Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3741	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows ユーザーインターフェイスコアの特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32163	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

3742	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows ユーザーインターフェイスコアの特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32164	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

3743	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows ユーザーインターフェイスコアの特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32165	2026-04-21 10:50	2026-04-14	Show	GitHub Exploit DB Packet Storm

3744	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 22h2 Microsoft Windows 10 21h2 Microsoft Windows&…	接続ユーザーエクスペリエンスとテレメトリサービスのサービス拒否の脆弱性	CWE-269 不適切な権限管理	CVE-2026-32181	2026-04-21 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

3745	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Snipping Tool のリモートでコードが実行される脆弱性	CWE-77 コマンドインジェクション	CVE-2026-32183	2026-04-21 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

3746	7	重要 Local	マイクロソフト	Microsoft Windows 11 26h1	Windows カーネルの特権の昇格の脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-32195	2026-04-21 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

3747	4.3	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows シェルのスプーフィングの脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-32202	2026-04-21 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

3748	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	ユニバーサルプラグアンドプレイ (upnp.dll) の情報漏えいの脆弱性	CWE-269 CWE-59	CVE-2026-32212	2026-04-21 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

3749	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	ユニバーサルプラグアンドプレイ (upnp.dll) の情報漏えいの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-32214	2026-04-21 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

3750	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows カーネルの情報漏えいの脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-32215	2026-04-21 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	7.3	HIGH Network	-	-	YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a a post or reply that is stored server-side and… New	CWE-79 CWE-80 CWE-116 Cross-site Scripting Basic XSS Improper Encoding or Escaping of Output	CVE-2026-43939	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

602	6.5	MEDIUM Network	-	-	requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addr… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42175	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

603	-		-	-	DevGuard provides vulnerability management for the full software supply chain. Prior to 1.2.2, the SessionMiddleware accepts a client-supplied X-Admin-Token HTTP request header and uses its raw strin… New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-42300	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

604	-		-	-	Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affect… New	CWE-288 CWE-306 CWE-841 Authentication Bypass Using an Alternate Path or Channel Missing Authentication for Critical Function Improper Enforcement of Behavioral Workflow	CVE-2026-42303	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

605	4.3	MEDIUM Network	-	-	Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions (which isn't the default) can craft a policy that makes… New	CWE-862 Missing Authorization	CVE-2026-42541	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

606	8.8	HIGH Network	-	-	AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed i… New	CWE-79 CWE-94 CWE-1188 Cross-site Scripting Code Injection Insecure Default Initialization of Resource	CVE-2026-43892	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

607	7.5	HIGH Network	-	-	phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a by… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-44167	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

608	8.2	HIGH Network	-	-	ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address … New	CWE-184 CWE-918 Incomplete Blacklist Server-Side Request Forgery (SSRF)	CVE-2026-43929	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

609	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur… New	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm

610	7.5	HIGH Network	-	-	changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vu… New	CWE-73 External Control of File Name or Path	CVE-2026-43891	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm