Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1851 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-31614 2026-05-1 10:48 2026-04-24 Show GitHub Exploit DB Packet Storm
1852 7.5 重要
Network 		Tinyproxy project Tinyproxy Tinyproxy projectのTinyproxyにおけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-31842 2026-05-1 10:48 2026-04-7 Show GitHub Exploit DB Packet Storm
1853 8 重要
Network 		マイクロソフト Microsoft Power Apps Microsoft Power Apps のリモートでコードが実行される脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2026-32172 2026-05-1 10:48 2026-04-23 Show GitHub Exploit DB Packet Storm
1854 7.1 重要
Local 		マイクロソフト Microsoft Office
Microsoft Excel
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps
Microsoft Office Online Server 		Microsoft Excel の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-32188 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
1855 7.8 重要
Local 		マイクロソフト Microsoft Office
Microsoft Excel
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps
Microsoft Office Online Server 		Microsoft Excel のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32189 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
1856 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office のリモート コードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32190 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
1857 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-33095 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
1858 9.3 緊急
Network 		マイクロソフト Microsoft 365 Copilot Microsoft 365 Copilot の特権昇格の脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-33102 2026-05-1 10:48 2026-04-23 Show GitHub Exploit DB Packet Storm
1859 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-822
信頼性のないポインタデリファレンス 		CVE-2026-33114 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
1860 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-33115 2026-05-1 10:47 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312961 - - - A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execu… - CVE-2024-7736 2024-09-20 21:30 2024-09-20 Show GitHub Exploit DB Packet Storm
312962 - - - There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked… - CVE-2024-8375 2024-09-20 21:30 2024-09-20 Show GitHub Exploit DB Packet Storm
312963 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ece Software Electronic Ticket System allows Reflected XSS, Cross-Site Scripting (XSS).Thi… CWE-79
Cross-site Scripting 		CVE-2024-7785 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm
312964 - - - The grafana plugin SDK bundles build metadata into the binaries it compiles; this metadata includes the repository URI for the plugin being built, as retrieved by running `git remote get-url origin`.… - CVE-2024-8986 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm
312965 - - - langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. LLMS… - CVE-2024-46946 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm
312966 - - - Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing … - CVE-2024-7254 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm
312967 - - - In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right instead of the left, which may lead to domain confusion. - CVE-2024-37406 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm
312968 - - - Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the save_settings() function of the file rental/admin_class.php. - CVE-2024-46377 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm
312969 - - - Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the update_account() function of the file rental/admin_class.php. - CVE-2024-46376 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm
312970 - - - Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup() function of the file rental/admin_class.php. - CVE-2024-46375 2024-09-20 21:30 2024-09-19 Show GitHub Exploit DB Packet Storm