Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2551 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 11 23h2
Microsoft Windows 11 26h1
Microsoft Windows 10 1809
Microsoft Wind… 		Windows Projected File System の特権の昇格の脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32078 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2552 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Web アカウント マネージャーの情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-32079 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2553 7 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows Server 2025
Microsoft Windows Server 2016 		Windows WalletService の特権の昇格の脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32080 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2554 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		パッケージ カタログの情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-32081 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2555 7 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows Simple Search Discovery Protocol (SSDP) サービスの特権昇格の脆弱性 CWE-362
競合状態 		CVE-2026-32082 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2556 7 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows Simple Search Discovery Protocol (SSDP) サービスの特権昇格の脆弱性 CWE-362
競合状態 		CVE-2026-32083 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2557 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows 印刷スプーラーの情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-32084 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2558 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		リモート プロシージャ コールの情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-32085 2026-04-23 10:14 2026-04-14 Show GitHub Exploit DB Packet Storm
2559 7 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows Function Discovery Service (fdwsd.dll) の特権昇格の脆弱性 CWE-362
競合状態 		CVE-2026-32086 2026-04-23 10:13 2026-04-14 Show GitHub Exploit DB Packet Storm
2560 7 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows Function Discovery Service (fdwsd.dll) の特権昇格の脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-32087 2026-04-23 10:13 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
71 9.8 CRITICAL
Network 		- - Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag (and NORNICDB_ADDRE… New CWE-1392
 Use of Default Credentials 		CVE-2026-42072 2026-05-9 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
72 6.1 MEDIUM
Network 		- - MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker t… New CWE-80
Basic XSS 		CVE-2026-42030 2026-05-9 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
73 - - - pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted string literal is used in the SQL query, t… New CWE-89
SQL Injection 		CVE-2026-41889 2026-05-9 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
74 4.9 MEDIUM
Network 		- - Flarum is open-source forum software. Prior to versions 1.8.16 and 2.0.0-rc.1, Flarum's patch for CVE-2023-27577 restricted the @import and data-uri() LESS features in the custom_less setting, but th… New CWE-22
CWE-918
Path Traversal
Server-Side Request Forgery (SSRF)  		CVE-2026-41887 2026-05-9 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
75 7.8 HIGH
Local 		- - PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes (used for isolated/PHPT test execution) as -d name=value command-line argu… New CWE-88
CWE-93
Argument Injection
CRLF Injection 		CVE-2026-41570 2026-05-9 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
76 - - - Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_uploader/httprequesthandler.py, aseHttpRequestHan… New - CVE-2026-38360 2026-05-9 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
77 8.2 HIGH
Network 		- - nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recv_read_registers_res() in nanomodbus.c. When a client calls nmbs_read_holding_registers() or nmbs_read_input_registers(), the librar… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-29972 2026-05-9 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
78 8.8 HIGH
Network 		- - NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js. New CWE-78
OS Command  		CVE-2025-63705 2026-05-9 02:16 2026-05-8 Show GitHub Exploit DB Packet Storm
79 9.8 CRITICAL
Network 		phpoffice phpspreadsheet PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.2 and earlier, 2.0.0 through 2.1.14, 2.2.0 through 2.4.3, 3.3.0 through 3.10.3, and 4.0.0 through 5.5.0, when t… New CWE-502
CWE-918
 Deserialization of Untrusted Data
Server-Side Request Forgery (SSRF)  		CVE-2026-34084 2026-05-9 02:10 2026-05-6 Show GitHub Exploit DB Packet Storm
80 5.4 MEDIUM
Network 		phpoffice phpspreadsheet PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.3 and earlier, 2.0.0 through 2.1.15, 2.2.0 through 2.4.4, 3.3.0 through 3.10.4, and 4.0.0 through 5.6.0, the HT… New CWE-79
Cross-site Scripting 		CVE-2026-35453 2026-05-9 02:08 2026-05-6 Show GitHub Exploit DB Packet Storm