Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
236161 5 警告 xt:Commerce - xtcommerce の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1126 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236162 4.3 警告 xeroxer - XeroXer Simple one-file gallery の gallery.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1125 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236163 5 警告 xeroxer - XeroXer Simple one-file gallery の gallery.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1124 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236164 7.5 危険 ZPanel Project - ZPanel における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1123 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236165 6.4 警告 zephyrsoft toolbox - Mathis Dirksen-Thedens ZephyrSoft Toolbox ABC における SQL インジェクションの脆弱性 - CVE-2007-1122 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236166 6.4 警告 zephyrsoft toolbox - Mathis Dirksen-Thedens ZephyrSoft Toolbox ABC における SQL インジェクションの脆弱性 - CVE-2007-1121 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236167 9.3 危険 steema software - TeeChart Pro ActiveX コントロールにおける .tee ファイルをダウンロードされる脆弱性 - CVE-2007-1120 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236168 4.3 警告 phpwebgallery - Phpwebgallery におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1109 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236169 4.3 警告 The Tor Project - Tor における超過リソースを不当要求される脆弱性 - CVE-2007-1103 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
236170 7.8 危険 pickle - Ahmet Sacan Pickle の download.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1100 2012-12-20 18:19 2007-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
131 3.7 LOW
Network 		- - A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodby… New CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-13491 2026-06-30 03:43 2026-06-28 Show GitHub Exploit DB Packet Storm
132 3.1 LOW
Network 		- - A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversation_api.py of the component Workflow Checkpoint Resto… New CWE-99
Resource Injection 		CVE-2026-13493 2026-06-30 03:43 2026-06-28 Show GitHub Exploit DB Packet Storm
133 6.3 MEDIUM
Network 		- - A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid cause… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-13497 2026-06-30 03:43 2026-06-28 Show GitHub Exploit DB Packet Storm
134 4.3 MEDIUM
Network 		- - A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file login_register.php of the component Registration Handler. Performing… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-13499 2026-06-30 03:43 2026-06-28 Show GitHub Exploit DB Packet Storm
135 6.3 MEDIUM
Network 		- - A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipul… New CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-13560 2026-06-30 03:43 2026-06-29 Show GitHub Exploit DB Packet Storm
136 8.8 HIGH
Network 		- - A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the ar… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-13562 2026-06-30 03:43 2026-06-29 Show GitHub Exploit DB Packet Storm
137 5.0 MEDIUM
Network 		- - A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the component Experiment-scoped Label Schema CRUD API. Such man… New CWE-862
CWE-863
 Missing Authorization
 Incorrect Authorization 		CVE-2026-13484 2026-06-30 03:42 2026-06-28 Show GitHub Exploit DB Packet Storm
138 7.5 HIGH
Network 		envoyproxy envoy Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O(… Update CWE-1124
CVE-2026-48042 2026-06-30 03:42 2026-06-27 Show GitHub Exploit DB Packet Storm
139 7.3 HIGH
Network 		- - A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipul… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-13498 2026-06-30 03:41 2026-06-28 Show GitHub Exploit DB Packet Storm
140 3.5 LOW
Network 		- - A vulnerability has been found in code-projects Project Management System 1.0. This vulnerability affects unknown code of the file /mail.php of the component Mail Compose Page. Such manipulation lead… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-13504 2026-06-30 03:41 2026-06-29 Show GitHub Exploit DB Packet Storm