Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2891	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025 Microsoft Windows 11 24h2 Microsoft Wind…	Microsoft Resilient File System の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-26181	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2892	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-26182	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2893	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows Server 2025 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microso…	リモートアクセス管理サービス/API (RPC サーバー) の特権昇格の脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-26183	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2894	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性	CWE-126 バッファオーバーリード	CVE-2026-26184	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2895	4.4	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 22h2 Microsoft Windows 10 21h2 Microsoft Windows&…	Windows Hello のセキュリティ機能のバイパスの脆弱性	CWE-20 不適切な入力確認	CVE-2026-27906	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2896	7.5	重要 Network	FFmpeg	FFmpeg	FFmpegにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-30997	2026-04-27 11:23	2026-04-13	Show	GitHub Exploit DB Packet Storm

2897	7.5	重要 Network	FFmpeg	FFmpeg	FFmpegにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-30998	2026-04-27 11:23	2026-04-13	Show	GitHub Exploit DB Packet Storm

2898	7.5	重要 Network	FFmpeg	FFmpeg	FFmpegにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-30999	2026-04-27 11:23	2026-04-13	Show	GitHub Exploit DB Packet Storm

2899	8.8	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおける複数の脆弱性	CWE-284 CWE-94	CVE-2026-31018	2026-04-27 11:23	2026-04-21	Show	GitHub Exploit DB Packet Storm

2900	8.8	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-31019	2026-04-27 11:22	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1401	6.5	MEDIUM Network	-	-	Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit chara…	CWE-1289 Improper Validation of Unsafe Equivalence in Input	CVE-2026-45190	2026-05-13 01:48	2026-05-11	Show	GitHub Exploit DB Packet Storm

1402	6.5	MEDIUM Network	-	-	Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validatio…	CWE-1289 Improper Validation of Unsafe Equivalence in Input	CVE-2026-45191	2026-05-13 01:48	2026-05-11	Show	GitHub Exploit DB Packet Storm

1403	7.5	HIGH Network	-	-	XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UT…	CWE-125 Out-of-bounds Read	CVE-2026-8177	2026-05-13 01:48	2026-05-11	Show	GitHub Exploit DB Packet Storm

1404	6.5	MEDIUM Network	-	-	WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function…	CWE-338 CWE-340 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Generation of Predictable Numbers or Identifiers	CVE-2026-5084	2026-05-13 01:48	2026-05-11	Show	GitHub Exploit DB Packet Storm

1405	6.5	MEDIUM Network	-	-	HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host t…	CWE-113 HTTP Response Splitting	CVE-2026-7010	2026-05-13 01:48	2026-05-12	Show	GitHub Exploit DB Packet Storm

1406	9.8	CRITICAL Network	-	-	Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection. This iss…	CWE-89 SQL Injection	CVE-2025-6577	2026-05-13 01:47	2026-05-12	Show	GitHub Exploit DB Packet Storm

1407	8.8	HIGH Network	-	-	Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-6001	2026-05-13 01:47	2026-05-12	Show	GitHub Exploit DB Packet Storm

1408	8.8	HIGH Network	-	-	Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation. This issue affect…	CWE-863 Incorrect Authorization	CVE-2026-2465	2026-05-13 01:47	2026-05-12	Show	GitHub Exploit DB Packet Storm

1409	-		-	-	An improper authorization vulnerability in HCL BigFix WebUI allows an authenticated user without Master Operator privileges to access internal data (site names, versions, and configuration variables)…	CWE-863 Incorrect Authorization	CVE-2025-15633	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

1410	-		-	-	A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized…	CWE-862 Missing Authorization	CVE-2025-15634	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm