Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2861	4.8	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23752	2026-04-30 12:14	2026-04-20	Show	GitHub Exploit DB Packet Storm

2862	4.8	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23753	2026-04-30 12:14	2026-04-20	Show	GitHub Exploit DB Packet Storm

2863	5.4	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23756	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

2864	5.4	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23757	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

2865	5.4	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23758	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

2866	6.5	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-25773	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

2867	4.3	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-28736	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

2868	7.8	重要 Local	DeepCool	DeepCreative	DeepCoolのDeepCreativeにおける安全でない継承されたパーミッションに関する脆弱性	CWE-277 安全でない継承されたパーミッション	CVE-2026-30266	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

2869	7.5	重要 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-32297	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

2870	9.1	緊急 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM FirmwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-32298	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
671	-	-	-	Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine (VM) to perform unauthorized access to specific victim range of GPU MMIO register spac…	CWE-1189	CVE-2024-36332	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

672	-	-	-	An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrit…	CWE-252 Unchecked Return Value	CVE-2025-0028	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

673	-	-	-	Improper access control between the Joint Test Action Group (JTAG) and Advanced Extensible Interface (AXI) could allow an attacker with physical access to read or overwrite the contents of cross-chip…	CWE-284 Improper Access Control	CVE-2025-0040	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

674	-	-	-	An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability.	CWE-125 Out-of-bounds Read	CVE-2025-0044	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

675	-	-	-	An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiali…	CWE-787 Out-of-bounds Write	CVE-2025-29935	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

676	-	-	-	Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing priv…	CWE-20 Improper Input Validation	CVE-2025-29936	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

677	-	-	-	An out of bounds read within the AMD Platform Management Framework (PMF) could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or con…	CWE-125 Out-of-bounds Read	CVE-2025-29937	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

678	-	-	-	An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution.	CWE-252 Unchecked Return Value	CVE-2025-29938	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

679	-	-	-	A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash	CWE-120 Classic Buffer Overflow	CVE-2025-29944	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

680	-	-	-	Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability.	CWE-908 Use of Uninitialized Resource	CVE-2025-48513	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm