Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2561 8 重要
Network 		マイクロソフト Microsoft Power Apps Microsoft Power Apps のリモートでコードが実行される脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2026-32172 2026-05-1 10:48 2026-04-23 Show GitHub Exploit DB Packet Storm
2562 7.1 重要
Local 		マイクロソフト Microsoft Office
Microsoft Excel
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps
Microsoft Office Online Server 		Microsoft Excel の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-32188 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
2563 7.8 重要
Local 		マイクロソフト Microsoft Office
Microsoft Excel
Office Long Term Servicing Channel (LTSC)
Microsoft 365 Apps
Microsoft Office Online Server 		Microsoft Excel のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32189 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
2564 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office のリモート コードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32190 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
2565 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-33095 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
2566 9.3 緊急
Network 		マイクロソフト Microsoft 365 Copilot Microsoft 365 Copilot の特権昇格の脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-33102 2026-05-1 10:48 2026-04-23 Show GitHub Exploit DB Packet Storm
2567 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-822
信頼性のないポインタデリファレンス 		CVE-2026-33114 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
2568 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-33115 2026-05-1 10:47 2026-04-14 Show GitHub Exploit DB Packet Storm
2569 7.8 重要
Local 		ggml.ai llama.cpp ggml.aiのllama.cppにおける複数の脆弱性 CWE-122
CWE-190
CVE-2026-33298 2026-05-1 10:47 2026-03-24 Show GitHub Exploit DB Packet Storm
2570 6.1 警告
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-33822 2026-05-1 10:47 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317641 9.8 CRITICAL
Network 		openbsd openssh Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is usin… CWE-190
 Integer Overflow or Wraparound 		CVE-2002-0639 2024-02-9 03:37 2002-07-3 Show GitHub Exploit DB Packet Storm
317642 7.8 HIGH
Local 		linux linux_kernel Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which cau… CWE-190
 Integer Overflow or Wraparound 		CVE-2004-2013 2024-02-9 02:59 2004-12-31 Show GitHub Exploit DB Packet Storm
317643 9.8 CRITICAL
Network 		wuftpd
redhat
apple
sun
freebsd
netbsd
openbsd 		wu-ftpd
wu_ftpd
mac_os_x_server
mac_os_x
solaris
freebsd
netbsd
openbsd 		Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via command… CWE-193
 Off-by-one Error 		CVE-2003-0466 2024-02-9 00:50 2003-08-27 Show GitHub Exploit DB Packet Storm
317644 5.5 MEDIUM
Local 		mandrakesoft mandrake_linux The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. CWE-276
Incorrect Default Permissions  		CVE-2002-1713 2024-02-9 00:50 2002-12-31 Show GitHub Exploit DB Packet Storm
317645 7.8 HIGH
Local 		microsoft windows_media_player Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privile… CWE-276
Incorrect Default Permissions  		CVE-2002-1844 2024-02-9 00:50 2002-12-31 Show GitHub Exploit DB Packet Storm
317646 9.8 CRITICAL
Network 		suse suse_linux The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. CWE-276
Incorrect Default Permissions  		CVE-1999-0426 2024-02-9 00:50 1999-03-1 Show GitHub Exploit DB Packet Storm
317647 7.8 HIGH
Local 		isc bind dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which al… CWE-276
Incorrect Default Permissions  		CVE-2001-0497 2024-02-9 00:49 2001-07-21 Show GitHub Exploit DB Packet Storm
317648 7.5 HIGH
Network 		aol aim The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer under… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2005-1891 2024-02-9 00:44 2005-06-9 Show GitHub Exploit DB Packet Storm
317649 9.8 CRITICAL
Network 		barton ngircd Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2005-0199 2024-02-9 00:43 2005-05-2 Show GitHub Exploit DB Packet Storm
317650 7.5 HIGH
Network 		samba
canonical 		ppp
ubuntu_linux 		Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an inco… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2004-1002 2024-02-9 00:43 2005-03-1 Show GitHub Exploit DB Packet Storm