Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191431 7 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8561 2017-07-18 16:48 2017-07-11 Show GitHub Exploit DB Packet Storm
191432 6.1 警告
Network 		マイクロソフト - Microsoft Exchange Server 2013 および 2016 における権限を昇格される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-8560 2017-07-18 16:48 2017-07-11 Show GitHub Exploit DB Packet Storm
191433 6.1 警告
Network 		マイクロソフト - Microsoft Exchange Server 2013 および 2016 における権限を昇格される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-8559 2017-07-18 16:48 2017-07-11 Show GitHub Exploit DB Packet Storm
191434 7.5 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品における認証の拡張保護を回避される脆弱性 CWE-287
不適切な認証 		CVE-2017-8495 2017-07-18 16:48 2017-07-11 Show GitHub Exploit DB Packet Storm
191435 4.7 警告
Local 		マイクロソフト - 複数の Microsoft Windows 製品における情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-8486 2017-07-18 16:48 2017-07-11 Show GitHub Exploit DB Packet Storm
191436 8.8 重要
Network 		マイクロソフト - Microsoft SharePoint Enterprise Server 2016 における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8569 2017-07-18 16:39 2017-07-11 Show GitHub Exploit DB Packet Storm
191437 7 重要
Local 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8566 2017-07-18 16:39 2017-07-11 Show GitHub Exploit DB Packet Storm
191438 7.5 重要
Network 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 の Microsoft Edge におけるリモートでコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8619 2017-07-18 16:26 2017-07-11 Show GitHub Exploit DB Packet Storm
191439 9.8 緊急
Network 		マイクロソフト - 複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8589 2017-07-18 16:09 2017-07-11 Show GitHub Exploit DB Packet Storm
191440 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の Windows Explorer におけるサービス運用妨害 (DoS) の脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-8587 2017-07-18 16:09 2017-07-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
541 7.2 HIGH
Network 		- - A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cann… CWE-912
 Hidden Functionality 		CVE-2026-7413 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
542 6.6 MEDIUM
Local 		- - Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 enc… CWE-122
CWE-190
Heap-based Buffer Overflow
 Integer Overflow or Wraparound 		CVE-2026-45130 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
543 3.8 LOW
Network 		- - SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If th… CWE-269
 Improper Privilege Management 		CVE-2026-44987 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
544 - - - Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… CWE-78
OS Command  		CVE-2026-44656 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
545 8.9 HIGH
Network 		- - Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their ow… CWE-79
Cross-site Scripting 		CVE-2026-42556 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
546 9.9 CRITICAL
Network 		- - Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, all Docker container management endpoints in Termix interpolate t… CWE-78
OS Command  		CVE-2026-42454 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
547 8.1 HIGH
Network 		- - Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT (temp_token) for TOTP-enabled… CWE-304
 Missing Critical Step in Authentication 		CVE-2026-42452 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
548 6.3 MEDIUM
Local 		- - Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting (XSS) vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary Java… CWE-79
CWE-80
Cross-site Scripting
Basic XSS 		CVE-2026-42451 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
549 9.1 CRITICAL
Network 		- - Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the SAML SSO implementation of Sentry. The vulne… CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-42354 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
550 8.6 HIGH
Network 		- - pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, OGC API process execution requests can use the subscriber object to reques… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42352 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm