Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206011	5	警告	マイクロソフト	-	Microsoft .NET Framework におけるサービス運用妨害 (DoS) の脆弱性	CWE-94 コード・インジェクション	CVE-2016-0033	2016-02-17 11:16	2016-02-9	Show	GitHub Exploit DB Packet Storm

206012	4.3	警告	マイクロソフト	-	Microsoft SharePoint Foundation 2013 の SharePoint Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-0039	2016-02-17 11:10	2016-02-9	Show	GitHub Exploit DB Packet Storm

206013	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品におけるクロスサイトスクリプティングの脆弱性	CWE-119 バッファエラー	CVE-2016-0022	2016-02-17 11:04	2016-02-9	Show	GitHub Exploit DB Packet Storm

206014	7.2	危険	マイクロソフト	-	複数の Microsoft 製品における権限昇格の脆弱性	CWE-Other その他	CVE-2016-0041	2016-02-17 10:57	2016-02-9	Show	GitHub Exploit DB Packet Storm

206015	5	警告	マイクロソフト	-	Microsoft Windows Server 2008 および 2012 のネットワークポリシーサーバーにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-0050	2016-02-17 10:39	2016-02-9	Show	GitHub Exploit DB Packet Storm

206016	5	警告	マイクロソフト	-	Microsoft Windows Server 2012 の Active Directory フェデレーションサービスのフォームベース認証の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-0037	2016-02-17 10:38	2016-02-9	Show	GitHub Exploit DB Packet Storm

206017	4	警告	MySQL AB オラクル	-	MySQL におけるサービス運用妨害 (mysqld のクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2749	2016-02-16 18:08	2012-08-17	Show	GitHub Exploit DB Packet Storm

206018	10	危険	オラクル	-	Oracle Java SE における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3174	2016-02-16 18:07	2013-01-14	Show	GitHub Exploit DB Packet Storm

206019	3.5	注意	MySQL AB オラクル	-	Oracle MySQL における Server Types の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-1548	2016-02-16 17:56	2013-04-16	Show	GitHub Exploit DB Packet Storm

206020	3.5	注意	オラクル	-	Oracle MySQL の MySQL Server における Server Replication の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-3197	2016-02-16 17:56	2012-10-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
641	4.3	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to sanitize team member data when returned via API to users without elevated permissions which allow…	CWE-200 Information Exposure	CVE-2026-3636	2026-05-23 02:21	2026-05-22	Show	GitHub Exploit DB Packet Storm

642	5.3	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to archive the channel before removing persistent notifications which allows authenticated user to c…	CWE-362 Race Condition	CVE-2026-4635	2026-05-23 02:20	2026-05-22	Show	GitHub Exploit DB Packet Storm

643	4.3	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate user-supplied input in API request handlers which allows an authenticated attacker to cr…	CWE-1287 Improper Validation of Specified Type of Input	CVE-2026-4646	2026-05-23 02:20	2026-05-22	Show	GitHub Exploit DB Packet Storm

644	7.5	HIGH Network	mattermost	mattermost_server	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to enforce request body size limits on plugin HTTP endpoints which allows an attacker to cause a den…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-5308	2026-05-23 02:19	2026-05-22	Show	GitHub Exploit DB Packet Storm

645	6.1	MEDIUM Network	-	-	Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo…	-	CVE-2026-27136	2026-05-23 02:16	2026-05-23	Show	GitHub Exploit DB Packet Storm

646	6.5	MEDIUM Network	-	-	Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.	-	CVE-2026-25680	2026-05-23 02:16	2026-05-23	Show	GitHub Exploit DB Packet Storm

647	7.5	HIGH Network	mattermost	mattermost_server	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to properly validate msgpack-encoded WebSocket frames before memory allocation which allows an unaut…	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-5740	2026-05-23 01:53	2026-05-22	Show	GitHub Exploit DB Packet Storm

648	6.5	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.2, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, whic…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-5755	2026-05-23 01:52	2026-05-22	Show	GitHub Exploit DB Packet Storm

649	8.8	HIGH Adjacent	connectwise	automate	The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5.	CWE-494 Download of Code Without Integrity Check	CVE-2026-9089	2026-05-23 01:49	2026-05-22	Show	GitHub Exploit DB Packet Storm

650	-		-	-	In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added …	-	CVE-2026-43491	2026-05-23 01:33	2026-05-19	Show	GitHub Exploit DB Packet Storm