Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194091 5.5 警告
Local 		マイクロソフト - 複数の Microsoft Windows 製品における読み取り専用または認証を要求する変数を設定される脆弱性 CWE-254
セキュリティ機能 		CVE-2017-8493 2017-06-27 14:33 2017-06-13 Show GitHub Exploit DB Packet Storm
194092 7.3 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Windows PDF における情報を公開される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8460 2017-06-27 14:32 2017-06-13 Show GitHub Exploit DB Packet Storm
194093 5.5 警告
Local 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 における C:\Users\DEFAULT フォルダ構造を変更される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-0295 2017-06-27 14:32 2017-06-13 Show GitHub Exploit DB Packet Storm
194094 7.5 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品のブラウザにおける現在のユーザのコンテキストで任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8524 2017-06-27 14:13 2017-06-13 Show GitHub Exploit DB Packet Storm
194095 7.5 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品のブラウザにおける現在のユーザのコンテキストで任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8522 2017-06-27 14:13 2017-06-13 Show GitHub Exploit DB Packet Storm
194096 7.5 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品の Internet Explorer における現在のユーザのコンテキストで任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8519 2017-06-27 14:13 2017-06-13 Show GitHub Exploit DB Packet Storm
194097 8.8 重要
Network 		マイクロソフト - 複数の Microsoft Windows および Office 製品の Uniscribe におけるリモートでコードが実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8528 2017-06-27 13:40 2017-06-13 Show GitHub Exploit DB Packet Storm
194098 8.8 重要
Network 		マイクロソフト - 複数の Microsoft 製品の Windows Graphics におけるリモートでコードが実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8527 2017-06-27 13:40 2017-06-13 Show GitHub Exploit DB Packet Storm
194099 5.5 警告
Local 		マイクロソフト - 複数の Microsoft Outlook 製品におけるセキュリティ機能を回避される脆弱性 CWE-254
セキュリティ機能 		CVE-2017-8508 2017-06-27 13:40 2017-06-13 Show GitHub Exploit DB Packet Storm
194100 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Outlook 製品におけるリモートでコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8507 2017-06-27 13:40 2017-06-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2081 7.2 HIGH
Network 		- - FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system fails to properly validate the … CWE-20
CWE-434
 Improper Input Validation 
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-27891 2026-05-20 00:16 2026-05-19 Show GitHub Exploit DB Packet Storm
2082 9.1 CRITICAL
Network 		- - Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request. CWE-284
Improper Access Control 		CVE-2023-24215 2026-05-20 00:16 2026-05-19 Show GitHub Exploit DB Packet Storm
2083 5.5 MEDIUM
Local 		freedesktop gst-plugins-good An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate atom data before per… CWE-369
 Divide By Zero 		CVE-2026-46469 2026-05-20 00:15 2026-05-15 Show GitHub Exploit DB Packet Storm
2084 7.8 HIGH
Local 		vercel turborepo_language_server_protocol Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-contr… CWE-77
Command Injection 		CVE-2026-46508 2026-05-20 00:12 2026-05-16 Show GitHub Exploit DB Packet Storm
2085 6.1 MEDIUM
Network 		microsoft edge_chromium Microsoft Edge (Chromium-based) Spoofing Vulnerability CWE-79
Cross-site Scripting 		CVE-2026-45494 2026-05-20 00:06 2026-05-19 Show GitHub Exploit DB Packet Storm
2086 - - - FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup co… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-26978 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
2087 6.5 MEDIUM
Network 		- - BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.19, the recording playback (presentation format) was not sanitizing user's input in public chat. This allowed for a malicio… CWE-79
Cross-site Scripting 		CVE-2026-27737 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
2088 - - - Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "add_profile_threshold" permission to create a global … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-33052 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
2089 7.5 HIGH
Network 		- - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of… CWE-400
CWE-459
CWE-770
 Uncontrolled Resource Consumption
 Incomplete Cleanup
 Allocation of Resources Without Limits or Throttling 		CVE-2026-33232 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
2090 8.2 HIGH
Local 		- - Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows o… CWE-24
 Path Traversal: '../filedir' 		CVE-2026-22810 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm