Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4741	8.8	重要 Network	infiniflow	ragflow	infiniflowのragflowにおける複数の脆弱性	CWE-1336 CWE-20 CWE-78 CWE-94	CVE-2026-28797	2026-04-24 11:31	2026-04-3	Show	GitHub Exploit DB Packet Storm

4742	7.1	重要 Network	Daylight Studio	FUEL CMS	Daylight StudioのFUEL CMSにおけるパスワード管理機能に関する脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2026-30459	2026-04-24 11:31	2026-04-16	Show	GitHub Exploit DB Packet Storm

4743	9.8	緊急 Network	TOTOLINK	a3300r ファームウェア	TOTOLINKのa3300r ファームウェアにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-31170	2026-04-24 11:31	2026-04-9	Show	GitHub Exploit DB Packet Storm

4744	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Simple Search Discovery Protocol (SSDP) サービスの特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32068	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4745	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性	CWE-415 二重解放	CVE-2026-32069	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4746	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows 共通ログファイルシステムドライバーの特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32070	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4747	7.5	重要 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows ローカルセキュリティ機関サブシステムサービス (LSASS) のサービス拒否の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-32071	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4748	6.2	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Active Directory のなりすましの脆弱性	CWE-287 不適切な認証	CVE-2026-32072	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4749	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32073	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4750	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性	CWE-415 二重解放	CVE-2026-32074	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	8.1	HIGH Network	-	-	The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including tho… New	CWE-863 Incorrect Authorization	CVE-2026-8046	2026-05-26 17:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

272	7.8	HIGH Local	-	-	The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU r… New	CWE-276 Incorrect Default Permissions	CVE-2026-44469	2026-05-26 17:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

273	7.8	HIGH Local	-	-	The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the comp… New	CWE-276 Incorrect Default Permissions	CVE-2026-44468	2026-05-26 17:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

274	5.3	MEDIUM Network	-	-	Missing Authorization vulnerability in TeconceTheme Mayosis Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mayosis Core: from n/a through 5.4.7. New	CWE-862 Missing Authorization	CVE-2026-39655	2026-05-26 17:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

275	4.6	MEDIUM Physics	-	-	Missing password field masking vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules), Hitachi Ops Center Analyzer viewpoint… New	CWE-549 Missing Password Field Masking	CVE-2026-3314	2026-05-26 16:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

276	3.3	LOW Local	-	-	A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match_BLOCK_HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulati… New	CWE-404 CWE-476 Improper Resource Shutdown or Release NULL Pointer Dereference	CVE-2026-9529	2026-05-26 14:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

277	7.3	HIGH Network	-	-	A vulnerability was identified in itsourcecode Electronic Judging System 1.0. Impacted is an unknown function of the file /admin/delete_judge.php. Such manipulation of the argument judge_id leads to … New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-9528	2026-05-26 14:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

278	4.3	MEDIUM Network	-	-	A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes … New	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-9527	2026-05-26 14:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

279	7.3	HIGH Network	-	-	A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects unknown code of the file /admin/edit_team.php. The manipulation of the argument num_id results in s… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-9526	2026-05-26 14:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

280	-		-	-	Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. _read_tar() reads each entry's payload with $handle->read($$data, $block), … New	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-9538	2026-05-26 13:16	2026-05-26	Show	GitHub Exploit DB Packet Storm