Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4341	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Speech Brokered API の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32090	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4342	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Microsoft Resilient File System の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32091	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4343	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 10 22h2 Microsoft Windows 10 21h2 Microsoft Windows Server 2025 Microsoft Wind…	デスクトップウィンドウマネージャーの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32155	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4344	7.5	重要 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-32228	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

4345	3.7	低 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける誤った領域へのリソースの漏えいに関する脆弱性	CWE-668 誤った領域へのリソースの漏えい	CVE-2026-32690	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

4346	7.8	重要 Local	Curtis Galloway	libexif	Libexif ProjectのLibexifにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-32775	2026-04-23 10:13	2026-03-16	Show	GitHub Exploit DB Packet Storm

4347	3.1	低 Network	Weblate	Weblate	Weblateにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-33212	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

4348	4.3	警告 Network	Weblate	Weblate	Weblateにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-33214	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

4349	6.8	警告 Network	Weblate	Weblate	Weblateにおける複数の脆弱性	CWE-200 CWE-22	CVE-2026-33220	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

4350	8	重要 Network	Weblate	Weblate	Weblateにおける複数の脆弱性	CWE-23 CWE-434 CWE-94	CVE-2026-33435	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	6.8	MEDIUM Network	-	-	A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference (IDOR) vulnerability in the Authorization Services Protection API endpoint. By knowing or obtai… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-4630	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

272	7.5	HIGH Network	-	-	A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high … New	CWE-1286 Improper Validation of Syntactic Correctness of Input	CVE-2026-7307	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

273	8.1	HIGH Network	-	-	A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentiall… New	CWE-601 Open Redirect	CVE-2026-7504	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

274	7.5	HIGH Network	-	-	A session fixation vulnerability was found in Keycloak's login-actions endpoints. An unauthenticated attacker could exploit this flaw by pre-creating an authentication session and tricking a victim i… New	CWE-290 Authentication Bypass by Spoofing	CVE-2026-7507	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

275	7.1	HIGH Network	-	-	A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clie… New	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-7571	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

276	8.1	HIGH Network	-	-	in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps. New	CWE-364 Signal Handler Race Condition	CVE-2026-24792	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

277	3.3	LOW Local	-	-	in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. New	CWE-476 NULL Pointer Dereference	CVE-2026-25110	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

278	8.4	HIGH Local	-	-	in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered. New	CWE-787 Out-of-bounds Write	CVE-2026-25781	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

279	5.5	MEDIUM Local	-	-	in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak New	CWE-281 Improper Preservation of Permissions	CVE-2026-25850	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm

280	8.8	HIGH Network	-	-	in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps. New	CWE-787 Out-of-bounds Write	CVE-2026-27648	2026-05-19 23:25	2026-05-19	Show	GitHub Exploit DB Packet Storm