Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1461	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-35416	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1462	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Wind…	Windows Win32k の特権の昇格の脆弱性	CWE-843 型の取り違え	CVE-2026-35417	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1463	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Wind…	Windows Cloud Files Mini Filter ドライバーの特権の昇格の脆弱性	CWE-367 CWE-416	CVE-2026-35418	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1464	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 11 24h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025	Windows DWM Core ライブラリの情報漏えいの脆弱性	CWE-125 境界外読み取り	CVE-2026-35419	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1465	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microso…	Windows カーネルの特権の昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-35420	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1466	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows GDI のリモートでコードが実行される脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-35421	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1467	6.5	警告 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP ドライバーのセキュリティ機能のバイパスの脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-35422	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1468	5.4	警告 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows 11 Telnet クライアントの情報漏えいの脆弱性	CWE-125 境界外読み取り	CVE-2026-35423	2026-05-18 12:15	2026-05-12	Show	GitHub Exploit DB Packet Storm

1469	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	インターネットキー交換 (IKE) プロトコルのサービス拒否の脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2026-35424	2026-05-18 12:15	2026-05-12	Show	GitHub Exploit DB Packet Storm

1470	5.4	警告 Network	Frappe	Frappe	Frappeにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3837	2026-05-18 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
319061	9.8	CRITICAL Network	arajajyothibabu	school_management_system	School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php.	CWE-89 SQL Injection	CVE-2024-42572	2024-08-22 01:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

319062	-		-	-	An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file.	-	CVE-2024-42563	2024-08-22 01:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

319063	-		-	-	Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the room_type parameter at admin_room_removed.php.	-	CVE-2024-42556	2024-08-22 01:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

319064	9.0	CRITICAL Network	typecho	typecho	A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.	CWE-79 Cross-site Scripting	CVE-2024-35540	2024-08-22 01:05	2024-08-21	Show	GitHub Exploit DB Packet Storm

319065	8.6	HIGH Local	scilico	i-librarian	Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component.	CWE-79 Cross-site Scripting	CVE-2024-40500	2024-08-22 01:05	2024-08-13	Show	GitHub Exploit DB Packet Storm

319066	5.3	MEDIUM Network	matrix	javascript_sdk	matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's g…	CWE-674 Uncontrolled Recursion	CVE-2024-42369	2024-08-22 01:01	2024-08-21	Show	GitHub Exploit DB Packet Storm

319067	8.8	HIGH Network	projectcapsule	capsule	Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e.,…	CWE-863 Incorrect Authorization	CVE-2024-39690	2024-08-22 01:01	2024-08-21	Show	GitHub Exploit DB Packet Storm

319068	5.4	MEDIUM Network	3ds	3dexperience	A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execu…	CWE-79 Cross-site Scripting	CVE-2024-6378	2024-08-22 00:53	2024-08-20	Show	GitHub Exploit DB Packet Storm

319069	9.8	CRITICAL Network	gotribe	gotribe-admin	A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log…	CWE-502 Deserialization of Untrusted Data	CVE-2024-8003	2024-08-22 00:51	2024-08-20	Show	GitHub Exploit DB Packet Storm

319070	9.8	CRITICAL Network	demozx	gf_cms	A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. T…	CWE-798 Use of Hard-coded Credentials	CVE-2024-8005	2024-08-22 00:49	2024-08-20	Show	GitHub Exploit DB Packet Storm