Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203931	5.3	警告 Network	マイクロソフト	-	Microsoft Internet Explorer 10 および 11 におけるファイルのアクセス権を回避される脆弱性	CWE-200 情報漏えい	CVE-2016-0194	2016-05-13 16:41	2016-05-10	Show	GitHub Exploit DB Packet Storm

203932	7.5	重要 Network	マイクロソフト	-	Microsoft Edge の Chakra JavaScript エンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0193	2016-05-13 16:41	2016-05-10	Show	GitHub Exploit DB Packet Storm

203933	7.5	重要 Network	マイクロソフト	-	Microsoft Internet Explorer 9 から 11 および Microsoft Edge における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0192	2016-05-13 16:41	2016-05-10	Show	GitHub Exploit DB Packet Storm

203934	7.5	重要 Network	マイクロソフト	-	Microsoft Edge の Chakra JavaScript エンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0191	2016-05-13 16:41	2016-05-10	Show	GitHub Exploit DB Packet Storm

203935	7.5	重要 Network	マイクロソフト	-	Internet Explorer 9 から 11 などの製品で使用される Microsoft JScript および VBScript エンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0189	2016-05-13 16:41	2016-05-10	Show	GitHub Exploit DB Packet Storm

203936	8.8	重要 Network	マイクロソフト	-	Microsoft Internet Explorer 11 のデバイスガードの UMCI の実装におけるコード署名の保護メカニズムを回避される脆弱性	CWE-Other その他	CVE-2016-0188	2016-05-13 16:41	2016-05-10	Show	GitHub Exploit DB Packet Storm

203937	7.5	重要 Network	マイクロソフト	-	Internet Explorer 9 から 11 などの製品で使用される Microsoft JScript および VBScript エンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0187	2016-05-13 16:41	2016-05-10	Show	GitHub Exploit DB Packet Storm

203938	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバの DirectX グラフィックカーネルサブシステムにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0197	2016-05-13 16:06	2016-05-10	Show	GitHub Exploit DB Packet Storm

203939	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0196	2016-05-13 16:06	2016-05-10	Show	GitHub Exploit DB Packet Storm

203940	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバの DirectX グラフィックカーネルサブシステムにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0176	2016-05-13 16:06	2016-05-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	6.4	MEDIUM Network	-	-	Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account settings page that allows authenticated attackers to inject malicious HTML and JavaScript code. Attackers… New	CWE-79 Cross-site Scripting	CVE-2021-47962	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

312	7.5	HIGH Network	-	-	WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries with duplicated fields… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-47959	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

313	4.3	MEDIUM Network	-	-	CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files. Attackers can upload SVG file… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-47958	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

314	7.5	HIGH Network	signalk	signal_k_server	Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoints (POST /login and POST /signalk/v1/auth/login) are protected by express-… Update	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-41893	2026-05-16 04:14	2026-05-10	Show	GitHub Exploit DB Packet Storm

315	5.3	MEDIUM Network	apache	commons_configuration	Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue … Update	CWE-674 Uncontrolled Recursion	CVE-2026-45205	2026-05-16 03:40	2026-05-14	Show	GitHub Exploit DB Packet Storm

316	7.4	HIGH Network	microsoft	authenticator	Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network. Update	CWE-200 Information Exposure	CVE-2026-41615	2026-05-16 03:39	2026-05-15	Show	GitHub Exploit DB Packet Storm

317	8.8	HIGH Network	microsoft	windows_admin_center	Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network. Update	CWE-284 Improper Access Control	CVE-2026-41086	2026-05-16 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

318	9.1	CRITICAL Network	microsoft	azure_sdk_for_java	Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network. Update	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-33117	2026-05-16 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

319	6.5	MEDIUM Network	grafana	grafana	The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated us… Update	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-28376	2026-05-16 03:37	2026-05-14	Show	GitHub Exploit DB Packet Storm

320	9.9	CRITICAL Network	microsoft	dynamics_365_customer_insights	Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network. Update	CWE-269 Improper Privilege Management	CVE-2026-33821	2026-05-16 03:26	2026-05-13	Show	GitHub Exploit DB Packet Storm