Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2411	4.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows ブートマネージャーのセキュリティ機能のバイパスの脆弱性	CWE-908 初期化されていないリソースの使用	CVE-2026-26175	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2412	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows クライアント側のキャッシュドライバー (csc.sys) の特権昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-26176	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2413	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-26177	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2414	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows Advanced Rasterization Platform の特権昇格の脆弱性	CWE-190 CWE-681	CVE-2026-26178	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2415	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025 Microsoft Windows 11 24h2 Microsoft Wind…	Windows カーネルの特権の昇格の脆弱性	CWE-415 二重解放	CVE-2026-26179	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2416	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows カーネルの特権の昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-26180	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2417	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025 Microsoft Windows 11 24h2 Microsoft Wind…	Microsoft Resilient File System の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-26181	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2418	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-26182	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2419	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows Server 2025 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microso…	リモートアクセス管理サービス/API (RPC サーバー) の特権昇格の脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-26183	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2420	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性	CWE-126 バッファオーバーリード	CVE-2026-26184	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314251	-		-	-	Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the book_id parameter at admin_modify_room.php.	-	CVE-2024-42558	2024-08-21 06:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

314252	6.1	MEDIUM Network	heytap	internet_browser	The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity compo…	CWE-79 Cross-site Scripting	CVE-2024-23729	2024-08-21 06:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

314253	-		-	-	The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations,…	-	CVE-2024-44067	2024-08-21 05:35	2024-08-19	Show	GitHub Exploit DB Packet Storm

314254	9.8	CRITICAL Network	emiloimagtolis	ticket_reservation_system	A vulnerability classified as critical was found in itsourcecode Ticket Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php of the component Login…	CWE-89 SQL Injection	CVE-2024-7444	2024-08-21 04:56	2024-08-4	Show	GitHub Exploit DB Packet Storm

314255	9.8	CRITICAL Network	angeljudesuarez	placement_management_system	A vulnerability, which was classified as critical, was found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument e…	CWE-89 SQL Injection	CVE-2024-7449	2024-08-21 04:49	2024-08-4	Show	GitHub Exploit DB Packet Storm

314256	5.4	MEDIUM Network	insurance_management_system_project	insurance_management_system	A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file addNominee.php …	CWE-79 Cross-site Scripting	CVE-2024-7916	2024-08-21 04:38	2024-08-19	Show	GitHub Exploit DB Packet Storm

314257	7.5	HIGH Network	corydolphin	flask-cors	A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default, without any configuration option. This behavior can…	NVD-CWE-Other	CVE-2024-6221	2024-08-21 04:37	2024-08-19	Show	GitHub Exploit DB Packet Storm

314258	-		-	-	An issue in the login component (process_login.php) of Hotel Management System commit 79d688 allows attackers to authenticate without providing a valid password.	-	CVE-2024-42559	2024-08-21 04:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

314259	-		-	-	The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated …	-	CVE-2024-6847	2024-08-21 04:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

314260	7.2	HIGH Network	dedebiz	dedebiz	A vulnerability classified as critical has been found in DedeBIZ 6.3.0. This affects the function AdminUpload of the file admin/archives_do.php. The manipulation of the argument litpic leads to unres…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-7905	2024-08-21 04:35	2024-08-18	Show	GitHub Exploit DB Packet Storm