Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203571 4.7 警告
Network 		CMS Made Simple - CMS Made Simple におけるキャッシュポイズニング攻撃を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-2784 2016-05-30 13:37 2016-03-28 Show GitHub Exploit DB Packet Storm
203572 8.8 重要
Network 		シスコシステムズ - Cisco Prime Infrastructure および Evolved Programmable Network Manager の API Web インターフェースにおける RBAC 制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-1406 2016-05-27 18:25 2016-05-23 Show GitHub Exploit DB Packet Storm
203573 7.5 重要
Network 		シスコシステムズ - Cisco Identity Services Engine の Active Directory 統合コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
CWE-287
CVE-2016-1402 2016-05-27 18:25 2016-05-17 Show GitHub Exploit DB Packet Storm
203574 6.1 警告
Network 		シスコシステムズ - Cisco Unified Computing System Central ソフトウェアの管理インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1401 2016-05-27 18:25 2016-05-17 Show GitHub Exploit DB Packet Storm
203575 7.5 重要
Network 		シスコシステムズ - Cisco TelePresence Video Communications Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1400 2016-05-27 18:25 2016-05-16 Show GitHub Exploit DB Packet Storm
203576 7.5 重要
Network 		シスコシステムズ - Cisco Web セキュリティ アプライアンスデバイス上で稼動する AsyncOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-1383 2016-05-27 18:25 2016-05-18 Show GitHub Exploit DB Packet Storm
203577 7.5 重要
Network 		シスコシステムズ - Cisco Web セキュリティ アプライアンスデバイス上で稼動する AsyncOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1382 2016-05-27 18:25 2016-05-18 Show GitHub Exploit DB Packet Storm
203578 7.5 重要
Network 		シスコシステムズ - Cisco Web セキュリティ アプライアンスデバイス上で稼動する AsyncOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-1381 2016-05-27 18:25 2016-05-18 Show GitHub Exploit DB Packet Storm
203579 7.5 重要
Network 		シスコシステムズ - Cisco Web セキュリティ アプライアンスデバイス上で稼動する AsyncOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1380 2016-05-27 18:25 2016-05-18 Show GitHub Exploit DB Packet Storm
203580 7.5 重要
Network 		The Perl Foundation
Fedora Project		 - Perl の regexec.c の複数の関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8853 2016-05-27 17:47 2015-09-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
951 7.0 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2026-34331 2026-05-15 00:26 2026-05-13 Show GitHub Exploit DB Packet Storm
952 8.0 HIGH
Network 		microsoft windows_server_2025 Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network. CWE-416
 Use After Free 		CVE-2026-34332 2026-05-15 00:25 2026-05-13 Show GitHub Exploit DB Packet Storm
953 7.8 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. CWE-190
CWE-416
 Integer Overflow or Wraparound
 Use After Free 		CVE-2026-34333 2026-05-15 00:25 2026-05-13 Show GitHub Exploit DB Packet Storm
954 7.0 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally. CWE-362
Race Condition 		CVE-2026-34334 2026-05-15 00:23 2026-05-13 Show GitHub Exploit DB Packet Storm
955 8.6 HIGH
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to crash the host Node.js process via a single Promise construct… CWE-248
 Uncaught Exception 		CVE-2026-44001 2026-05-15 00:23 2026-05-14 Show GitHub Exploit DB Packet Storm
956 5.8 MEDIUM
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class (intended as a safe wrapper for V8's native CallSite) blocks getThis() and getFunction() to prevent host ob… CWE-209
Information Exposure Through an Error Message 		CVE-2026-44002 2026-05-15 00:23 2026-05-14 Show GitHub Exploit DB Packet Storm
957 5.8 MEDIUM
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's code transformer has a performance optimization that skips AST analysis when the code does not contain catch, import, or async key… CWE-693
 Protection Mechanism Failure 		CVE-2026-44003 2026-05-15 00:22 2026-05-14 Show GitHub Exploit DB Packet Storm
958 7.5 HIGH
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, sandboxed code can call Buffer.alloc() with an arbitrary size to allocate memory directly on the host heap. Because Buffer.alloc is a sy… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-44004 2026-05-15 00:22 2026-05-14 Show GitHub Exploit DB Packet Storm
959 10.0 CRITICAL
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes. This vulnerability is fixed in 3.11.0. CWE-94
Code Injection 		CVE-2026-44006 2026-05-15 00:19 2026-05-14 Show GitHub Exploit DB Packet Storm
960 9.1 CRITICAL
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require('vm2') regardless of the outer VM's require config… CWE-284
Improper Access Control 		CVE-2026-44007 2026-05-15 00:18 2026-05-14 Show GitHub Exploit DB Packet Storm