Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 12:07 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1121	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025 Microsoft Windows 11 24h2 Microsoft Wind…	Windows 記憶域スペースコントローラーの特権昇格の脆弱性	CWE-125 境界外読み取り	CVE-2026-32076	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1122	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows UPnP Device Host の特権の昇格の脆弱性	CWE-822 信頼性のないポインタデリファレンス	CVE-2026-32077	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1123	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32078	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1124	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Web アカウントマネージャーの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-32079	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1125	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Windows Server 2016	Windows WalletService の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32080	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1126	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	パッケージカタログの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-32081	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1127	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Simple Search Discovery Protocol (SSDP) サービスの特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32082	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1128	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Simple Search Discovery Protocol (SSDP) サービスの特権昇格の脆弱性	CWE-362 競合状態	CVE-2026-32083	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1129	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows 印刷スプーラーの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-32084	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

1130	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	リモートプロシージャコールの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-32085	2026-04-23 10:14	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
171	6.5	MEDIUM Network	-	-	Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from n/a through 4.3.1. New	CWE-862 Missing Authorization	CVE-2026-42412	2026-04-29 18:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

172	-		-	-	SQL injection (SQLi) in MegaCMS v12.0.0, specifically in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint. The vulnerability arises from inadequate validation and… New	CWE-89 SQL Injection	CVE-2026-3325	2026-04-29 18:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

173	6.1	MEDIUM Network	-	-	The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious Java… New	CWE-79 Cross-site Scripting	CVE-2025-10503	2026-04-29 18:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

174	7.3	HIGH Network	-	-	Missing Authorization vulnerability in Brainstorm Force SureForms Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SureForms Pro: from n/a through 2.8.… New	CWE-862 Missing Authorization	CVE-2026-42377	2026-04-29 17:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

175	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New	-	CVE-2026-40556	2026-04-29 17:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

176	9.6	CRITICAL Network	-	-	Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, and Firefox ESR 140.10.1. New	CWE-120 Classic Buffer Overflow	CVE-2026-7321	2026-04-29 15:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

177	7.1	HIGH Network	-	-	Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privilege… New	CWE-522 Insufficiently Protected Credentials	CVE-2026-35155	2026-04-29 14:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

178	-		-	-	Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application. New	-	CVE-2026-21023	2026-04-29 14:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

179	7.2	HIGH Network	-	-	GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /#recipe=Show_Base64_offsets('%3Cscript substring. New	CWE-79 Cross-site Scripting	CVE-2026-42615	2026-04-29 13:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

180	4.3	MEDIUM Network	-	-	Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged attacker with remote access could potentially exploit this vu… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-23773	2026-04-29 13:16	2026-04-29	Show	GitHub Exploit DB Packet Storm