NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
5351	7.8	HIGH Local	microsoft	office office_long_term_servicing_channel	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-42831	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

5352	5.5	MEDIUM Local	microsoft	excel office office_long_term_servicing_channel word	Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-42832	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

5353	7.5	HIGH Network	h2o	h2o	A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFi…	CWE-200 CWE-284 NVD-CWE-noinfo Information Exposure Improper Access Control	CVE-2026-8750	2026-05-20 03:22	2026-05-17	Show	GitHub Exploit DB Packet Storm

5354	6.5	MEDIUM Network	-	-	Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in t…	CWE-863 Incorrect Authorization	CVE-2026-42883	2026-05-20 03:19	2026-05-12	Show	GitHub Exploit DB Packet Storm

5355	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur…	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-20 03:19	2026-05-13	Show	GitHub Exploit DB Packet Storm

5356	9.8	CRITICAL Network	mozilla	firefox	Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.	CWE-693 Protection Mechanism Failure	CVE-2026-8401	2026-05-20 03:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

5357	5.3	MEDIUM Network	mozilla	firefox	Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.	CWE-20 CWE-79 CWE-119 Improper Input Validation Cross-site Scripting Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-8391	2026-05-20 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

5358	6.5	MEDIUM Network	mozilla	firefox	Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-8388	2026-05-20 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

5359	6.5	MEDIUM Network	-	-	LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before …	CWE-522 Insufficiently Protected Credentials	CVE-2026-8368	2026-05-20 03:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

5360	-	-	-	-	Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution (RCE), potentially allowing code execution on the affected system	CWE-502 Deserialization of Untrusted Data	CVE-2026-6009	2026-05-20 03:16	2026-05-20	Show	GitHub Exploit DB Packet Storm

5361	8.7	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the file extension from the user-suppl…	CWE-79 CWE-434 CWE-646 Cross-site Scripting Unrestricted Upload of File with Dangerous Type Reliance on File Name or Extension of Externally-Supplied File	CVE-2026-45315	2026-05-20 03:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

5362	9.8	CRITICAL Network	-	-	An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based …	CWE-22 CWE-287 Path Traversal Improper Authentication	CVE-2026-36829	2026-05-20 03:16	2026-05-20	Show	GitHub Exploit DB Packet Storm

5363	5.9	MEDIUM Network	-	-	NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the br…	CWE-476 NULL Pointer Dereference	CVE-2026-32134	2026-05-20 03:16	2026-05-20	Show	GitHub Exploit DB Packet Storm

5364	-	-	-	-	In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and S…	-	CVE-2025-61081	2026-05-20 03:16	2026-05-20	Show	GitHub Exploit DB Packet Storm

5365	9.8	CRITICAL Network	-	-	The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025-58-24) contains a critical command injection vulnerability (CWE-78) in its HDFS file operation utilities. The vulnerabi…	CWE-78 OS Command	CVE-2026-31226	2026-05-20 03:14	2026-05-13	Show	GitHub Exploit DB Packet Storm

5366	8.8	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel	Insufficient granularity of access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.	CWE-1220 Insufficient Granularity of Access Control	CVE-2026-35436	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5367	5.5	MEDIUM Local	microsoft	365_apps office office_long_term_servicing_channel word	Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.	CWE-552 Files or Directories Accessible to External Parties	CVE-2026-35440	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5368	8.4	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel	Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.	CWE-416 Use After Free	CVE-2026-40358	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5369	7.8	HIGH Local	microsoft	365_apps excel office office_long_term_servicing_channel office_online_server	Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	CWE-416 Use After Free	CVE-2026-40359	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5370	7.8	HIGH Local	microsoft	365_apps excel office office_long_term_servicing_channel office_online_server	Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.	CWE-125 Out-of-bounds Read	CVE-2026-40360	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5371	8.4	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel word	Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.	CWE-416 Use After Free	CVE-2026-40361	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5372	7.8	HIGH Local	microsoft	365_apps excel office office_long_term_servicing_channel office_online_server	Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-40362	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5373	8.4	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-40363	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5374	8.4	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel word	Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.	CWE-122 CWE-843 CWE-908 Heap-based Buffer Overflow Type Confusion Use of Uninitialized Resource	CVE-2026-40364	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5375	8.4	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel word	Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.	CWE-416 Use After Free	CVE-2026-40366	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5376	8.4	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel sharepoint_server word	Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.	CWE-822 Untrusted Pointer Dereference	CVE-2026-40367	2026-05-20 03:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

5377	6.5	MEDIUM Network	microsoft	power_automate_for_desktop	Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network.	CWE-200 Information Exposure	CVE-2026-40374	2026-05-20 03:04	2026-05-13	Show	GitHub Exploit DB Packet Storm

5378	7.8	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel	Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-40418	2026-05-20 03:04	2026-05-13	Show	GitHub Exploit DB Packet Storm

5379	7.8	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel	Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-40419	2026-05-20 03:04	2026-05-13	Show	GitHub Exploit DB Packet Storm

5380	8.8	HIGH Local	microsoft	365_apps office office_long_term_servicing_channel	Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.	CWE-284 Improper Access Control	CVE-2026-40420	2026-05-20 03:04	2026-05-13	Show	GitHub Exploit DB Packet Storm

5381	5.3	MEDIUM Local	-	-	An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate priv…	CWE-59 Link Following	CVE-2026-34883	2026-05-20 03:04	2026-05-20	Show	GitHub Exploit DB Packet Storm

5382	7.3	HIGH Network	-	-	An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].	CWE-94 Code Injection	CVE-2025-51427	2026-05-20 03:04	2026-05-20	Show	GitHub Exploit DB Packet Storm

5383	7.3	HIGH Network	-	-	An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request.	CWE-22 Path Traversal	CVE-2025-70950	2026-05-20 03:04	2026-05-20	Show	GitHub Exploit DB Packet Storm

5384	-	-	-	-	A command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helper /usr/sbin/pappiw and passes user-controlled parameters …	-	CVE-2026-36827	2026-05-20 03:04	2026-05-20	Show	GitHub Exploit DB Packet Storm

5385	-	-	-	-	A command injection vulnerability exists in the /cgi-bin/tools/ajax_cmd endpoint of Panabit PAP-XM320 up to and including v7.7. The CGI component allows authenticated users to execute arbitrary shell…	-	CVE-2026-36828	2026-05-20 03:04	2026-05-20	Show	GitHub Exploit DB Packet Storm

5386	-	-	-	-	In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. …	CWE-209 Information Exposure Through an Error Message	CVE-2026-5511	2026-05-20 02:59	2026-05-20	Show	GitHub Exploit DB Packet Storm

5387	7.5	HIGH Network	-	-	HestiaCP versions 1.2.0 through 1.9.4 contain an IP spoofing vulnerability that allows unauthenticated remote attackers to bypass authentication security controls by supplying an arbitrary IP address…	CWE-348 Use of Less Trusted Source	CVE-2026-43634	2026-05-20 02:57	2026-05-20	Show	GitHub Exploit DB Packet Storm

5388	7.5	HIGH Network	-	-	Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal metho…	CWE-862 Missing Authorization	CVE-2026-47100	2026-05-20 02:57	2026-05-20	Show	GitHub Exploit DB Packet Storm

5389	9.8	CRITICAL Network	-	-	Tyler Identity Local (TID-L) uses documented, default administrative credentials. Users are not required to change the credentials before deployment. TID-L has not been distributed since December 202…	CWE-1392 Use of Default Credentials	CVE-2026-44159	2026-05-20 02:57	2026-05-20	Show	GitHub Exploit DB Packet Storm

5390	5.8	MEDIUM Network	-	-	Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network tr…	CWE-405 CWE-406 CWE-770 Asymmetric Resource Consumption (Amplification) Insufficient Control of Network Message Volume (Network Amplification) Allocation of Resources Without Limits or Throttling	CVE-2026-45557	2026-05-20 02:57	2026-05-20	Show	GitHub Exploit DB Packet Storm

5391	8.4	HIGH Local	-	-	An improper authentication vulnerability was discovered in the Motorola Factory Test component (com.motorola.motocit). The application contained a reference to a writable file descriptor in external …	-	CVE-2026-5804	2026-05-20 02:57	2026-05-20	Show	GitHub Exploit DB Packet Storm

5392	5.0	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-6333	2026-05-20 02:51	2026-05-18	Show	GitHub Exploit DB Packet Storm

5393	4.8	MEDIUM Network	nozominetworks	cmc guardian	A Stored HTML Injection vulnerability was discovered in the Credentials Manager functionality due to improper validation of an input parameter. An authenticated user with administrative privileges ca…	CWE-79 Cross-site Scripting	CVE-2025-40901	2026-05-20 02:47	2026-05-19	Show	GitHub Exploit DB Packet Storm

5394	9.8	CRITICAL Network	h2o	h2o	A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a…	CWE-20 CWE-502 Improper Input Validation Deserialization of Untrusted Data	CVE-2026-8751	2026-05-20 02:46	2026-05-17	Show	GitHub Exploit DB Packet Storm

5395	4.8	MEDIUM Network	nozominetworks	cmc guardian	A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can create a mal…	CWE-79 Cross-site Scripting	CVE-2025-40902	2026-05-20 02:44	2026-05-19	Show	GitHub Exploit DB Packet Storm

5396	4.8	MEDIUM Network	nozominetworks	cmc guardian	A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileg…	CWE-79 Cross-site Scripting	CVE-2025-40903	2026-05-20 02:44	2026-05-19	Show	GitHub Exploit DB Packet Storm

5397	5.3	MEDIUM Network	h2o	h2o	A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the compon…	CWE-266 CWE-284 NVD-CWE-noinfo Incorrect Privilege Assignment Improper Access Control	CVE-2026-8752	2026-05-20 02:44	2026-05-17	Show	GitHub Exploit DB Packet Storm

5398	5.4	MEDIUM Network	nozominetworks	cmc guardian	A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malici…	CWE-79 Cross-site Scripting	CVE-2025-40904	2026-05-20 02:41	2026-05-19	Show	GitHub Exploit DB Packet Storm

5399	4.8	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit…	CWE-79 Cross-site Scripting	CVE-2026-3495	2026-05-20 02:37	2026-05-18	Show	GitHub Exploit DB Packet Storm

5400	4.3	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to check the create_post channel permission during post edit operations which allows an authenticated attacker with re…	CWE-862 Missing Authorization	CVE-2026-3637	2026-05-20 02:34	2026-05-18	Show	GitHub Exploit DB Packet Storm