NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	4.0	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak … New	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-53464	2026-06-12 03:43	2026-06-11	Show	GitHub Exploit DB Packet Storm

602	6.2	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it… New	CWE-122 CWE-787 Heap-based Buffer Overflow Out-of-bounds Write	CVE-2026-53465	2026-06-12 03:43	2026-06-11	Show	GitHub Exploit DB Packet Storm

603	5.5	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-24, when using an image with mask the Floyd-Steinberg dithering method it will ca… New	CWE-787 Out-of-bounds Write	CVE-2026-48724	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

604	5.7	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache serv… New	CWE-125 CWE-287 Out-of-bounds Read Improper Authentication	CVE-2026-47166	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

605	4.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate… New	CWE-200 Information Exposure	CVE-2026-47165	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

606	4.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache serv… New	CWE-362 CWE-567 Race Condition Unsynchronized Access to Shared Data in a Multithreaded Context	CVE-2026-46693	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

607	4.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache serv… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-46692	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

608	4.0	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer ov… New	CWE-193 CWE-787 Off-by-one Error Out-of-bounds Write	CVE-2026-46559	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

609	6.2	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation b… New	CWE-674 Uncontrolled Recursion	CVE-2026-46557	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

610	5.5	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of boun… New	CWE-131 CWE-252 CWE-787 CWE-835 Incorrect Calculation of Buffer Size Unchecked Return Value Out-of-bounds Write Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-46521	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

611	6.2	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Version… New	CWE-416 Use After Free	CVE-2026-46523	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

612	7.5	HIGH Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file cou… New	CWE-400 CWE-835 Uncontrolled Resource Consumption Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-46522	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

613	7.5	HIGH Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out … New	CWE-122 CWE-787 Heap-based Buffer Overflow Out-of-bounds Write	CVE-2026-46520	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

614	5.3	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possib… New	CWE-400 CWE-407 CWE-674 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity Uncontrolled Recursion	CVE-2026-45664	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

615	5.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-… New	CWE-125 CWE-129 Out-of-bounds Read Improper Validation of Array Index	CVE-2026-45624	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

616	5.7	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in… New	CWE-125 CWE-129 Out-of-bounds Read Improper Validation of Array Index	CVE-2026-45359	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

617	5.3	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bo… New	CWE-125 CWE-193 Out-of-bounds Read Off-by-one Error	CVE-2026-45358	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

618	6.1	MEDIUM Network	svelte	svelte	Svelte is a performance oriented web framework. Prior to version 5.55.7, when using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML … Update	CWE-79 Cross-site Scripting	CVE-2026-42599	2026-06-12 03:41	2026-06-10	Show	GitHub Exploit DB Packet Storm

619	5.3	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in the PSD decoder it would be possible… New	CWE-400 CWE-770 Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2026-45031	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

620	5.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file a malicious input file could … New	CWE-125 CWE-191 Out-of-bounds Read Integer Underflow (Wrap or Wraparound)	CVE-2026-42326	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

621	5.5	MEDIUM Local	microsoft	windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2025	Out-of-bounds read in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally. Update	CWE-125 Out-of-bounds Read	CVE-2026-45604	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

622	8.4	HIGH Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. Update	CWE-843 Type Confusion	CVE-2026-45456	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

623	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-44824	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

624	5.5	MEDIUM Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. Update	CWE-125 Out-of-bounds Read	CVE-2026-44821	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

625	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2016 windows_server_2019 w…	Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. Update	CWE-416 Use After Free	CVE-2026-45605	2026-06-12 03:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

626	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-44819	2026-06-12 03:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

627	5.5	MEDIUM Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally. Update	CWE-125 Out-of-bounds Read	CVE-2026-45606	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

628	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2021 office_2024	Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Update	CWE-125 Out-of-bounds Read	CVE-2026-45457	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

629	7.8	HIGH Local	microsoft	365_apps excel microsoft_365 office_2019 office_2021 office_2024 office_online_server	Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Update	CWE-843 Type Confusion	CVE-2026-44817	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

630	7.0	HIGH Local	microsoft	365_apps excel microsoft_365 office_2019 office_2021 office_2024 office_online_server	Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Update	CWE-362 Race Condition	CVE-2026-44818	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

631	7.8	HIGH Local	microsoft	365_apps excel microsoft_365 office_2019 office_2021 office_2024 office_online_server	Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Update	CWE-125 Out-of-bounds Read	CVE-2026-44820	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

632	8.2	HIGH Network	microsoft	365_apps excel microsoft_365 office_2019 office_2021 office_2024 office_online_server	Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. Update	CWE-125 Out-of-bounds Read	CVE-2026-44822	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

633	3.3	LOW Local	microsoft	365_apps microsoft_365 office_2021 office_2024	Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally. Update	CWE-693 Protection Mechanism Failure	CVE-2026-45459	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

634	7.8	HIGH Local	microsoft	365_apps excel microsoft_365 office_2019 office_2021 office_2024 office_online_server	Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Update	CWE-122 CWE-191 Heap-based Buffer Overflow Integer Underflow (Wrap or Wraparound)	CVE-2026-45469	2026-06-12 03:37	2026-06-10	Show	GitHub Exploit DB Packet Storm

635	3.3	LOW Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. Update	CWE-125 Out-of-bounds Read	CVE-2026-45485	2026-06-12 03:37	2026-06-10	Show	GitHub Exploit DB Packet Storm

636	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2016 windows_server_2019 w…	Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. Update	CWE-125 Out-of-bounds Read	CVE-2026-45607	2026-06-12 03:37	2026-06-10	Show	GitHub Exploit DB Packet Storm

637	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2021 office_2024	Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Update	CWE-416 Use After Free	CVE-2026-45486	2026-06-12 03:37	2026-06-10	Show	GitHub Exploit DB Packet Storm

638	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2021 office_2024	Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Update	CWE-822 Untrusted Pointer Dereference	CVE-2026-45643	2026-06-12 03:37	2026-06-10	Show	GitHub Exploit DB Packet Storm

639	7.8	HIGH Local	x.org redhat	x_server xwayland enterprise_linux	A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroy… Update	CWE-416 Use After Free	CVE-2026-50260	2026-06-12 03:36	2026-06-5	Show	GitHub Exploit DB Packet Storm

640	8.4	HIGH Local	microsoft	office_2024	Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-47635	2026-06-12 03:36	2026-06-10	Show	GitHub Exploit DB Packet Storm

641	8.1	HIGH Network	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. Update	CWE-843 CWE-416 Type Confusion Use After Free	CVE-2026-45635	2026-06-12 03:36	2026-06-10	Show	GitHub Exploit DB Packet Storm

642	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. Update	CWE-20 CWE-122 Improper Input Validation Heap-based Buffer Overflow	CVE-2026-45636	2026-06-12 03:33	2026-06-10	Show	GitHub Exploit DB Packet Storm

643	6.5	MEDIUM Adjacent	lldpd_project	lldpd	lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift th… Update	CWE-125 Out-of-bounds Read	CVE-2026-46433	2026-06-12 03:29	2026-06-10	Show	GitHub Exploit DB Packet Storm

644	7.8	HIGH Local	microsoft	windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2019 windows_server_2022 windows_server_2025	Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Update	CWE-416 Use After Free	CVE-2026-45637	2026-06-12 03:24	2026-06-10	Show	GitHub Exploit DB Packet Storm

645	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-45638	2026-06-12 03:23	2026-06-10	Show	GitHub Exploit DB Packet Storm

646	8.7	HIGH Network	open-emr	openemr	OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/… Update	CWE-79 CWE-862 Cross-site Scripting Missing Authorization	CVE-2026-46518	2026-06-12 03:23	2026-06-10	Show	GitHub Exploit DB Packet Storm

647	7.0	HIGH Local	microsoft	windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2022 windows_server_2025	Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. Update	CWE-416 Use After Free	CVE-2026-45640	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

648	6.5	MEDIUM Adjacent	espressif	esp-idf	ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser (parse_o… Update	CWE-125 Out-of-bounds Read	CVE-2026-45160	2026-06-12 03:22	2026-06-10	Show	GitHub Exploit DB Packet Storm

649	10.0	CRITICAL Network	-	-	MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_… New	CWE-78 OS Command	CVE-2026-49261	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

650	7.3	HIGH Network	-	-	KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.ru… New	CWE-693 Protection Mechanism Failure	CVE-2026-48546	2026-06-12 03:16	2026-06-12	Show	GitHub Exploit DB Packet Storm