Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202061	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0174	2016-05-13 16:06	2016-05-10	Show	GitHub Exploit DB Packet Storm

202062	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0173	2016-05-13 16:06	2016-05-10	Show	GitHub Exploit DB Packet Storm

202063	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0171	2016-05-13 16:06	2016-05-10	Show	GitHub Exploit DB Packet Storm

202064	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0180	2016-05-13 15:59	2016-05-10	Show	GitHub Exploit DB Packet Storm

202065	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品の Windows Shell における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2016-0179	2016-05-13 15:49	2016-05-10	Show	GitHub Exploit DB Packet Storm

202066	8.8	重要 Network	マイクロソフト	-	複数の Microsoft Windows 製品の RPC NDR Engine における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0178	2016-05-13 15:33	2016-05-10	Show	GitHub Exploit DB Packet Storm

202067	8.8	重要 Network	マイクロソフト	-	複数の Microsoft Windows 製品の Imaging Component における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0195	2016-05-13 15:16	2016-05-10	Show	GitHub Exploit DB Packet Storm

202068	8.8	重要 Network	マイクロソフト	-	複数の Microsoft Windows 製品の GDI における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2016-0184	2016-05-13 15:16	2016-05-10	Show	GitHub Exploit DB Packet Storm

202069	8.8	重要 Network	マイクロソフト	-	複数の Microsoft Windows 製品の GDI における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2016-0170	2016-05-13 15:16	2016-05-10	Show	GitHub Exploit DB Packet Storm

202070	6.5	警告 Network	マイクロソフト	-	複数の Microsoft Windows 製品の GDI における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-0169	2016-05-13 15:16	2016-05-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
871	6.5	MEDIUM Network	-	-	During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference (IDOR) attack. This vulnerability ex… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-5337	2026-05-5 00:23	2026-05-3	Show	GitHub Exploit DB Packet Storm

872	5.3	MEDIUM Network	-	-	The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information. New	CWE-552 Files or Directories Accessible to External Parties	CVE-2026-5335	2026-05-5 00:23	2026-05-4	Show	GitHub Exploit DB Packet Storm

873	4.9	MEDIUM Network	-	-	Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel. This allows a compromised or rogue Velociraptor client to crash the server … New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-6948	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

874	7.5	HIGH Network	-	-	A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and … New	CWE-130 Improper Handling of Length Parameter Inconsistency	CVE-2026-33846	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

875	8.8	HIGH Local	-	-	A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may res… New	CWE-1386 Insecure Operation on Windows Junction / Mount Point	CVE-2025-58074	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

876	8.3	HIGH Network	-	-	A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider (IDP) identity to an existing AAP user account based on emai… New	CWE-305 Authentication Bypass by Primary Weakness	CVE-2026-6266	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

877	6.5	MEDIUM Network	-	-	An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the a… Update	CWE-158 Improper Neutralization of Null Byte or NUL Character	CVE-2026-23863	2026-05-5 00:21	2026-05-2	Show	GitHub Exploit DB Packet Storm

878	4.3	MEDIUM Network	-	-	Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigg… Update	CWE-940 Improper Verification of Source of a Communication Channel	CVE-2026-23866	2026-05-5 00:21	2026-05-2	Show	GitHub Exploit DB Packet Storm

879	10.0	CRITICAL Network	-	-	GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible… New	CWE-787 Out-of-bounds Write	CVE-2026-42369	2026-05-5 00:21	2026-05-4	Show	GitHub Exploit DB Packet Storm

880	7.3	HIGH Network	-	-	A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of the argument DeptIDList causes sql inje… Update	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7670	2026-05-5 00:19	2026-05-3	Show	GitHub Exploit DB Packet Storm