Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
781	6.2	警告 Local	アップル	visionos watchOS iOS tvOS iPadOS	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-28977	2026-05-18 12:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

782	5.5	警告 Local	アップル	visionos watchOS iOS tvOS iPadOS	アップルのiPadOS等の複数製品における競合状態に関する脆弱性	CWE-362 競合状態	CVE-2026-28996	2026-05-18 12:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

783	7.8	重要 Local	Zoom Video Communications, Inc.	Zoom Workplace VDI Zoom Meeting SDK Zoom Workplace Desktop	Zoom Video Communications, Inc.のZoom Meeting SDK等の複数製品における例外的な状態のチェックに関する脆弱性	CWE-754 例外的な状態における不適切なチェック	CVE-2026-30900	2026-05-18 12:18	2026-03-11	Show	GitHub Exploit DB Packet Storm

784	7.8	重要 Local	Zoom Video Communications, Inc.	Zoom Rooms	Zoom Video Communications, Inc.のZoom Roomsにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-30901	2026-05-18 12:18	2026-03-11	Show	GitHub Exploit DB Packet Storm

785	7.8	重要 Local	Zoom Video Communications, Inc.	Zoom Workplace VDI Zoom Rooms Zoom Workplace Desktop	Zoom Video Communications, Inc.のZoom Rooms等の複数製品における権限管理に関する脆弱性	CWE-269 CWE-noinfo	CVE-2026-30902	2026-05-18 12:18	2026-03-11	Show	GitHub Exploit DB Packet Storm

786	9.8	緊急 Network	Zoom Video Communications, Inc.	Zoom Workplace VDI Zoom Workplace Desktop	Zoom Video Communications, Inc.のZoom Workplace Desktop等の複数製品における複数の脆弱性	CWE-610 CWE-73	CVE-2026-30903	2026-05-18 12:18	2026-03-11	Show	GitHub Exploit DB Packet Storm

787	7.8	重要 Local	lightningai	pytorch lightning	Lightning AIのPyTorch Lightningにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-31221	2026-05-18 12:18	2026-05-12	Show	GitHub Exploit DB Packet Storm

788	7.5	重要 Adjacent	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows ネイティブ WiFi ミニポートドライバーのリモートでコードが実行される脆弱性	CWE-362 CWE-416	CVE-2026-32161	2026-05-18 12:18	2026-05-12	Show	GitHub Exploit DB Packet Storm

789	6.7	警告 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows リッチテキストエディットの特権昇格の脆弱性	CWE-415 二重解放	CVE-2026-32170	2026-05-18 12:18	2026-05-12	Show	GitHub Exploit DB Packet Storm

790	4.4	警告 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows フィルタリングプラットフォーム (WFP) のセキュリティ機能のバイパスの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-32209	2026-05-18 12:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311451	6.8	MEDIUM Physics	microsoft	windows_server_2022_23h2 windows_10_1809 windows_server_2019 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_23h2 windows_11_24h2	Windows Mobile Broadband Driver Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-43543	2024-10-18 02:23	2024-10-9	Show	GitHub Exploit DB Packet Storm

311452	6.7	MEDIUM Local	google	android	In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.	CWE-77 Command Injection	CVE-2024-39438	2024-10-18 02:19	2024-10-9	Show	GitHub Exploit DB Packet Storm

311453	6.7	MEDIUM Local	google	android	In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.	CWE-77 Command Injection	CVE-2024-39437	2024-10-18 02:18	2024-10-9	Show	GitHub Exploit DB Packet Storm

311454	6.7	MEDIUM Local	google	android	In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.	CWE-77 Command Injection	CVE-2024-39436	2024-10-18 02:16	2024-10-9	Show	GitHub Exploit DB Packet Storm

311455	7.5	HIGH Network	microsoft	windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2022_23h2 windows_server_2022 windows_server_2019	Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability	NVD-CWE-noinfo	CVE-2024-43544	2024-10-18 02:16	2024-10-9	Show	GitHub Exploit DB Packet Storm

311456	4.3	MEDIUM Adjacent	gotenna	gotenna	The goTenna Pro ATAK Plugin does not encrypt callsigns in messages. It is advised to not use sensitive information in callsigns when using this and previous versions of the plugin. Update to curren…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2024-45838	2024-10-18 02:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

311457	6.5	MEDIUM Adjacent	gotenna	gotenna	The goTenna Pro ATAK Plugin does not use SecureRandom when generating passwords for sharing cryptographic keys. The random function in use makes it easier for attackers to brute force this password…	CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	CVE-2024-45723	2024-10-18 02:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

311458	6.5	MEDIUM Adjacent	gotenna	gotenna	The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute f…	CWE-922 Insecure Storage of Sensitive Information	CVE-2024-45374	2024-10-18 02:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

311459	6.5	MEDIUM Adjacent	gotenna	gotenna	The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can a…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2024-43108	2024-10-18 02:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

311460	4.3	MEDIUM Adjacent	gotenna	gotenna	The goTenna Pro ATAK Plugin encryption key name is always sent unencrypted when the key is sent over RF through a broadcast message. It is advised to share the encryption key via local QR for highe…	NVD-CWE-Other	CVE-2024-41931	2024-10-18 02:15	2024-09-27	Show	GitHub Exploit DB Packet Storm