Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4881	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Speech Brokered API の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32090	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4882	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Microsoft Resilient File System の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32091	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4883	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 10 22h2 Microsoft Windows 10 21h2 Microsoft Windows Server 2025 Microsoft Wind…	デスクトップウィンドウマネージャーの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32155	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

4884	7.5	重要 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-32228	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

4885	3.7	低 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける誤った領域へのリソースの漏えいに関する脆弱性	CWE-668 誤った領域へのリソースの漏えい	CVE-2026-32690	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

4886	7.8	重要 Local	Curtis Galloway	libexif	Libexif ProjectのLibexifにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-32775	2026-04-23 10:13	2026-03-16	Show	GitHub Exploit DB Packet Storm

4887	3.1	低 Network	Weblate	Weblate	Weblateにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-33212	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

4888	4.3	警告 Network	Weblate	Weblate	Weblateにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-33214	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

4889	6.8	警告 Network	Weblate	Weblate	Weblateにおける複数の脆弱性	CWE-200 CWE-22	CVE-2026-33220	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

4890	8	重要 Network	Weblate	Weblate	Weblateにおける複数の脆弱性	CWE-23 CWE-434 CWE-94	CVE-2026-33435	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
101	7.3	HIGH Network	-	-	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbi… New	CWE-306 CWE-862 Missing Authentication for Critical Function Missing Authorization	CVE-2026-44320	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

102	7.5	HIGH Network	-	-	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNo… New	CWE-20 CWE-617 CWE-755 Improper Input Validation Reachable Assertion Improper Handling of Exceptional Conditions	CVE-2026-44319	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

103	6.5	MEDIUM Network	-	-	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose as… New	CWE-476 CWE-754 NULL Pointer Dereference Improper Check for Unusual or Exceptional Conditions	CVE-2026-44317	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

104	7.5	HIGH Network	-	-	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler (HandleCreateSmPolicyRequest) panics with a nil-pointe… New	CWE-476 CWE-754 NULL Pointer Dereference Improper Check for Unusual or Exceptional Conditions	CVE-2026-44316	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

105	6.5	MEDIUM Network	-	-	The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sendi… New	CWE-295 Improper Certificate Validation	CVE-2026-44213	2026-05-28 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

106	-		-	-	Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verific… New	CWE-295 CWE-297 Improper Certificate Validation Improper Validation of Certificate with Host Mismatch	CVE-2026-42790	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

107	-		-	-	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Da… New	CWE-20 CWE-209 Improper Input Validation Information Exposure Through an Error Message	CVE-2026-42459	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

108	-		-	-	Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's is_local_url() function causes it to incorrectly classify remote URLs as trusted loca… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42184	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

109	8.2	HIGH Network	-	-	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF Npcf_SMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and dis… New	CWE-862 Missing Authorization	CVE-2026-42083	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

110	3.7	LOW Adjacent	-	-	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not enforce the concurrent security procedure rules defined in 3GPP TS 33.501 §6.9.5.1. The AM… New	CWE-358 Improperly Implemented Security Check for Standard	CVE-2026-42082	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm