Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5141	6.5	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Microsoft Local Security Authority Subsystem Service の情報漏えいの脆弱性	CWE-126 バッファオーバーリード	CVE-2026-26155	2026-04-27 10:52	2026-04-14	Show	GitHub Exploit DB Packet Storm

5142	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Hyper-V のリモートでコードが実行される脆弱性	CWE-122 CWE-125 CWE-20	CVE-2026-26156	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5143	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	リモートデスクトップライセンスサービスの特権昇格の脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-26159	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5144	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	リモートデスクトップライセンスサービスの特権昇格の脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-26160	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5145	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows Sensor Data Service の特権昇格の脆弱性	CWE-20 CWE-822	CVE-2026-26161	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5146	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows OLE の特権の昇格の脆弱性	CWE-843 型の取り違え	CVE-2026-26162	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5147	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows カーネルの特権の昇格の脆弱性	CWE-415 二重解放	CVE-2026-26163	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5148	7	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025 Microsoft Windows 11 24h2 Microsoft Wind…	Windows シェルの特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-26165	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5149	7	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025 Microsoft Windows 11 24h2 Microsoft Wind…	Windows シェルの特権の昇格の脆弱性	CWE-415 二重解放	CVE-2026-26166	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

5150	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows プッシュ通知の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-26167	2026-04-27 10:51	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347651	-	citypost	simple_image_editor	Cross-site scripting (XSS) vulnerability in image-editor-52/index.php in CityPost Simple Image-Editor 0.52 allows remote attackers to inject arbitrary web script or HTML via the (1) m1, (2) m2, (3) m…	NVD-CWE-Other	CVE-2005-4672	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347652	-	complete_php_counter	complete_php_counter	Multiple SQL injection vulnerabilities in list.php in Complete PHP Counter allow remote attackers to execute arbitrary SQL commands via the (1) c or (2) s parameter.	NVD-CWE-Other	CVE-2005-4674	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347653	-	complete_php_counter	complete_php_counter	Cross-site scripting (XSS) vulnerability in list.php in Complete PHP Counter allows remote attackers to inject arbitrary web script or HTML via the c parameter.	NVD-CWE-Other	CVE-2005-4675	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347654	-	andreas_huggel	exiv2	Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null terminate strings before calling the sscanf function, which allows remote attackers to cause a denial of service (application crash) v…	NVD-CWE-Other	CVE-2005-4676	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347655	-	audienceview	audienceview	Cross-site scripting (XSS) vulnerability in error.asp in AudienceView allows remote attackers to inject arbitrary web script or HTML via the TSerrorMessage parameter. NOTE: the provenance of this in…	NVD-CWE-Other	CVE-2005-4682	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347656	-	padl_software	migrationtools	PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are n…	NVD-CWE-Other	CVE-2005-4683	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347657	-	kde	konqueror	Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a host…	NVD-CWE-Other	CVE-2005-4684	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347658	-	mozilla	firefox mozilla	Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie …	NVD-CWE-Other	CVE-2005-4685	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347659	-	-	-	Unspecified vulnerability in the www_add method in Asset.pm in Plain Black WebGUI 6.3.0 and other versions before 6.7.6 allows attackers to execute arbitrary code via unknown attack vectors.	NVD-CWE-Other	CVE-2005-4694	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm

347660	-	microsoft	windows_xp	The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API …	NVD-CWE-Other	CVE-2005-4697	2017-07-20 10:29	2005-12-31	Show	GitHub Exploit DB Packet Storm