Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245081 7.5 危険 diangemilang - DGNews の news.php における SQL インジェクションの脆弱性 - CVE-2007-2994 2012-06-26 15:46 2007-06-4 Show GitHub Exploit DB Packet Storm
245082 4.3 警告 evenzia - Evenzia CMS の includes/send.inc.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2991 2012-06-26 15:46 2007-06-4 Show GitHub Exploit DB Packet Storm
245083 9.3 危険 btglobalservices - British Telecommunications Business Connect webhelper の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2983 2012-06-26 15:46 2007-10-25 Show GitHub Exploit DB Packet Storm
245084 9.3 危険 bt - British Telecommunications Business Connect webhelper の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2007-2982 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
245085 6.8 警告 eggblog - eggblog におけるセッションをハイジャックされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2007-2978 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
245086 7.8 危険 domjudge - DOMjudge の submit/submitcommon.c におけるバッファオーバーフローの脆弱性 - CVE-2007-2977 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
245087 4.3 警告 cetrinity - Centrinity FirstClass および他の製品におけるクロスサイトスクリプティングの攻撃を実行される脆弱性 - CVE-2007-2976 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
245088 10 危険 Avira - Avira Antivir Antivirus のファイル解析処理エンジンにおけるバッファオーバーフローの脆弱性 - CVE-2007-2974 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
245089 7.8 危険 Avira - Avira Antivir Antivirus におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2973 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
245090 7.8 危険 Avira - Avira Antivir Antivirus の ファイル解析処理エンジンにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2972 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
381 7.8 HIGH
Local 		ashlar argon
cobalt
cobalt_share
lithium
xenon 		An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary cod… New CWE-787
 Out-of-bounds Write 		CVE-2025-65086 2026-05-14 23:57 2026-05-13 Show GitHub Exploit DB Packet Storm
382 7.8 HIGH
Local 		ashlar argon
cobalt
cobalt_share
lithium
xenon 		An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information o… New CWE-125
Out-of-bounds Read 		CVE-2025-65087 2026-05-14 23:57 2026-05-13 Show GitHub Exploit DB Packet Storm
383 7.8 HIGH
Local 		ashlar argon
cobalt
cobalt_share
lithium
xenon 		An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information o… New CWE-125
Out-of-bounds Read 		CVE-2025-65088 2026-05-14 23:57 2026-05-13 Show GitHub Exploit DB Packet Storm
384 8.8 HIGH
Network 		requarks wiki.js Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation o… New CWE-269
NVD-CWE-noinfo
 Improper Privilege Management 		CVE-2026-44224 2026-05-14 23:56 2026-05-13 Show GitHub Exploit DB Packet Storm
385 6.7 MEDIUM
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. New CWE-415
 Double Free 		CVE-2026-21530 2026-05-14 23:56 2026-05-13 Show GitHub Exploit DB Packet Storm
386 7.5 HIGH
Adjacent 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent net… New CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2026-32161 2026-05-14 23:54 2026-05-13 Show GitHub Exploit DB Packet Storm
387 6.7 MEDIUM
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Double free in Windows Rich Text Edit Control allows an authorized attacker to elevate privileges locally. New CWE-415
 Double Free 		CVE-2026-32170 2026-05-14 23:52 2026-05-13 Show GitHub Exploit DB Packet Storm
388 4.4 MEDIUM
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally. New CWE-284
Improper Access Control 		CVE-2026-32209 2026-05-14 23:51 2026-05-13 Show GitHub Exploit DB Packet Storm
389 7.2 HIGH
Network 		wftpserver wing_ftp_server Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code… New CWE-94
Code Injection 		CVE-2026-44403 2026-05-14 23:50 2026-05-13 Show GitHub Exploit DB Packet Storm
390 7.5 HIGH
Network 		phpoffice phpspreadsheet PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes() method… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-40902 2026-05-14 23:50 2026-05-13 Show GitHub Exploit DB Packet Storm