Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
247201	5	警告	ClamAV	-	ClamAV におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5295	2012-06-26 15:37	2006-10-16	Show	GitHub Exploit DB Packet Storm

247202	7.5	危険	exhibit engine	-	Exhibit Engine の photo_comment.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5292	2012-06-26 15:37	2006-10-16	Show	GitHub Exploit DB Packet Storm

247203	7.5	危険	alex	-	Download-Engine の admin/includes/spaw/spaw_control.class.php におけるにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5291	2012-06-26 15:37	2006-10-16	Show	GitHub Exploit DB Packet Storm

247204	10	危険	シスコシステムズ	-	Cisco 2700 Series Wireless Location Appliances における管理者権限を取得される脆弱性	-	CVE-2006-5288	2012-06-26 15:37	2006-10-12	Show	GitHub Exploit DB Packet Storm

247205	6.8	警告	cuttlefish multimedia ltd.	-	Leicestershire communityPortals における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5280	2012-06-26 15:37	2006-10-13	Show	GitHub Exploit DB Packet Storm

247206	7.5	危険	compteur	-	Compteur の compteur.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5260	2012-06-26 15:37	2006-10-12	Show	GitHub Exploit DB Packet Storm

247207	7.5	危険	compteur	-	Compteur の param_editor.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5259	2012-06-26 15:37	2006-10-12	Show	GitHub Exploit DB Packet Storm

247208	5.1	警告	asbru software	-	Asbru Web Content Management の spell checking コンポーネントにおける任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2006-5258	2012-06-26 15:37	2006-10-12	Show	GitHub Exploit DB Packet Storm

247209	7.5	危険	ciamos	-	Ciamos CMS の modules/forum/include/config.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5257	2012-06-26 15:37	2006-10-12	Show	GitHub Exploit DB Packet Storm

247210	7.5	危険	Claroline Consortium	-	Claroline の claroline/inc/lib/import.lib.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5256	2012-06-26 15:37	2006-10-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1101	6.7	MEDIUM Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.	CWE-415 Double Free	CVE-2026-21530	2026-05-14 23:56	2026-05-13	Show	GitHub Exploit DB Packet Storm

1102	7.5	HIGH Adjacent	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent net…	CWE-362 CWE-416 Race Condition Use After Free	CVE-2026-32161	2026-05-14 23:54	2026-05-13	Show	GitHub Exploit DB Packet Storm

1103	6.7	MEDIUM Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Double free in Windows Rich Text Edit Control allows an authorized attacker to elevate privileges locally.	CWE-415 Double Free	CVE-2026-32170	2026-05-14 23:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

1104	4.4	MEDIUM Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.	CWE-284 Improper Access Control	CVE-2026-32209	2026-05-14 23:51	2026-05-13	Show	GitHub Exploit DB Packet Storm

1105	7.2	HIGH Network	wftpserver	wing_ftp_server	Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code…	CWE-94 Code Injection	CVE-2026-44403	2026-05-14 23:50	2026-05-13	Show	GitHub Exploit DB Packet Storm

1106	7.5	HIGH Network	phpoffice	phpspreadsheet	PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes() method…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-40902	2026-05-14 23:50	2026-05-13	Show	GitHub Exploit DB Packet Storm

1107	7.5	HIGH Network	owasp	modsecurity	ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception (std::out_of_range) caused …	CWE-191 CWE-248 Integer Underflow (Wrap or Wraparound) Uncaught Exception	CVE-2026-42268	2026-05-14 23:49	2026-05-13	Show	GitHub Exploit DB Packet Storm

1108	9.9	CRITICAL Network	nginxui	nginx_ui	Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request Forgery (SSRF) by creating a cluster node pointing to an arbitra…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-44015	2026-05-14 23:49	2026-05-13	Show	GitHub Exploit DB Packet Storm

1109	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.	CWE-284 Improper Access Control	CVE-2026-33834	2026-05-14 23:49	2026-05-13	Show	GitHub Exploit DB Packet Storm

1110	7.8	HIGH Local	microsoft	windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2019 windows_server_2022 windows_server_2022_…	Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-33835	2026-05-14 23:47	2026-05-13	Show	GitHub Exploit DB Packet Storm