies Inc. - MicroWorld Technologies eScan におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2687 2012-09-25 16:47 2007-05-23 Show GitHub Exploit DB Packet Storm
233982 4.3 警告 jetbox - Jetbox CMS の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2686 2012-09-25 16:47 2007-05-22 Show GitHub Exploit DB Packet Storm
233983 7.5 危険 jetbox - Jetbox CMS の index.php における SQL インジェクションの脆弱性 - CVE-2007-2685 2012-09-25 16:47 2007-05-21 Show GitHub Exploit DB Packet Storm
233984 5 警告 jetbox - Jetbox CMS における重要な情報を取得される脆弱性 - CVE-2007-2684 2012-09-25 16:47 2007-05-21 Show GitHub Exploit DB Packet Storm
233985 7.5 危険 netsprint - Netsprint Toolbar の toolbar.dll におけるバッファオーバーフローの脆弱性 - CVE-2007-2678 2012-09-25 16:47 2007-05-14 Show GitHub Exploit DB Packet Storm
233986 7.5 危険 open translation engine - OTE の skins/header.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2676 2012-09-25 16:47 2007-05-14 Show GitHub Exploit DB Packet Storm
233987 7.1 危険 Mozilla Foundation - Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2671 2012-09-25 16:47 2007-05-14 Show GitHub Exploit DB Packet Storm
233988 7.6 危険 Don Ho
scintilla		 - notepad++ で使用される Scintilla の LexRuby.cxx におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2666 2012-09-25 16:47 2007-05-14 Show GitHub Exploit DB Packet Storm
233989 7.5 危険 php firstpost - PhpFirstPost の block.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2665 2012-09-25 16:47 2007-05-14 Show GitHub Exploit DB Packet Storm
233990 3.5 注意 MySQL AB - MySQL におけるパーティションで区切られたテーブルから重要な情報を取得される脆弱性 - CVE-2007-2693 2012-09-25 16:47 2006-10-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1691 - - - Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via custom fields. This issue affects Pandora FMS: from 777 through 800 CWE-89
SQL Injection 		CVE-2026-34186 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1692 - - - Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Event Response execution. This issue affects Pandora FMS: from 777 through 800 CWE-78
OS Command  		CVE-2026-34188 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1693 - - - Decidim is a participatory democracy framework. In versions below 0.30.5 and 0.31.0.rc1 through 0.31.0, a stored code execution vulnerability in the user name field allows a low-privileged attacker t… CWE-79
Cross-site Scripting 		CVE-2026-23891 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1694 4.0 MEDIUM
Network 		- - An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame wit… CWE-130
 Improper Handling of Length Parameter Inconsistency 		CVE-2026-33555 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1695 8.8 HIGH
Network 		- - The `/registercrd` endpoint in KubePlus 4.14 in the kubeconfiggenerator component is vulnerable to command injection. The component uses `subprocess.Popen()` with `shell=True` parameter to execute sh… CWE-94
Code Injection 		CVE-2026-29955 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1696 8.1 HIGH
Network 		- - simple-git enables running native Git commands from JavaScript. Versions up to and including 3.31.1 allow execution of arbitrary commands through Git option manipulation, bypassing safety checks mean… CWE-78
OS Command  		CVE-2026-28291 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1697 8.2 HIGH
Network 		- - jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvp_string_append() and jvp_string_copy_replace_bad functions, where concatenating strin… CWE-122
CWE-190
Heap-based Buffer Overflow
 Integer Overflow or Wraparound 		CVE-2026-32316 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1698 9.8 CRITICAL
Network 		- - An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message. CWE-94
Code Injection 		CVE-2026-31048 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1699 7.5 HIGH
Network 		- - nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by … CWE-125
CWE-193
Out-of-bounds Read
 Off-by-one Error 		CVE-2026-32605 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1700 4.3 MEDIUM
Network 		- - EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have an authenticated Server-Side Request Forgery (SSRF) vulnerability that allows bypassing the inter… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-33534 2026-04-18 00:38 2026-04-14 Show GitHub Exploit DB Packet Storm