Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4851	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP の特権昇格の脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-40399	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4852	7.1	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP のサービス拒否の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-40401	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4853	9.3	緊急 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022	Windows Hyper-V の特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40402	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4854	8.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows グラフィックスコンポーネントのリモートでコードが実行される脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-40403	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4855	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 11 24h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025	Windows TCP/IP のサービス拒否の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-40405	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4856	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP の情報漏えいの脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40406	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4857	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows 共通ログファイルシステムドライバーの特権の昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-40407	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4858	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows WAN ARP Driver Elevation of Privilege Vulnerability	CWE-416 解放済みメモリの使用	CVE-2026-40408	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4859	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows SMB クライアントの特権の昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-40410	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

4860	9.6	緊急 Network	TanStack	tanstack/react-start-rsc @tanstack/router-devtools-core @tanstack/router-utils @tanstack/react-router-devtools @tanstack/valibot-adapter @tanstack/zod-adapter @tanstack/vue-start-se…	TanStackの@tanstack/arktype-adapter等の複数製品における埋め込まれた悪意のあるコードに関する脆弱性	CWE-506 埋め込まれた悪意のあるコード	CVE-2026-45321	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351111	-	dschat	dschat	Unspecified vulnerability in DSChat 1.0 allows remote attackers to execute arbitrary PHP code via the Nickname field, which is not sanitized before creating a file in a user directory. NOTE: the pro…	NVD-CWE-Other	CVE-2006-2592	2017-07-20 10:31	2006-05-25	Show	GitHub Exploit DB Packet Storm

351112	-	mediawiki	mediawiki	Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vect…	NVD-CWE-Other	CVE-2006-2611	2017-07-20 10:31	2006-05-26	Show	GitHub Exploit DB Packet Storm

351113	-	sun	n1_system_manager	Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 records system passwords in the world-readable scripts (1) /cr/hd_jobs_db.sh, (2) /cr/hd_plan_checkin.sh, and (3) /cr/oracle_plan_check…	NVD-CWE-Other	CVE-2006-2614	2017-07-20 10:31	2006-05-26	Show	GitHub Exploit DB Packet Storm

351114	-	linux	linux_kernel	Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing…	NVD-CWE-Other	CVE-2006-2629	2017-07-20 10:31	2006-05-27	Show	GitHub Exploit DB Packet Storm

351115	-	cosmicphp	cosmicshoppingcart	Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d) product_details.php in the cosmicshop directory for CosmicShoppingCart allow r…	CWE-79 Cross-site Scripting	CVE-2006-2649	2017-07-20 10:31	2006-05-30	Show	GitHub Exploit DB Packet Storm

351116	-	cosmicphp	cosmicshoppingcart	SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers to execute arbitrary SQL commands via the max parameter.	NVD-CWE-Other	CVE-2006-2650	2017-07-20 10:31	2006-05-30	Show	GitHub Exploit DB Packet Storm

351117	-	freebsd	freebsd	Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar …	NVD-CWE-Other	CVE-2006-2654	2017-07-20 10:31	2006-06-2	Show	GitHub Exploit DB Packet Storm

351118	-	freebsd	freebsd	The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restric…	NVD-CWE-Other	CVE-2006-2655	2017-07-20 10:31	2006-06-2	Show	GitHub Exploit DB Packet Storm

351119	-	sitescape	sitescape_forum	Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames.	NVD-CWE-Other	CVE-2006-2676	2017-07-20 10:31	2006-05-31	Show	GitHub Exploit DB Packet Storm

351120	-	sitescape	sitescape_forum	SiteScape Forum 7.2 and possibly earlier stores the avf.rc configuraiton file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive path info…	NVD-CWE-Other	CVE-2006-2677	2017-07-20 10:31	2006-05-31	Show	GitHub Exploit DB Packet Storm