Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3031	9.9	緊急 Network	マイクロソフト	Azure Logic Apps	Azure Logic Apps の特権昇格の脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-42823	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3032	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows テレフォニーサービスの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-42825	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3033	6.5	警告 Local	マイクロソフト	Azure Monitor Agent	Azure Monitor エージェントの拡張機能の特権昇格の脆弱性	CWE-426 信頼性のない検索パス	CVE-2026-42830	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3034	9.1	緊急 Network	マイクロソフト	Microsoft Dynamics 365	Microsoft Dynamics 365 オンプレミスのリモートでコードが実行される脆弱性	CWE-250 CWE-noinfo	CVE-2026-42833	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3035	5.4	警告 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) の特権の昇格の脆弱性	CWE-74 インジェクション	CVE-2026-42838	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3036	6.5	警告 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) for Android のスプーフィングの脆弱性	CWE-451 ユーザインターフェースにおける重要情報の誤った表示	CVE-2026-42891	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3037	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 11 24h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025	Windows DWM Core ライブラリの特権の昇格の脆弱性	CWE-122 CWE-190	CVE-2026-42896	2026-05-18 12:13	2026-05-12	Show	GitHub Exploit DB Packet Storm

3038	9.9	緊急 Network	マイクロソフト	Microsoft Dynamics 365	Microsoft Dynamics 365 オンプレミスのリモートでコードが実行される脆弱性	CWE-94 コード・インジェクション	CVE-2026-42898	2026-05-18 12:13	2026-05-12	Show	GitHub Exploit DB Packet Storm

3039	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける二重解放に関する脆弱性	CWE-415 二重解放	CVE-2026-43097	2026-05-18 12:13	2026-05-6	Show	GitHub Exploit DB Packet Storm

3040	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-Other その他	CVE-2026-43098	2026-05-18 12:13	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345711	-	double_precision_incorporated inter7	courier_mta courier-imap	SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.	NVD-CWE-Other	CVE-2003-0040	2017-10-10 10:30	2003-02-19	Show	GitHub Exploit DB Packet Storm

345712	-	apache	tomcat	Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through …	NVD-CWE-Other	CVE-2003-0043	2017-10-10 10:30	2003-02-7	Show	GitHub Exploit DB Packet Storm

345713	-	apache	tomcat	Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DO…	NVD-CWE-Other	CVE-2003-0045	2017-10-10 10:30	2003-02-7	Show	GitHub Exploit DB Packet Storm

345714	-	national_language_support	libim	Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im a…	NVD-CWE-Other	CVE-2003-0087	2017-10-10 10:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

345715	-	lbl	tcpdump	The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to gene…	NVD-CWE-Other	CVE-2003-0093	2017-10-10 10:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

345716	-	andries_brouwer	util-linux	A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expe…	NVD-CWE-Other	CVE-2003-0094	2017-10-10 10:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

345717	-	andries_brouwer	man	man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is th…	NVD-CWE-Other	CVE-2003-0124	2017-10-10 10:30	2003-03-18	Show	GitHub Exploit DB Packet Storm

345718	-	qualcomm	qpopper	The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer…	NVD-CWE-Other	CVE-2003-0143	2017-10-10 10:30	2003-03-18	Show	GitHub Exploit DB Packet Storm

345719	-	lbl	tcpdump	Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different…	NVD-CWE-Other	CVE-2003-0145	2017-10-10 10:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

345720	-	netpbm	netpbm	netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0924	2017-10-10 10:30	2004-02-17	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed