Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245891	4.3	警告	シスコシステムズ	-	Cisco CiscoWorks Server (CS) のログインページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5582	2012-06-26 15:54	2007-12-5	Show	GitHub Exploit DB Packet Storm

245892	4.3	警告	シスコシステムズ	-	Cisco Unified MeetingPlace の mpweb/scripts/mpx.dll におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5581	2012-06-26 15:54	2007-11-7	Show	GitHub Exploit DB Packet Storm

245893	10	危険	シスコシステムズ	-	Windows 上の Cisco Security Agent の特定のドライバにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2007-5580	2012-06-26 15:54	2007-12-5	Show	GitHub Exploit DB Packet Storm

245894	6.8	警告	BEAシステムズ	-	BEA Tuxedo における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-5576	2012-06-26 15:54	2007-10-18	Show	GitHub Exploit DB Packet Storm

245895	6.8	警告	シスコシステムズ	-	Cisco FWSM におけるネットワークトラフィックの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5571	2012-06-26 15:54	2007-10-17	Show	GitHub Exploit DB Packet Storm

245896	7.8	危険	シスコシステムズ	-	Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-5570	2012-06-26 15:54	2007-10-17	Show	GitHub Exploit DB Packet Storm

245897	7.5	危険	galmeta	-	Galmeta Post の _lib/fckeditor/upload_config.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5567	2012-06-26 15:54	2007-10-18	Show	GitHub Exploit DB Packet Storm

245898	7.8	危険	アバイア	-	Avaya VoIP Handset におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-5556	2012-06-26 15:54	2007-10-18	Show	GitHub Exploit DB Packet Storm

245899	9.3	危険	シスコシステムズ	-	Cisco IOS における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2007-5552	2012-06-26 15:54	2007-10-18	Show	GitHub Exploit DB Packet Storm

245900	7.1	危険	シスコシステムズ	-	Cisco IOS における任意のコードを実行される脆弱性	CWE-DesignError	CVE-2007-5551	2012-06-26 15:54	2007-10-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1201	7.3	HIGH Network	mozilla	firefox thunderbird	Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.	CWE-416 Use After Free	CVE-2026-8947	2026-05-20 03:47	2026-05-19	Show	GitHub Exploit DB Packet Storm

1202	9.6	CRITICAL Network	mozilla	firefox thunderbird	Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140…	CWE-416 Use After Free	CVE-2026-8953	2026-05-20 03:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1203	7.5	HIGH Network	mozilla	firefox thunderbird	Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-8954	2026-05-20 03:42	2026-05-19	Show	GitHub Exploit DB Packet Storm

1204	4.3	MEDIUM Network	microsoft	365_apps office office_long_term_servicing_channel word	External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.	CWE-73 External Control of File Name or Path	CVE-2026-40421	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

1205	7.8	HIGH Local	microsoft	office office_long_term_servicing_channel	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-42831	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

1206	5.5	MEDIUM Local	microsoft	excel office office_long_term_servicing_channel word	Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-42832	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

1207	7.5	HIGH Network	h2o	h2o	A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFi…	CWE-200 CWE-284 NVD-CWE-noinfo Information Exposure Improper Access Control	CVE-2026-8750	2026-05-20 03:22	2026-05-17	Show	GitHub Exploit DB Packet Storm

1208	6.5	MEDIUM Network	-	-	Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in t…	CWE-863 Incorrect Authorization	CVE-2026-42883	2026-05-20 03:19	2026-05-12	Show	GitHub Exploit DB Packet Storm

1209	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur…	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-20 03:19	2026-05-13	Show	GitHub Exploit DB Packet Storm

1210	9.8	CRITICAL Network	mozilla	firefox	Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.	CWE-693 Protection Mechanism Failure	CVE-2026-8401	2026-05-20 03:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed