Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
861	6.5	警告 Network	8421bit	MiniClaw	8421bitのMiniClawにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-8113	2026-05-18 12:05	2026-05-7	Show	GitHub Exploit DB Packet Storm

862	8.8	重要 Network	sentry	sentry	sentryにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2021-47935	2026-05-18 12:05	2026-05-10	Show	GitHub Exploit DB Packet Storm

863	7.8	重要 Local	ashlar	lithium Cobalt Share cobalt argon xenon	Ashlar-VellumのArgon等の複数製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2025-65086	2026-05-18 12:05	2026-05-12	Show	GitHub Exploit DB Packet Storm

864	7.8	重要 Local	ashlar	lithium Cobalt Share cobalt argon xenon	Ashlar-VellumのArgon等の複数製品における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2025-65087	2026-05-18 12:05	2026-05-12	Show	GitHub Exploit DB Packet Storm

865	7.8	重要 Local	ashlar	lithium Cobalt Share cobalt argon xenon	Ashlar-VellumのArgon等の複数製品における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2025-65088	2026-05-18 12:05	2026-05-12	Show	GitHub Exploit DB Packet Storm

866	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-71296	2026-05-18 12:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

867	7.4	重要 Adjacent	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 22h2 Microsoft Windows 11 25h2 Microsoft Windows Server 2022 Microsoft …	Windows TCP/IP のサービス拒否の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-40413	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

868	7.4	重要 Adjacent	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 22h2 Microsoft Windows 11 25h2 Microsoft Windows Server 2022 Microsoft …	Windows TCP/IP のサービス拒否の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-40414	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

869	8.1	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 22h2 Microsoft Windows 11 25h2 Microsoft Windows Server 2022 Microsoft …	Windows TCP/IP のリモートでコードが実行される脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40415	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

870	4.3	警告 Network	マイクロソフト	Microsoft Word Microsoft 365 Apps Microsoft Office	Microsoft Word の情報漏えいの脆弱性	CWE-73 ファイル名やパス名の外部制御	CVE-2026-40421	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1621	-		-	-	MagicMirror² is an open source modular smart mirror platform. Prior to 2.36.0, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability in the /cors endpoint allows any remote attacker to …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42281	2026-05-15 03:12	2026-05-15	Show	GitHub Exploit DB Packet Storm

1622	7.7	HIGH Local	-	-	DevSpace is a client-only developer tool for cloud-native development with Kubernetes. Prior to 6.3.21, DevSpace's UI server WebSocket accepts connections from all origins by default, and therefore s…	CWE-200 CWE-306 Information Exposure Missing Authentication for Critical Function	CVE-2026-42283	2026-05-15 03:12	2026-05-15	Show	GitHub Exploit DB Packet Storm

1623	9.1	CRITICAL Network	n8n-mcp	n8n-mcp	n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side …	CWE-367 CWE-918 Time-of-check Time-of-use (TOCTOU) Race Condition Server-Side Request Forgery (SSRF)	CVE-2026-44694	2026-05-15 03:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

1624	4.3	MEDIUM Network	n8n-mcp	n8n-mcp	n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.13, when n8n-mcp runs in HTTP transport mode, authenticated MC…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-42282	2026-05-15 03:07	2026-05-9	Show	GitHub Exploit DB Packet Storm

1625	7.5	HIGH Network	russh_project warpgate_project	russh warpgate	Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malici…	CWE-770 CWE-789 Allocation of Resources Without Limits or Throttling Memory Allocation with Excessive Size Value	CVE-2026-42189	2026-05-15 03:07	2026-05-9	Show	GitHub Exploit DB Packet Storm

1626	5.3	MEDIUM Network	n8n-mcp	n8n-mcp	n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.11, when n8n-mcp runs in HTTP transport mode, incoming request…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-41495	2026-05-15 03:06	2026-05-9	Show	GitHub Exploit DB Packet Storm

1627	7.8	HIGH Local	microsoft	windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_server_2025	Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-35420	2026-05-15 03:06	2026-05-13	Show	GitHub Exploit DB Packet Storm

1628	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-35421	2026-05-15 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

1629	6.5	MEDIUM Network	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network.	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-35422	2026-05-15 03:04	2026-05-13	Show	GitHub Exploit DB Packet Storm

1630	6.1	MEDIUM Network	osgeo	mapserver	MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker t…	CWE-80 Basic XSS	CVE-2026-42030	2026-05-15 03:04	2026-05-9	Show	GitHub Exploit DB Packet Storm