Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
411	5.5	警告 Local	フォーティネット	FortiClient	フォーティネットのFortiClientにおけるハードコードされた暗号鍵の使用に関する脆弱性 New	CWE-321 ハードコードされた暗号鍵の使用	CVE-2026-44278	2026-05-18 11:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

412	5.5	警告 Local	フォーティネット	FortiToken Mobile	フォーティネットのFortiToken MobileにおけるAndroid アプリケーションコンポーネントの不適切なエクスポートの脆弱性 New	CWE-926 Android アプリケーションコンポーネントの不適切なエクスポート	CVE-2026-44279	2026-05-18 11:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

413	4.3	警告 Network	etcd	etcd	etcd-ioのetcdにおける不正な認証に関する脆弱性 New	CWE-863 不正な認証	CVE-2026-44283	2026-05-18 11:25	2026-05-14	Show	GitHub Exploit DB Packet Storm

414	5.3	警告 Network	MISP	MISP	MISPにおける入力確認に関する脆弱性 New	CWE-20 CWE-noinfo	CVE-2026-44379	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

415	7.2	重要 Network	MISP	MISP	MISPにおける不正な認証に関する脆弱性 New	CWE-863 不正な認証	CVE-2026-44380	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

416	5.3	警告 Network	MISP	MISP	MISPにおけるSQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2026-44381	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

417	6.5	警告 Network	Frappe	ERPNext	FrappeのERPNextにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-44448	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

418	7.1	重要 Network	DataHub project	DataHub	DataHubにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-44501	2026-05-18 11:25	2026-05-14	Show	GitHub Exploit DB Packet Storm

419	9.1	緊急 Network	Graham Steffaniak(gtsteffaniak)	FileBrowser Quantum	Graham Steffaniak(gtsteffaniak)のFileBrowser Quantumにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-44542	2026-05-18 11:25	2026-05-14	Show	GitHub Exploit DB Packet Storm

420	5.9	警告 Network	Vercel, Inc. (旧 Zeit, Inc.)	Next.js	Vercel, Inc. (旧 Zeit, Inc.)のNext.jsにおける信頼できるデータ受け入れ時の信頼できない無関係なデータの受け入れに関する脆弱性 New	CWE-349 信頼できるデータ受け入れ時の信頼できない無関係なデータの受け入れ	CVE-2026-44572	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
971	7.2	HIGH Network	arubanetworks	arubaos sd-wan	Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arb…	CWE-77 Command Injection	CVE-2026-44854	2026-05-15 00:12	2026-05-13	Show	GitHub Exploit DB Packet Storm

972	7.2	HIGH Network	arubanetworks	arubaos sd-wan	Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arb…	CWE-77 Command Injection	CVE-2026-44853	2026-05-15 00:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

973	7.0	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.	CWE-415 Double Free	CVE-2026-34341	2026-05-15 00:00	2026-05-13	Show	GitHub Exploit DB Packet Storm

974	7.0	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.	CWE-362 Race Condition	CVE-2026-34342	2026-05-14 23:59	2026-05-13	Show	GitHub Exploit DB Packet Storm

975	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-34343	2026-05-14 23:58	2026-05-13	Show	GitHub Exploit DB Packet Storm

976	7.8	HIGH Local	ashlar	argon cobalt cobalt_share lithium xenon	An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary cod…	CWE-787 Out-of-bounds Write	CVE-2025-65086	2026-05-14 23:57	2026-05-13	Show	GitHub Exploit DB Packet Storm

977	7.8	HIGH Local	ashlar	argon cobalt cobalt_share lithium xenon	An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information o…	CWE-125 Out-of-bounds Read	CVE-2025-65087	2026-05-14 23:57	2026-05-13	Show	GitHub Exploit DB Packet Storm

978	7.8	HIGH Local	ashlar	argon cobalt cobalt_share lithium xenon	An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information o…	CWE-125 Out-of-bounds Read	CVE-2025-65088	2026-05-14 23:57	2026-05-13	Show	GitHub Exploit DB Packet Storm

979	8.8	HIGH Network	requarks	wiki.js	Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation o…	CWE-269 NVD-CWE-noinfo Improper Privilege Management	CVE-2026-44224	2026-05-14 23:56	2026-05-13	Show	GitHub Exploit DB Packet Storm

980	6.7	MEDIUM Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.	CWE-415 Double Free	CVE-2026-21530	2026-05-14 23:56	2026-05-13	Show	GitHub Exploit DB Packet Storm