Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
691	8.1	重要 Network	ThemeMove	EduMall	ThemeMoveのWordPress用EduMallにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-59564	2026-02-2 19:31	2025-10-22	Show	GitHub Exploit DB Packet Storm

692	8.1	重要 Network	ThemeMove	Minimogwp	ThemeMoveのWordPress用MinimogwpにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-60069	2026-02-2 19:31	2025-12-18	Show	GitHub Exploit DB Packet Storm

693	10	緊急 Network	GongRzhe	Terminal Controller for MCP	GongRzheのTerminal Controller for MCPにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2025-61492	2026-02-2 19:31	2026-01-7	Show	GitHub Exploit DB Packet Storm

694	7.5	重要 Network	wpwebelite	Follow My Blog Post	WPWeb EliteのWordPress用Follow My Blog Postにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性	CWE-497 認可されていない制御領域への重要情報の漏えい	CVE-2025-64258	2026-02-2 19:31	2025-12-18	Show	GitHub Exploit DB Packet Storm

695	5.4	警告 Network	Qode Interactive	Bard	Qode InteractiveのWordPress用Bardにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2025-64368	2026-02-2 19:31	2025-10-31	Show	GitHub Exploit DB Packet Storm

696	5.3	警告 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-65090	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

697	10	緊急 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-65091	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

698	6.5	警告 Network	Mega-Fence Project	Mega-Fence	Mega-Fence ProjectのMega-Fenceにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性	CWE-807 セキュリティ決定の信頼できない入力への依存	CVE-2025-65328	2026-02-2 19:31	2026-01-5	Show	GitHub Exploit DB Packet Storm

699	7.5	重要 Network	WebPros International GmbH	Plesk Obsidian	WebPros International GmbHのPlesk Obsidianにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65518	2026-02-2 19:31	2026-01-8	Show	GitHub Exploit DB Packet Storm

700	8.8	重要 Network	Qode Interactive	Powerlift	Qode InteractiveのWordPress用Powerliftにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-66532	2026-02-2 19:31	2025-12-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
283431	-	mephisto	mephisto	Cross-site scripting (XSS) vulnerability in Mephisto 0.7.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter to the search script.	NVD-CWE-Other	CVE-2007-1873	2018-10-17 01:41	2007-04-14	Show	GitHub Exploit DB Packet Storm

283432	-	vmware	workstation	VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping…	NVD-CWE-Other	CVE-2007-1876	2018-10-17 01:41	2007-05-3	Show	GitHub Exploit DB Packet Storm

283433	-	vmware	workstation	VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information.	NVD-CWE-Other	CVE-2007-1877	2018-10-17 01:41	2007-05-3	Show	GitHub Exploit DB Packet Storm

283434	-	parakey_inc.	firebug	Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone re…	NVD-CWE-Other	CVE-2007-1878	2018-10-17 01:41	2007-04-6	Show	GitHub Exploit DB Packet Storm

283435	-	akamai_technologies	download_manager	Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote at…	NVD-CWE-Other	CVE-2007-1891	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283436	-	akamai_technologies	download_manager	Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a…	NVD-CWE-Other	CVE-2007-1892	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283437	-	wordpress	wordpress	Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the …	NVD-CWE-Other	CVE-2007-1894	2018-10-17 01:41	2007-04-10	Show	GitHub Exploit DB Packet Storm

283438	-	jetbox	jetbox_cms	formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.	NVD-CWE-Other	CVE-2007-1898	2018-10-17 01:41	2007-05-17	Show	GitHub Exploit DB Packet Storm

283439	-	sonicbb	sonicbb	SonicBB 1.0 allows remote attackers to obtain sensitive information via the (1) by[] parameter to search.php, (2) p[] parameter to viewforum.php, and the (3) id parameter to (a) viewforum.php or (b) …	NVD-CWE-Other	CVE-2007-1901	2018-10-17 01:41	2007-05-15	Show	GitHub Exploit DB Packet Storm

283440	-	sonicbb	sonicbb	Successful exploitation requires that "magic_quotes_gpc" is disabled.	NVD-CWE-Other	CVE-2007-1901	2018-10-17 01:41	2007-05-15	Show	GitHub Exploit DB Packet Storm