Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192011 6.5 警告
Network 		オラクル - Oracle Primavera Products Suite の Primavera P6 Enterprise Project Portfolio Management における Web Access に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10131 2017-08-23 16:56 2017-07-18 Show GitHub Exploit DB Packet Storm
192012 5.4 警告
Network 		オラクル - Oracle Primavera Products Suite の Primavera P6 Enterprise Project Portfolio Management における Web Access に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-10046 2017-08-23 16:55 2017-07-18 Show GitHub Exploit DB Packet Storm
192013 6.5 警告
Network 		オラクル - Oracle Primavera Products Suite の Primavera P6 Enterprise Project Portfolio Management における Web Access に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10038 2017-08-23 16:55 2017-07-18 Show GitHub Exploit DB Packet Storm
192014 2.7
Network 		オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise FSCM における Staffing Front Office に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10254 2017-08-23 16:52 2017-07-18 Show GitHub Exploit DB Packet Storm
192015 6.1 警告
Network 		オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Pivot Grid に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10253 2017-08-23 16:52 2017-07-18 Show GitHub Exploit DB Packet Storm
192016 4.7 警告
Local 		オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Updates Change Assistant に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10252 2017-08-23 16:52 2017-07-18 Show GitHub Exploit DB Packet Storm
192017 4.7 警告
Local 		オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Test Framework に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10251 2017-08-23 16:52 2017-07-18 Show GitHub Exploit DB Packet Storm
192018 4.7 警告
Local 		オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Tuxedo に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10250 2017-08-23 16:52 2017-07-18 Show GitHub Exploit DB Packet Storm
192019 6.1 警告
Network 		オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Integration Broker に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10249 2017-08-23 16:52 2017-07-18 Show GitHub Exploit DB Packet Storm
192020 6.5 警告
Network 		オラクル - Oracle E-Business Suite の Oracle Applications DBA における AD Utilities に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3562 2017-08-23 16:51 2017-07-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2411 7.8 HIGH
Local 		ashlar argon
cobalt
cobalt_share
lithium
xenon 		An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information o… CWE-125
Out-of-bounds Read 		CVE-2025-65088 2026-05-14 23:57 2026-05-13 Show GitHub Exploit DB Packet Storm
2412 8.8 HIGH
Network 		requarks wiki.js Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation o… CWE-269
NVD-CWE-noinfo
 Improper Privilege Management 		CVE-2026-44224 2026-05-14 23:56 2026-05-13 Show GitHub Exploit DB Packet Storm
2413 6.7 MEDIUM
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. CWE-415
 Double Free 		CVE-2026-21530 2026-05-14 23:56 2026-05-13 Show GitHub Exploit DB Packet Storm
2414 7.5 HIGH
Adjacent 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent net… CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2026-32161 2026-05-14 23:54 2026-05-13 Show GitHub Exploit DB Packet Storm
2415 6.7 MEDIUM
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Double free in Windows Rich Text Edit Control allows an authorized attacker to elevate privileges locally. CWE-415
 Double Free 		CVE-2026-32170 2026-05-14 23:52 2026-05-13 Show GitHub Exploit DB Packet Storm
2416 4.4 MEDIUM
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally. CWE-284
Improper Access Control 		CVE-2026-32209 2026-05-14 23:51 2026-05-13 Show GitHub Exploit DB Packet Storm
2417 7.2 HIGH
Network 		wftpserver wing_ftp_server Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code… CWE-94
Code Injection 		CVE-2026-44403 2026-05-14 23:50 2026-05-13 Show GitHub Exploit DB Packet Storm
2418 7.5 HIGH
Network 		phpoffice phpspreadsheet PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes() method… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-40902 2026-05-14 23:50 2026-05-13 Show GitHub Exploit DB Packet Storm
2419 7.5 HIGH
Network 		owasp modsecurity ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception (std::out_of_range) caused … CWE-191
CWE-248
 Integer Underflow (Wrap or Wraparound)
 Uncaught Exception 		CVE-2026-42268 2026-05-14 23:49 2026-05-13 Show GitHub Exploit DB Packet Storm
2420 9.9 CRITICAL
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request Forgery (SSRF) by creating a cluster node pointing to an arbitra… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44015 2026-05-14 23:49 2026-05-13 Show GitHub Exploit DB Packet Storm