Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
246061	6.8	警告	eqdkp	-	EQDKP Plus における詳細不明な脆弱性	-	CVE-2007-4176	2012-06-26 15:54	2007-08-7	Show	GitHub Exploit DB Packet Storm

246062	7.5	危険	AuraCMS	-	auraCMS の Forum Module の komentar.php における SQL インジェクションの脆弱性	-	CVE-2007-4171	2012-06-26 15:54	2007-08-7	Show	GitHub Exploit DB Packet Storm

246063	10	危険	al-athkar	-	AL-Athkar における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-4170	2012-06-26 15:54	2007-08-7	Show	GitHub Exploit DB Packet Storm

246064	7.5	危険	al-caricatier	-	AL-Caricatier の cat_viewed.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-4167	2012-06-26 15:54	2007-08-7	Show	GitHub Exploit DB Packet Storm

246065	9.3	危険	DELL EMC (旧 EMC Corporation)	-	EMC VMware の vielib.dll の特定の ActiveX コントロールにおける絶対パストラバーサルの脆弱性	-	CVE-2007-4155	2012-06-26 15:54	2007-08-3	Show	GitHub Exploit DB Packet Storm

246066	4.3	警告	bluesky	-	v2.ocx の BlueSkychat ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-4145	2012-06-26 15:54	2007-08-3	Show	GitHub Exploit DB Packet Storm

246067	7.5	危険	firestorm technologies	-	Joomla! の gmaps コンポーネントにおける SQL インジェクションの脆弱性	-	CVE-2007-4128	2012-06-26 15:54	2007-08-1	Show	GitHub Exploit DB Packet Storm

246068	10	危険	e-commerce solutions	-	E-Commerce Scripts Shopping Cart Script の admin.aspx における SQL インジェクションの脆弱性	-	CVE-2007-4121	2012-06-26 15:54	2007-08-1	Show	GitHub Exploit DB Packet Storm

246069	7.5	危険	berthanas ziyaretci	-	Berthanas Ziyaretci Defteri 2.0 の yonetici.asp における SQL インジェクションの脆弱性	-	CVE-2007-4119	2012-06-26 15:54	2007-08-1	Show	GitHub Exploit DB Packet Storm

246070	3.5	注意	awbs	-	AWBS における他の専用サーバの設定データを取得される脆弱性	-	CVE-2007-4113	2012-06-26 15:54	2007-07-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
711	6.1	MEDIUM Network	-	-	Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting (XSS) via the annotated formatter due to improper sanitization of JSON values and property names. If an appli… Update	CWE-79 Cross-site Scripting	CVE-2026-8656	2026-05-20 00:38	2026-05-16	Show	GitHub Exploit DB Packet Storm

712	8.2	HIGH Network	-	-	Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform pro… Update	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-8657	2026-05-20 00:38	2026-05-16	Show	GitHub Exploit DB Packet Storm

713	7.5	HIGH Network	-	-	This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing,… New	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2026-8813	2026-05-20 00:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

714	5.3	MEDIUM Network	-	-	Versions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data (Data Amplification) due to decompressing PNG zTXt metadata without enforcing a built-in… New	CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)	CVE-2026-8814	2026-05-20 00:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

715	9.8	CRITICAL Network	microsoft	edge_chromium	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Update	CWE-20 CWE-94 CWE-119 Improper Input Validation Code Injection Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-45495	2026-05-20 00:35	2026-05-19	Show	GitHub Exploit DB Packet Storm

716	7.3	HIGH Network	apache	ofbiz	Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz via Content component operations. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.0… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-29226	2026-05-20 00:29	2026-05-19	Show	GitHub Exploit DB Packet Storm

717	6.5	MEDIUM Network	apache	ofbiz	Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. New	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-31378	2026-05-20 00:29	2026-05-19	Show	GitHub Exploit DB Packet Storm

718	6.1	MEDIUM Network	apache	ofbiz	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of… New	CWE-22 CWE-79 CWE-94 Path Traversal Cross-site Scripting Code Injection	CVE-2026-31379	2026-05-20 00:27	2026-05-19	Show	GitHub Exploit DB Packet Storm

719	6.5	MEDIUM Network	vercel	ai	A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/respons… Update	CWE-400 CWE-404 Uncontrolled Resource Consumption Improper Resource Shutdown or Release	CVE-2026-8769	2026-05-20 00:27	2026-05-18	Show	GitHub Exploit DB Packet Storm

720	7.3	HIGH Network	vercel	ai	A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils.… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-8768	2026-05-20 00:24	2026-05-18	Show	GitHub Exploit DB Packet Storm