Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1051	9.8	緊急 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 11 25h2 Microsoft Windows 11 26h1 Microsoft Windows 11 24h2 Microsoft Wind…	Windows DNS クライアントのリモートでコードが実行される脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-41096	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1052	6.7	警告 Local	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 22h2 Microsoft Windows 11 25h2 Microsoft Windows Server 2022 Microsoft …	セキュアブートのセキュリティ機能のバイパスの脆弱性	CWE-1329 アップデートができないコンポーネントへの依存	CVE-2026-41097	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1053	4.4	警告 Local	マイクロソフト	Microsoft 365 Copilot	Android 用の Microsoft 365 Copilot のスプーフィングの脆弱性	CWE-284 CWE-Other	CVE-2026-41100	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1054	5.5	警告 Local	マイクロソフト	Microsoft Word	Microsoft Edge for Android のスプーフィングの脆弱性	CWE-284 CWE-noinfo	CVE-2026-41101	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1055	5.5	警告 Local	マイクロソフト	Microsoft PowerPoint	Microsoft PowerPoint for Android のスプーフィングの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41102	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1056	7.4	重要 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) の情報漏えいの脆弱性	CWE-610 CWE-73	CVE-2026-41107	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1057	8.8	重要 Network	マイクロソフト	Visual Studio Code	GitHub Copilot と Visual Studio Code セキュリティ機能バイパスの脆弱性	CWE-74 インジェクション	CVE-2026-41109	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1058	7.4	重要 Network	Open Knowledge Foundation	CKAN	Open Knowledge FoundationのCKANにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-41132	2026-05-18 11:31	2026-05-13	Show	GitHub Exploit DB Packet Storm

1059	6.1	警告 Network	Open Knowledge Foundation	CKAN	Open Knowledge FoundationのCKANにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-41255	2026-05-18 11:31	2026-05-13	Show	GitHub Exploit DB Packet Storm

1060	9.8	緊急 Network	Apache Software Foundation	Apache Tomcat	Apache Software FoundationのApache Tomcatにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-41293	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345731	-	matthew_phillips	sticker	The person-to-person secure messaging feature in Sticker before 3.1.0 beta 2 allows remote attackers to post messages to unauthorized private groups by using the group's public encryption key.	NVD-CWE-Other	CVE-2004-2535	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345732	-	matthew_phillips	sticker	This vulnerability is addressed in the following product update: Matthew Phillips, Sticker, 3.1.0 Beta 2	NVD-CWE-Other	CVE-2004-2535	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345733	-	linux	linux_kernel	The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does …	NVD-CWE-Other	CVE-2004-2536	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345734	-	netwin	surgemail	Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug."	NVD-CWE-Other	CVE-2004-2537	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345735	-	nilesh_dosooye	phpcodegenie	Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) …	NVD-CWE-Other	CVE-2004-2538	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345736	-	network_appliance	data_ontap netcache	Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vector…	NVD-CWE-Other	CVE-2004-2539	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345737	-	sun	jdk jre	readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted seri…	NVD-CWE-Other	CVE-2004-2540	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345738	-	dynix	webpac	Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to exe…	NVD-CWE-Other	CVE-2004-2542	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345739	-	securecomputing	sidewinder_g2	Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MI…	NVD-CWE-Other	CVE-2004-2543	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345740	-	securecomputing	sidewinder_g2	Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information.	NVD-CWE-Other	CVE-2004-2544	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed