Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
631	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows Win32k の特権の昇格の脆弱性	CWE-190 CWE-416	CVE-2026-34333	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

632	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP の特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-34334	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

633	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows DWM Core ライブラリの情報漏えいの脆弱性	CWE-126 バッファオーバーリード	CVE-2026-34336	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

634	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Wind…	Windows Cloud Files Mini Filter ドライバーの特権の昇格の脆弱性	CWE-362 CWE-416	CVE-2026-34337	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

635	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows テレフォニーサービスの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34338	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

636	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows ライトウェイトディレクトリアクセスプロトコル (LDAP) のサービス拒否の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-34339	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

637	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34340	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

638	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows Link-Layer Discovery Protocol (LLDP) の特権昇格の脆弱性	CWE-415 二重解放	CVE-2026-34341	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

639	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows 印刷スプーラーの特権の昇格の脆弱性	CWE-362 競合状態	CVE-2026-34342	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

640	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows アプリケーション ID (AppID) のサブシステムの特権昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-34343	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
891	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/{note_id} endpoint lacks proper authorization checks, allowin…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45666	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

892	8.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Banner component due…	CWE-79 Cross-site Scripting	CVE-2026-45665	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

893	6.3	MEDIUM Network	-	-	A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based …	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-8733	2026-05-19 06:16	2026-05-17	Show	GitHub Exploit DB Packet Storm

894	-		-	-	* Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. * KSU keys using SYMCRYPTO will be impacted by this vulnerability.	CWE-331 Insufficient Entropy	CVE-2025-14972	2026-05-19 05:27	2026-05-16	Show	GitHub Exploit DB Packet Storm

895	8.2	HIGH Network	-	-	A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control fu…	CWE-124 Buffer Underflow	CVE-2026-34253	2026-05-19 05:23	2026-05-16	Show	GitHub Exploit DB Packet Storm

896	7.5	HIGH Network	-	-	An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream._write, lib/smtp-stream.js components	CWE-400 Uncontrolled Resource Consumption	CVE-2026-38728	2026-05-19 05:23	2026-05-16	Show	GitHub Exploit DB Packet Storm

897	4.6	MEDIUM Network	-	-	HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.	CWE-863 Incorrect Authorization	CVE-2026-21789	2026-05-19 05:23	2026-05-19	Show	GitHub Exploit DB Packet Storm

898	8.2	HIGH Local	-	-	Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash.	CWE-346 Origin Validation Error	CVE-2026-46728	2026-05-19 05:23	2026-05-17	Show	GitHub Exploit DB Packet Storm

899	4.6	MEDIUM Local	-	-	Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values without stripping control characters or encoding embedded…	CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences	CVE-2026-47090	2026-05-19 05:19	2026-05-19	Show	GitHub Exploit DB Packet Storm

900	3.3	LOW Local	-	-	Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcript_path value via stdin…	CWE-22 Path Traversal	CVE-2026-47091	2026-05-19 05:19	2026-05-19	Show	GitHub Exploit DB Packet Storm