Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
238791	9.3	危険	OrangeHRM	-	OrangeHRM の Login ページにおける脆弱性	-	CVE-2007-1193	2012-09-25 16:47	2007-02-9	Show	GitHub Exploit DB Packet Storm

238792	5	警告	hyperbook	-	Thomas R. Pasawicz HyperBook Guestbook におけるパスワードハッシュをダウンロードされる脆弱性	-	CVE-2007-1192	2012-09-25 16:47	2007-03-2	Show	GitHub Exploit DB Packet Storm

238793	6.4	警告	nukescripts	-	NukeSentinel の nukesentinel.php における SQL インジェクションの脆弱性	-	CVE-2007-1172	2012-09-25 16:47	2007-03-2	Show	GitHub Exploit DB Packet Storm

238794	6.8	警告	Mozilla Foundation	-	Mozilla Firefox におけるアドレスバーなどを偽造される脆弱性	-	CVE-2007-1256	2012-09-25 16:47	2007-03-3	Show	GitHub Exploit DB Packet Storm

238795	9.3	危険	netrek	-	Netrek Vanilla Server 用の ntserv/warning.c におけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2007-1251	2012-09-25 16:47	2007-03-3	Show	GitHub Exploit DB Packet Storm

238796	7.6	危険	MPlayer project	-	xine-lib で使用される MPlayer におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-1246	2012-09-25 16:47	2007-03-3	Show	GitHub Exploit DB Packet Storm

238797	4.3	警告	Irfan Skiljan	-	IrfanView におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2007-1245	2012-09-25 16:47	2007-03-3	Show	GitHub Exploit DB Packet Storm

238798	4.3	警告	マイクロソフト	-	Microsoft Excel 2003 におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1239	2012-09-25 16:47	2007-03-3	Show	GitHub Exploit DB Packet Storm

238799	4.3	警告	マイクロソフト	-	Microsoft Office 2003 におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-1238	2012-09-25 16:47	2007-03-3	Show	GitHub Exploit DB Packet Storm

238800	4.3	警告	Nullsoft	-	Nullsoft ShoutcastServer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1229	2012-09-25 16:47	2007-03-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1911	7.5	HIGH Network	apple	ipados iphone_os visionos	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to access sensitive user data.	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-28964	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1912	4.4	MEDIUM Local	anthropic	claude_sdk_for_typescript	Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.91.1, the BetaLocalFilesystemMemoryTool in …	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-41686	2026-05-13 03:37	2026-05-5	Show	GitHub Exploit DB Packet Storm

1913	-		-	-	LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before …	CWE-522 Insufficiently Protected Credentials	CVE-2026-8368	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

1914	4.2	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement p…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-43883	2026-05-13 03:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

1915	5.4	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the de…	CWE-352 Origin Validation Error	CVE-2026-43877	2026-05-13 03:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

1916	7.3	HIGH Network	-	-	CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its make_parquet_list.py data processing tool. The script l…	CWE-502 Deserialization of Untrusted Data	CVE-2026-31249	2026-05-13 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1917	7.5	HIGH Network	-	-	docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url.	CWE-22 Path Traversal	CVE-2025-65418	2026-05-13 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1918	5.5	MEDIUM Local	python	pillow	Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polyg…	CWE-122 Heap-based Buffer Overflow	CVE-2026-42309	2026-05-13 02:57	2026-05-9	Show	GitHub Exploit DB Packet Storm

1919	5.5	MEDIUM Local	python	pillow	Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer…	CWE-190 Integer Overflow or Wraparound	CVE-2026-42308	2026-05-13 02:57	2026-05-9	Show	GitHub Exploit DB Packet Storm

1920	5.5	MEDIUM Local	python	pillow	Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-42310	2026-05-13 02:55	2026-05-9	Show	GitHub Exploit DB Packet Storm