Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
691	8.1	重要 Network	ThemeMove	EduMall	ThemeMoveのWordPress用EduMallにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-59564	2026-02-2 19:31	2025-10-22	Show	GitHub Exploit DB Packet Storm

692	8.1	重要 Network	ThemeMove	Minimogwp	ThemeMoveのWordPress用MinimogwpにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-60069	2026-02-2 19:31	2025-12-18	Show	GitHub Exploit DB Packet Storm

693	10	緊急 Network	GongRzhe	Terminal Controller for MCP	GongRzheのTerminal Controller for MCPにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2025-61492	2026-02-2 19:31	2026-01-7	Show	GitHub Exploit DB Packet Storm

694	7.5	重要 Network	wpwebelite	Follow My Blog Post	WPWeb EliteのWordPress用Follow My Blog Postにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性	CWE-497 認可されていない制御領域への重要情報の漏えい	CVE-2025-64258	2026-02-2 19:31	2025-12-18	Show	GitHub Exploit DB Packet Storm

695	5.4	警告 Network	Qode Interactive	Bard	Qode InteractiveのWordPress用Bardにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2025-64368	2026-02-2 19:31	2025-10-31	Show	GitHub Exploit DB Packet Storm

696	5.3	警告 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-65090	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

697	10	緊急 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-65091	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

698	6.5	警告 Network	Mega-Fence Project	Mega-Fence	Mega-Fence ProjectのMega-Fenceにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性	CWE-807 セキュリティ決定の信頼できない入力への依存	CVE-2025-65328	2026-02-2 19:31	2026-01-5	Show	GitHub Exploit DB Packet Storm

699	7.5	重要 Network	WebPros International GmbH	Plesk Obsidian	WebPros International GmbHのPlesk Obsidianにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65518	2026-02-2 19:31	2026-01-8	Show	GitHub Exploit DB Packet Storm

700	8.8	重要 Network	Qode Interactive	Powerlift	Qode InteractiveのWordPress用Powerliftにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-66532	2026-02-2 19:31	2025-12-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
283311	-	afflib	afflib	Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls, possibly inv…	NVD-CWE-Other	CVE-2007-2352	2018-10-17 01:43	2007-05-1	Show	GitHub Exploit DB Packet Storm

283312	-	afflib	afflib	The vendor has addressed this issue with the following product update: http://www.afflib.org/downloads/	NVD-CWE-Other	CVE-2007-2352	2018-10-17 01:43	2007-05-1	Show	GitHub Exploit DB Packet Storm

283313	-	progress	webspeed_messenger	Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product inf…	NVD-CWE-Other	CVE-2007-2354	2018-10-17 01:43	2007-05-1	Show	GitHub Exploit DB Packet Storm

283314	-	sinecms	sinecms	Cross-site scripting (XSS) vulnerability in mods/Core/result.php in SineCms 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the stringa parameter.	NVD-CWE-Other	CVE-2007-2357	2018-10-17 01:43	2007-05-1	Show	GitHub Exploit DB Packet Storm

283315	-	wserve_http_server	wserve_http_server	Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) 4.6 allows remote attackers to cause a denial of service (forced application exit) via a long directory name in the URI.	NVD-CWE-Other	CVE-2007-2367	2018-10-17 01:43	2007-05-1	Show	GitHub Exploit DB Packet Storm

283316	-	wf-links	wf-links	SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) 1.03 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter.	NVD-CWE-Other	CVE-2007-2373	2018-10-17 01:43	2007-05-1	Show	GitHub Exploit DB Packet Storm

283317	-	apple	safari	Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attackers to inject arbitrary web script or HTML via a web page that includes a windows.setTimeout functi…	CWE-79 Cross-site Scripting	CVE-2007-2391	2018-10-17 01:43	2007-06-15	Show	GitHub Exploit DB Packet Storm

283318	-	apple	safari	Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and …	NVD-CWE-Other	CVE-2007-2398	2018-10-17 01:43	2007-06-21	Show	GitHub Exploit DB Packet Storm

283319	-	e-annu	e-annu	SQL injection vulnerability in home.php in E-Annu allows remote attackers to execute arbitrary SQL commands via the a parameter.	NVD-CWE-Other	CVE-2007-2416	2018-10-17 01:43	2007-05-1	Show	GitHub Exploit DB Packet Storm

283320	-	cerulean_studios	trillian_pro	Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote atta…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2007-2418	2018-10-17 01:43	2007-05-3	Show	GitHub Exploit DB Packet Storm