Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
691	8.1	重要 Network	ThemeMove	EduMall	ThemeMoveのWordPress用EduMallにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-59564	2026-02-2 19:31	2025-10-22	Show	GitHub Exploit DB Packet Storm

692	8.1	重要 Network	ThemeMove	Minimogwp	ThemeMoveのWordPress用MinimogwpにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-60069	2026-02-2 19:31	2025-12-18	Show	GitHub Exploit DB Packet Storm

693	10	緊急 Network	GongRzhe	Terminal Controller for MCP	GongRzheのTerminal Controller for MCPにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2025-61492	2026-02-2 19:31	2026-01-7	Show	GitHub Exploit DB Packet Storm

694	7.5	重要 Network	wpwebelite	Follow My Blog Post	WPWeb EliteのWordPress用Follow My Blog Postにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性	CWE-497 認可されていない制御領域への重要情報の漏えい	CVE-2025-64258	2026-02-2 19:31	2025-12-18	Show	GitHub Exploit DB Packet Storm

695	5.4	警告 Network	Qode Interactive	Bard	Qode InteractiveのWordPress用Bardにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2025-64368	2026-02-2 19:31	2025-10-31	Show	GitHub Exploit DB Packet Storm

696	5.3	警告 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-65090	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

697	10	緊急 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-65091	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

698	6.5	警告 Network	Mega-Fence Project	Mega-Fence	Mega-Fence ProjectのMega-Fenceにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性	CWE-807 セキュリティ決定の信頼できない入力への依存	CVE-2025-65328	2026-02-2 19:31	2026-01-5	Show	GitHub Exploit DB Packet Storm

699	7.5	重要 Network	WebPros International GmbH	Plesk Obsidian	WebPros International GmbHのPlesk Obsidianにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65518	2026-02-2 19:31	2026-01-8	Show	GitHub Exploit DB Packet Storm

700	8.8	重要 Network	Qode Interactive	Powerlift	Qode InteractiveのWordPress用Powerliftにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-66532	2026-02-2 19:31	2025-12-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314481	-	ibm	tivoli_storage_manager	Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (…	NVD-CWE-Other	CVE-2002-0541	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314482	-	aprelium_technologies	abyss_web_server	Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (…	NVD-CWE-Other	CVE-2002-0543	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314483	-	aprelium_technologies	abyss_web_server	Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.	NVD-CWE-Other	CVE-2002-0544	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314484	-	cisco	aironet_ap340 aironet_ap350	Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.	NVD-CWE-Other	CVE-2002-0545	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314485	-	nullsoft	winamp	Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.	NVD-CWE-Other	CVE-2002-0546	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314486	-	nullsoft	winamp	Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field o…	NVD-CWE-Other	CVE-2002-0547	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314487	-	anthill	anthill	Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.	NVD-CWE-Other	CVE-2002-0548	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314488	-	anthill	anthill	Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.	NVD-CWE-Other	CVE-2002-0549	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314489	-	gcf	dynamic_guestbook	Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.	NVD-CWE-Other	CVE-2002-0550	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

314490	-	gcf	dynamic_guestbook	Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar.	NVD-CWE-Other	CVE-2002-0551	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm