Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2331	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Function Discovery Service (fdwsd.dll) の特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32150	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2332	6.5	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows シェルの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-32151	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2333	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Windows 10 22h2 Microsoft Windows&…	Windows Speech Runtime の特権の昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32153	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2334	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows プッシュ通知の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32158	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2335	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows プッシュ通知の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32159	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2336	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows プッシュ通知の特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32160	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2337	8.4	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows COM の特権の昇格の脆弱性	CWE-349 信頼できるデータ受け入れ時の信頼できない無関係なデータの受け入れ	CVE-2026-32162	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2338	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows ユーザーインターフェイスコアの特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32163	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2339	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows ユーザーインターフェイスコアの特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32164	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

2340	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows ユーザーインターフェイスコアの特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32165	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	8.8	HIGH Network	-	-	Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… New	CWE-415 Double Free	CVE-2026-23918	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

862	7.5	HIGH Network	-	-	Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial … Update	CWE-617 Reachable Assertion	CVE-2025-56568	2026-05-5 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

863	7.5	HIGH Network	-	-	An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request Update	CWE-20 CWE-400 Improper Input Validation Uncontrolled Resource Consumption	CVE-2025-46115	2026-05-5 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

864	9.8	CRITICAL Network	cpanel	cpanel whm wp_squared	cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel. Update	CWE-306 Missing Authentication for Critical Function	CVE-2026-41940	2026-05-5 03:09	2026-04-30	Show	GitHub Exploit DB Packet Storm

865	6.5	MEDIUM Network	gnu	glibc	The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing… Update	CWE-126 Buffer Over-read	CVE-2026-6238	2026-05-5 02:57	2026-04-29	Show	GitHub Exploit DB Packet Storm

866	9.6	CRITICAL Network	-	-	Notesnook is a note-taking app focused on user privacy & ease of use. Prior to Notesnook Web/Desktop version 3.3.15 and prior to Notesnook iOS/Android version 3.3.20, a stored XSS vulnerability in th… New	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-42090	2026-05-5 02:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

867	9.8	CRITICAL Network	-	-	vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can es… New	CWE-94 CWE-693 Code Injection Protection Mechanism Failure	CVE-2026-24781	2026-05-5 02:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

868	9.8	CRITICAL Network	-	-	vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and… New	CWE-94 CWE-693 Code Injection Protection Mechanism Failure	CVE-2026-24118	2026-05-5 02:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

869	7.5	HIGH Network	xwiki	cryptpad	CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. Fixed in 2026.2.2. Update	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2025-51846	2026-05-5 01:52	2026-05-1	Show	GitHub Exploit DB Packet Storm

870	8.8	HIGH Network	progress	moveit_automation	Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation. This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before … Update	CWE-20 Improper Input Validation	CVE-2026-5174	2026-05-5 01:47	2026-05-1	Show	GitHub Exploit DB Packet Storm