NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1	8.1	HIGH Network	microsoft	visual_studio_code	Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. New	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-40376	2026-06-12 03:56	2026-06-10	Show	GitHub Exploit DB Packet Storm

2	5.5	MEDIUM Local	microsoft	windows_server_2019 windows_server_2022 windows_server_2025	Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally. New	CWE-416 CWE-822 Use After Free Untrusted Pointer Dereference	CVE-2026-44805	2026-06-12 03:55	2026-06-10	Show	GitHub Exploit DB Packet Storm

3	8.8	HIGH Network	microsoft	windows_server_2022 windows_server_2025	Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network. New	CWE-121 Stack-based Buffer Overflow	CVE-2026-45648	2026-06-12 03:54	2026-06-10	Show	GitHub Exploit DB Packet Storm

4	7.5	HIGH Network	svelte	svelte	Svelte is a performance oriented web framework. From version 5.51.5 to before version 5.55.7, an internal regex in the Svelte runtime can take exponential time to test in <svelte:element this={tag}><… New	CWE-1333 Inefficient Regular Expression Complexity	CVE-2026-42567	2026-06-12 03:54	2026-06-10	Show	GitHub Exploit DB Packet Storm

5	7.0	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. New	CWE-122 CWE-416 Heap-based Buffer Overflow Use After Free	CVE-2026-45653	2026-06-12 03:54	2026-06-10	Show	GitHub Exploit DB Packet Storm

6	7.5	HIGH Network	svelte	devalue	Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. From version 5.6.3 to before version 5.8.1, devalue.parse could, due to qu… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42570	2026-06-12 03:52	2026-06-10	Show	GitHub Exploit DB Packet Storm

7	7.9	HIGH Local	microsoft	windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2025	Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New	CWE-284 Improper Access Control	CVE-2026-45654	2026-06-12 03:51	2026-06-10	Show	GitHub Exploit DB Packet Storm

8	5.3	MEDIUM Physics	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. New	CWE-693 Protection Mechanism Failure	CVE-2026-45655	2026-06-12 03:48	2026-06-10	Show	GitHub Exploit DB Packet Storm

9	7.0	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. New	CWE-362 CWE-416 Race Condition Use After Free	CVE-2026-45601	2026-06-12 03:47	2026-06-10	Show	GitHub Exploit DB Packet Storm

10	6.1	MEDIUM Network	svelte	svelte	Svelte is a performance oriented web framework. Prior to version 5.55.7, Svelte was vulnerable to DOM clobbering of its internal framework state on elements, potentially leading to XSS attacks. This … New	CWE-79 Cross-site Scripting	CVE-2026-42573	2026-06-12 03:46	2026-06-10	Show	GitHub Exploit DB Packet Storm

11	7.0	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. New	CWE-362 CWE-416 Race Condition Use After Free	CVE-2026-45603	2026-06-12 03:46	2026-06-10	Show	GitHub Exploit DB Packet Storm

12	4.7	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen w… New	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-48733	2026-06-12 03:44	2026-06-11	Show	GitHub Exploit DB Packet Storm

13	5.5	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a m… New	CWE-674 Uncontrolled Recursion	CVE-2026-48734	2026-06-12 03:44	2026-06-11	Show	GitHub Exploit DB Packet Storm

14	5.9	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer … New	CWE-122 Heap-based Buffer Overflow	CVE-2026-48994	2026-06-12 03:44	2026-06-11	Show	GitHub Exploit DB Packet Storm

15	7.5	HIGH Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image wi… New	CWE-20 Improper Input Validation	CVE-2026-49218	2026-06-12 03:44	2026-06-11	Show	GitHub Exploit DB Packet Storm

16	5.5	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, an incorrect parsing of the filename can result in a policy by… New	CWE-22 CWE-78 CWE-200 CWE-863 Path Traversal OS Command Information Exposure Incorrect Authorization	CVE-2026-49219	2026-06-12 03:44	2026-06-11	Show	GitHub Exploit DB Packet Storm

17	7.5	HIGH Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMe… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-53460	2026-06-12 03:44	2026-06-11	Show	GitHub Exploit DB Packet Storm

18	7.5	HIGH Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of … New	CWE-787 Out-of-bounds Write	CVE-2026-53461	2026-06-12 03:44	2026-06-11	Show	GitHub Exploit DB Packet Storm

19	5.9	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can resu… New	CWE-416 Use After Free	CVE-2026-53462	2026-06-12 03:43	2026-06-11	Show	GitHub Exploit DB Packet Storm

20	4.3	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a nu… New	CWE-476 NULL Pointer Dereference	CVE-2026-53463	2026-06-12 03:43	2026-06-11	Show	GitHub Exploit DB Packet Storm

21	4.0	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak … New	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-53464	2026-06-12 03:43	2026-06-11	Show	GitHub Exploit DB Packet Storm

22	6.2	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it… New	CWE-122 CWE-787 Heap-based Buffer Overflow Out-of-bounds Write	CVE-2026-53465	2026-06-12 03:43	2026-06-11	Show	GitHub Exploit DB Packet Storm

23	5.5	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-24, when using an image with mask the Floyd-Steinberg dithering method it will ca… New	CWE-787 Out-of-bounds Write	CVE-2026-48724	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

24	5.7	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache serv… New	CWE-125 CWE-287 Out-of-bounds Read Improper Authentication	CVE-2026-47166	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

25	4.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate… New	CWE-200 Information Exposure	CVE-2026-47165	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

26	4.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache serv… New	CWE-362 CWE-567 Race Condition Unsynchronized Access to Shared Data in a Multithreaded Context	CVE-2026-46693	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

27	4.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache serv… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-46692	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

28	4.0	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer ov… New	CWE-193 CWE-787 Off-by-one Error Out-of-bounds Write	CVE-2026-46559	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

29	6.2	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation b… New	CWE-674 Uncontrolled Recursion	CVE-2026-46557	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

30	5.5	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of boun… New	CWE-131 CWE-252 CWE-787 CWE-835 Incorrect Calculation of Buffer Size Unchecked Return Value Out-of-bounds Write Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-46521	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

31	6.2	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Version… New	CWE-416 Use After Free	CVE-2026-46523	2026-06-12 03:42	2026-06-11	Show	GitHub Exploit DB Packet Storm

32	7.5	HIGH Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file cou… New	CWE-400 CWE-835 Uncontrolled Resource Consumption Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-46522	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

33	7.5	HIGH Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out … New	CWE-122 CWE-787 Heap-based Buffer Overflow Out-of-bounds Write	CVE-2026-46520	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

34	5.3	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possib… New	CWE-400 CWE-407 CWE-674 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity Uncontrolled Recursion	CVE-2026-45664	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

35	5.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-… New	CWE-125 CWE-129 Out-of-bounds Read Improper Validation of Array Index	CVE-2026-45624	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

36	5.7	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in… New	CWE-125 CWE-129 Out-of-bounds Read Improper Validation of Array Index	CVE-2026-45359	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

37	5.3	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bo… New	CWE-125 CWE-193 Out-of-bounds Read Off-by-one Error	CVE-2026-45358	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

38	6.1	MEDIUM Network	svelte	svelte	Svelte is a performance oriented web framework. Prior to version 5.55.7, when using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML … New	CWE-79 Cross-site Scripting	CVE-2026-42599	2026-06-12 03:41	2026-06-10	Show	GitHub Exploit DB Packet Storm

39	5.3	MEDIUM Network	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in the PSD decoder it would be possible… New	CWE-400 CWE-770 Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2026-45031	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

40	5.1	MEDIUM Local	imagemagick	imagemagick	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file a malicious input file could … New	CWE-125 CWE-191 Out-of-bounds Read Integer Underflow (Wrap or Wraparound)	CVE-2026-42326	2026-06-12 03:41	2026-06-11	Show	GitHub Exploit DB Packet Storm

41	5.5	MEDIUM Local	microsoft	windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2025	Out-of-bounds read in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally. New	CWE-125 Out-of-bounds Read	CVE-2026-45604	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

42	8.4	HIGH Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. New	CWE-843 Type Confusion	CVE-2026-45456	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

43	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. New	CWE-122 Heap-based Buffer Overflow	CVE-2026-44824	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

44	5.5	MEDIUM Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. New	CWE-125 Out-of-bounds Read	CVE-2026-44821	2026-06-12 03:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

45	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2016 windows_server_2019 w…	Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. New	CWE-416 Use After Free	CVE-2026-45605	2026-06-12 03:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

46	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2016 office_2019 office_2021 office_2024 sharepoint_server	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. New	CWE-122 Heap-based Buffer Overflow	CVE-2026-44819	2026-06-12 03:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

47	5.5	MEDIUM Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally. New	CWE-125 Out-of-bounds Read	CVE-2026-45606	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

48	7.8	HIGH Local	microsoft	365_apps microsoft_365 office_2021 office_2024	Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. New	CWE-125 Out-of-bounds Read	CVE-2026-45457	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

49	7.8	HIGH Local	microsoft	365_apps excel microsoft_365 office_2019 office_2021 office_2024 office_online_server	Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. New	CWE-843 Type Confusion	CVE-2026-44817	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

50	7.0	HIGH Local	microsoft	365_apps excel microsoft_365 office_2019 office_2021 office_2024 office_online_server	Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. New	CWE-362 Race Condition	CVE-2026-44818	2026-06-12 03:38	2026-06-10	Show	GitHub Exploit DB Packet Storm