Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245221	7.8	危険	common controls replacement project	-	CCRP BrowseDialog Server の ccrpbds6.dll におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1162	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245222	4.3	警告	call-center-software	-	Call Center Software の call_entry.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1161	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245223	7.5	危険	CutePHP	-	CutePHP CuteNews における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-1153	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245224	7.5	危険	delmaa.com	-	arabhost の function.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1146	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245225	5	警告	comscripts	-	J-Web Pics Navigator の jwpn-photos.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-1144	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245226	9.4	危険	barekoncept	-	pheap の edit.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-1140	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245227	10	危険	cromosoft	-	Cromosoft SPP における任意のスクリプトをアップロードされる脆弱性	CWE-94 コード・インジェクション	CVE-2007-1139	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245228	5	警告	cromosoft	-	Cromosoft SPP の list_main_pages.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-1138	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

245229	6.8	警告	efiction	-	eFiction における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1118	2012-06-26 15:46	2007-02-26	Show	GitHub Exploit DB Packet Storm

245230	6.8	警告	activecalendar	-	ActiveCalendar におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1111	2012-06-26 15:46	2007-02-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
201	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Skin/Skin.Php. This issue… New	CWE-200 Information Exposure	CVE-2026-34092	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

202	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2. New	CWE-200 Information Exposure	CVE-2026-34091	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

203	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser: from 1.45.0 before 1.45.2. New	CWE-200 Information Exposure	CVE-2026-34090	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

204	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2. New	CWE-200 Information Exposure	CVE-2026-34088	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

205	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation OATHAuth. This issue affects OATHAuth: from * before 1.43.7, 1.44.4, 1.45.2. New	CWE-200 Information Exposure	CVE-2026-34087	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

206	-		-	-	Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend uses etree.parse() to parse XML files without disabling entity resolution. An attacker can craf… New	-	CVE-2026-31247	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

207	-		-	-	GPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 (2025-09-03) contains a command injection vulnerability (CWE-78) in the Executor.run() method. During project execution, when the system… New	-	CVE-2026-31246	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

208	6.8	MEDIUM Network	-	-	There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission. New	CWE-284 Improper Access Control	CVE-2026-1749	2026-05-12 01:17	2026-05-9	Show	GitHub Exploit DB Packet Storm

209	6.4	MEDIUM Adjacent	-	-	Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations.… New	CWE-284 CWE-863 Improper Access Control Incorrect Authorization	CVE-2025-9973	2026-05-12 01:17	2026-05-11	Show	GitHub Exploit DB Packet Storm

210	-		-	-	docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url. New	-	CVE-2025-65418	2026-05-12 01:17	2026-05-12	Show	GitHub Exploit DB Packet Storm