Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242621	9	危険	Openbase International	-	OpenBase におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5927	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

242622	9	危険	Openbase International	-	OpenBase における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2007-5926	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

242623	5	警告	mywebftp	-	MyWebFTP における MD5 パスワードハッシュを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5919	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

242624	6	警告	ms topsites	-	PHP-Nuke の MS TopSites アドオンにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-5918	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

242625	6.8	警告	jean charles	-	JBC Explorer の dirsys/modules/config/post.php における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2007-5914	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

242626	6.8	警告	jean charles	-	JBC Explorer の dirsys/modules/auth.php における auth.inc.php を削除される脆弱性	CWE-287 不適切な認証	CVE-2007-5913	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

242627	7.5	危険	jportal	-	jPORTAL の mailer.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5912	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

242628	10	危険	MIT Kerberos	-	krb5 の lib/rpc/svc_auth_gss.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2007-5902	2012-09-25 16:59	2007-12-5	Show	GitHub Exploit DB Packet Storm

242629	8.5	危険	オラクル	-	Oracle Database Server の MDSYS.SDO_CS におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5897	2012-09-25 16:59	2007-10-16	Show	GitHub Exploit DB Packet Storm

242630	7.1	危険	Mozilla Foundation	-	Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-5896	2012-09-25 16:59	2007-11-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
731	6.1	MEDIUM Network	pylonsproject	webob	WebOb provides objects for HTTP requests and responses. Prior to 1.8.10, the normalization of the HTTP Location header during a redirect is vulnerable to an open redirect: WebOb joins the redirect ta… New	CWE-601 Open Redirect	CVE-2026-44889	2026-06-27 05:08	2026-06-23	Show	GitHub Exploit DB Packet Storm

732	8.6	HIGH Network	chimurai	http-proxy-middleware	http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, b… New	CWE-20 CWE-187 Improper Input Validation Partial String Comparison	CVE-2026-55602	2026-06-27 05:06	2026-06-23	Show	GitHub Exploit DB Packet Storm

733	7.5	HIGH Network	nltk	nltk	NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Prior to 3.10.0-rc1, nltk.data.l… New	CWE-22 Path Traversal	CVE-2026-54293	2026-06-27 05:06	2026-06-23	Show	GitHub Exploit DB Packet Storm

734	6.1	MEDIUM Network	ibm	engineering_workflow_management	IBM Engineering Workflow Management 7.0.2 through 7.0.2 Interim Fix 035, 7.0.3 through 7.0.3 Interim Fix 017, and 7.1 through 7.1 Interim Fix 004 is vulnerable to HTTP header injection, caused by imp… New	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2024-51454	2026-06-27 05:05	2026-06-23	Show	GitHub Exploit DB Packet Storm

735	5.5	MEDIUM Local	langchain	langchain	LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem paths or expand search patterns do not consistently con… New	CWE-22 CWE-59 Path Traversal Link Following	CVE-2026-55443	2026-06-27 05:05	2026-06-23	Show	GitHub Exploit DB Packet Storm

736	3.6	LOW Local	babel	babel	Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile… New	CWE-22 CWE-200 Path Traversal Information Exposure	CVE-2026-49356	2026-06-27 05:04	2026-06-23	Show	GitHub Exploit DB Packet Storm

737	7.5	HIGH Network	protobufjs_project	protobufjs	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.6.1 and 8.4.1, protobufjs could recurse without a depth limit while converting decoded messages to plain objects or… New	CWE-674 Uncontrolled Recursion	CVE-2026-48712	2026-06-27 05:04	2026-06-23	Show	GitHub Exploit DB Packet Storm

738	5.5	MEDIUM Local	isaacs	tar	node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header's size= record (and other PAX overrides) to the next header entry of any type, including int… New	CWE-436 Interpretation Conflict	CVE-2026-53655	2026-06-27 05:03	2026-06-23	Show	GitHub Exploit DB Packet Storm

739	8.2	HIGH Network	docling	docling	Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions >= 2.82.0, < 2.91.0, if the HTML backend was explicitly con… New	CWE-94 CWE-918 Code Injection Server-Side Request Forgery (SSRF)	CVE-2026-44016	2026-06-27 05:02	2026-06-25	Show	GitHub Exploit DB Packet Storm

740	7.5	HIGH Network	faraday_project	faraday	Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query par… New	CWE-674 Uncontrolled Recursion	CVE-2026-54297	2026-06-27 05:01	2026-06-25	Show	GitHub Exploit DB Packet Storm