Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
271	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Win32k の特権の昇格の脆弱性 New	CWE-190 CWE-416	CVE-2026-34330	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

272	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Win32k の特権の昇格の脆弱性 New	CWE-362 CWE-416	CVE-2026-34331	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

273	8	重要 Network	マイクロソフト	Microsoft Windows Server 2025	Windows カーネルモードドライバーのリモートでコードが実行される脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-34332	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

274	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows Win32k の特権の昇格の脆弱性 New	CWE-190 CWE-416	CVE-2026-34333	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

275	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP の特権昇格の脆弱性 New	CWE-362 競合状態	CVE-2026-34334	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

276	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows DWM Core ライブラリの情報漏えいの脆弱性 New	CWE-126 バッファオーバーリード	CVE-2026-34336	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

277	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Wind…	Windows Cloud Files Mini Filter ドライバーの特権の昇格の脆弱性 New	CWE-362 CWE-416	CVE-2026-34337	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

278	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows テレフォニーサービスの特権昇格の脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-34338	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

279	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows ライトウェイトディレクトリアクセスプロトコル (LDAP) のサービス拒否の脆弱性 New	CWE-476 NULL ポインタデリファレンス	CVE-2026-34339	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

280	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-34340	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311811	5.5	MEDIUM Local	apple	macos	The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.	NVD-CWE-noinfo	CVE-2024-27861	2024-10-10 22:13	2024-09-17	Show	GitHub Exploit DB Packet Storm

311812	6.5	MEDIUM Network	zynith	zynith	Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9.	CWE-862 Missing Authorization	CVE-2024-43940	2024-10-10 22:11	2024-08-30	Show	GitHub Exploit DB Packet Storm

311813	6.5	MEDIUM Network	zynith	zynith	Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9.	CWE-862 Missing Authorization	CVE-2024-43939	2024-10-10 22:09	2024-08-30	Show	GitHub Exploit DB Packet Storm

311814	9.8	CRITICAL Network	woobewoo	product_table	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WBW Product Table PRO allows SQL Injection.This issue affects WBW Product Table PRO: from n/a…	CWE-89 SQL Injection	CVE-2024-43918	2024-10-10 22:01	2024-08-30	Show	GitHub Exploit DB Packet Storm

311815	-		-	-	Use of implicit intent for sensitive communication in Sound Assistant prior to version 6.1.0.9 allows local attackers to get sensitive information.	-	CVE-2024-34670	2024-10-10 21:57	2024-10-8	Show	GitHub Exploit DB Packet Storm

311816	-		-	-	Improper check for exception conditions in Knox Guard prior to SMR Oct-2024 Release 1 allows physical attackers to bypass Knox Guard in a multi-user environment.	-	CVE-2024-34664	2024-10-10 21:57	2024-10-8	Show	GitHub Exploit DB Packet Storm

311817	-		-	-	Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory.	-	CVE-2024-34663	2024-10-10 21:57	2024-10-8	Show	GitHub Exploit DB Packet Storm

311818	-		-	-	The Bridge Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formforall' shortcode in versions up to, and including, 3.2.0 due to insufficient input sanitization and output …	CWE-79 Cross-site Scripting	CVE-2024-9292	2024-10-10 21:57	2024-10-8	Show	GitHub Exploit DB Packet Storm

311819	-		-	-	In the process of testing the Relevanssi WordPress plugin before 4.23.1, a vulnerability was found that allows you to implement Stored XSS on behalf of the Contributor+ by embedding malicious script…	-	CVE-2024-9021	2024-10-10 21:57	2024-10-8	Show	GitHub Exploit DB Packet Storm

311820	-		-	-	Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings allowing high privilege users to inject scripts.	-	CVE-2024-8983	2024-10-10 21:57	2024-10-8	Show	GitHub Exploit DB Packet Storm