Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
237111 10 危険 philex - Philex の header.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1697 2012-09-25 16:47 2007-03-26 Show GitHub Exploit DB Packet Storm
237112 7.5 危険 マイクロソフト - Microsoft Windows 2000 および 2003 Server のデフォルト設定における Web トラフィックを傍受される脆弱性 CWE-16
環境設定 		CVE-2007-1692 2012-09-25 16:47 2007-03-26 Show GitHub Exploit DB Packet Storm
237113 10 危険 internet pictures corporation - iPIX-ImageWell-ipix.dll におけるバッファオーバーフローの脆弱性 - CVE-2007-1687 2012-09-25 16:47 2007-04-10 Show GitHub Exploit DB Packet Storm
237114 6.8 警告 Perion Network - ImShExt.dll の DoWebMenuAction 関数におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1683 2012-09-25 16:47 2007-04-26 Show GitHub Exploit DB Packet Storm
237115 6.6 警告 navision software
NetBSD		 - NetBSD カーネルなどの製品で使用される ISO ネットワークプロトコルサポートにおけるバッファオーバーフローの脆弱性 - CVE-2007-1677 2012-09-25 16:47 2007-03-29 Show GitHub Exploit DB Packet Storm
237116 10 危険 LANDesk - LANDesk Management Suite の aolnsrvr.exe におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1674 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
237117 7.8 危険 Panda Security - Panda Software Antivirus におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1670 2012-09-25 16:47 2007-05-8 Show GitHub Exploit DB Packet Storm
237118 7.5 危険 katalog plyt audio - Katalog Plyt Audio の index.php における SQL インジェクションの脆弱性 - CVE-2007-1656 2012-09-25 16:47 2007-03-23 Show GitHub Exploit DB Packet Storm
237119 9.3 危険 netsieben - NetSieben SSH Library の Ne7sshSftp::addOpenHandle 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-1654 2012-09-25 16:47 2007-03-23 Show GitHub Exploit DB Packet Storm
237120 7.5 危険 OpenID - OpenID における OpenID で有効にされたサイトへユーザーの個人情報を漏洩される脆弱性 - CVE-2007-1652 2012-09-25 16:47 2007-03-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
381 5.4 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in Dialog in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HT… New CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-7998 2026-05-7 22:40 2026-05-7 Show GitHub Exploit DB Packet Storm
382 4.3 MEDIUM
Network 		google chrome Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium… New CWE-200
Information Exposure 		CVE-2026-7999 2026-05-7 22:39 2026-05-7 Show GitHub Exploit DB Packet Storm
383 8.8 HIGH
Network 		google chrome Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium se… New CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-8000 2026-05-7 22:39 2026-05-7 Show GitHub Exploit DB Packet Storm
384 7.7 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to… New CWE-918
CWE-1188
Server-Side Request Forgery (SSRF) 
 Insecure Default Initialization of Resource 		CVE-2026-43527 2026-05-7 22:29 2026-05-5 Show GitHub Exploit DB Packet Storm
385 6.1 MEDIUM
Network 		apache wicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 t… New CWE-79
Cross-site Scripting 		CVE-2026-42509 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
386 9.1 CRITICAL
Network 		apache wicket Missing invocation of Servlet http web request method changeSessionId after session binding can be exploited for a session fixation attack in Apache Wicket. This issue affects Apache Wicket: from 8.… New CWE-384
 Session Fixation 		CVE-2026-40010 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
387 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fix… New CWE-121
CWE-170
Stack-based Buffer Overflow
 Improper Null Termination 		CVE-2026-34464 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
388 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers (KillAllHandler, SuspendAllHandler, and RunSandboxedHandl… New CWE-121
CWE-170
Stack-based Buffer Overflow
 Improper Null Termination 		CVE-2026-34462 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
389 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID_SBIE_I… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-34461 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
390 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code wher… Update CWE-908
 Use of Uninitialized Resource 		CVE-2026-31693 2026-05-7 21:49 2026-04-30 Show GitHub Exploit DB Packet Storm