Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1821	9.3	緊急 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022	Windows Hyper-V の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40402	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1822	8.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows グラフィックスコンポーネントのリモートでコードが実行される脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-40403	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1823	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 11 24h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025	Windows TCP/IP のサービス拒否の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-40405	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1824	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP の情報漏えいの脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40406	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1825	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows 共通ログファイルシステムドライバーの特権の昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-40407	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1826	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows WAN ARP Driver Elevation of Privilege Vulnerability	CWE-416 解放済みメモリの使用	CVE-2026-40408	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1827	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows SMB クライアントの特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40410	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1828	9.6	緊急 Network	TanStack	tanstack/react-start-rsc @tanstack/router-devtools-core @tanstack/router-utils @tanstack/react-router-devtools @tanstack/valibot-adapter @tanstack/zod-adapter @tanstack/vue-start-se…	TanStackの@tanstack/arktype-adapter等の複数製品における埋め込まれた悪意のあるコードに関する脆弱性	CWE-506 埋め込まれた悪意のあるコード	CVE-2026-45321	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

1829	6.5	警告 Network	IBM HCL Technologies Limited	BigFix WebUI Reports BigFix WebUI Common BigFix WebUI API BigFix WebUI Framework BigFix WebUI Profile Management BigFix WebU…	HCL Technologies LimitedのBigFix WebUI API等の複数製品における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2025-15633	2026-05-18 12:06	2026-05-9	Show	GitHub Exploit DB Packet Storm

1830	4.3	警告 Network	IBM HCL Technologies Limited	BigFix WebUI Reports BigFix WebUI Common BigFix WebUI API BigFix WebUI Framework BigFix WebUI Profile Management BigFix WebU…	HCL Technologies LimitedのBigFix WebUI API等の複数製品における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-15634	2026-05-18 12:06	2026-05-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311271	-		-	-	A security vulnerability has been identified in HPE Data Management Framework (DMF) Suite (CXFS). Depending on configuration, this vulnerability may lead to local/cluster unauthorized access.	-	CVE-2024-51764	2024-11-20 02:35	2024-11-16	Show	GitHub Exploit DB Packet Storm

311272	-		-	-	In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can star…	-	CVE-2017-13311	2024-11-20 02:35	2024-11-16	Show	GitHub Exploit DB Packet Storm

311273	-		-	-	In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an a…	-	CVE-2017-13310	2024-11-20 02:35	2024-11-16	Show	GitHub Exploit DB Packet Storm

311274	-		-	-	An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF.	-	CVE-2024-24446	2024-11-20 02:35	2024-11-16	Show	GitHub Exploit DB Packet Storm

311275	-		-	-	Magma v1.8.0 and OAI EPC Federation v1.20 were discovered to contain an out-of-bounds read in the amf_as_establish_req function at /tasks/amf/amf_as.cpp. This vulnerability allows attackers to cause …	-	CVE-2024-24425	2024-11-20 02:35	2024-11-16	Show	GitHub Exploit DB Packet Storm

311276	-		-	-	An issue in Snipe-IT v.7.0.13 build 15514 allows a low-privileged attacker to modify their profile name and inject a malicious payload into the "Name" field. When an administrator later accesses the …	-	CVE-2024-51094	2024-11-20 02:35	2024-11-13	Show	GitHub Exploit DB Packet Storm

311277	-		-	-	The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to authenticate as an arbitrary user because a session token can be sent to the /auth endpoint. NOTE: this module i…	-	CVE-2023-52268	2024-11-20 02:35	2024-11-13	Show	GitHub Exploit DB Packet Storm

311278	-		-	-	Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build System module.	-	CVE-2024-25255	2024-11-20 02:35	2024-11-12	Show	GitHub Exploit DB Packet Storm

311279	-		-	-	Driver Booster v10.6 was discovered to contain a buffer overflow via the Host parameter under the Customize proxy module.	-	CVE-2024-25253	2024-11-20 02:35	2024-11-12	Show	GitHub Exploit DB Packet Storm

311280	9.8	CRITICAL Network	schneider-electric	ecostruxure_it_gateway	CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices.	CWE-862 Missing Authorization	CVE-2024-10575	2024-11-20 02:28	2024-11-13	Show	GitHub Exploit DB Packet Storm