Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4111	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	リモートプロシージャコールの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-32085	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

4112	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Function Discovery Service (fdwsd.dll) の特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32086	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4113	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Function Discovery Service (fdwsd.dll) の特権昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-32087	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4114	5.7	警告 Physics	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows 生体認証サービスのセキュリティ機能のバイパスの脆弱性	CWE-362 競合状態	CVE-2026-32088	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4115	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Speech Brokered API の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32089	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4116	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Speech Brokered API の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32090	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4117	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Microsoft Resilient File System の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32091	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4118	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 10 22h2 Microsoft Windows 10 21h2 Microsoft Windows Server 2025 Microsoft Wind…	デスクトップウィンドウマネージャーの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32155	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4119	7.5	重要 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-32228	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

4120	3.7	低 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける誤った領域へのリソースの漏えいに関する脆弱性	CWE-668 誤った領域へのリソースの漏えい	CVE-2026-32690	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
541	4.3	MEDIUM Network	-	-	Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium se…	CWE-693 Protection Mechanism Failure	CVE-2026-8563	2026-05-16 01:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

542	4.3	MEDIUM Network	-	-	Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a …	CWE-20 Improper Input Validation	CVE-2026-8528	2026-05-16 01:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

543	7.5	HIGH Network	-	-	An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream._write, lib/smtp-stream.js components	CWE-400 Uncontrolled Resource Consumption	CVE-2026-38728	2026-05-16 01:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

544	8.2	HIGH Network	-	-	A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control fu…	CWE-124 Buffer Underflow	CVE-2026-34253	2026-05-16 01:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

545	-		-	-	An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive…	CWE-862 Missing Authorization	CVE-2026-2031	2026-05-16 01:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

546	6.5	MEDIUM Network	opnsense	opnsense	OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, a logic flaw in the OPNsense lockout_handler allows an unauthenticated attacker to continuously reset the authentication fa…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-44195	2026-05-16 01:06	2026-05-14	Show	GitHub Exploit DB Packet Storm

547	9.8	CRITICAL Network	apache	tomcat	Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0…	CWE-20 Improper Input Validation	CVE-2026-41293	2026-05-16 00:57	2026-05-13	Show	GitHub Exploit DB Packet Storm

548	9.8	CRITICAL Network	apache	tomcat	DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, fr…	CWE-592 DEPRECATED: Authentication Bypass Issues	CVE-2026-43512	2026-05-16 00:54	2026-05-13	Show	GitHub Exploit DB Packet Storm

549	7.5	HIGH Network	espressif	arduino-esp32	arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer Digest authentication implementation in arduino-esp…	CWE-287 NVD-CWE-noinfo Improper Authentication	CVE-2026-42855	2026-05-16 00:54	2026-05-13	Show	GitHub Exploit DB Packet Storm

550	7.5	HIGH Network	apache	tomcat	Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 …	CWE-178 Improper Handling of Case Sensitivity	CVE-2026-43513	2026-05-16 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm