Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
831	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Wind…	Windows Cloud Files Mini Filter ドライバーの特権の昇格の脆弱性	CWE-367 CWE-416	CVE-2026-35418	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

832	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 11 24h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025	Windows DWM Core ライブラリの情報漏えいの脆弱性	CWE-125 境界外読み取り	CVE-2026-35419	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

833	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microso…	Windows カーネルの特権の昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-35420	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

834	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows GDI のリモートでコードが実行される脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-35421	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

835	6.5	警告 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows TCP/IP ドライバーのセキュリティ機能のバイパスの脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-35422	2026-05-18 12:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

836	5.4	警告 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows 11 Telnet クライアントの情報漏えいの脆弱性	CWE-125 境界外読み取り	CVE-2026-35423	2026-05-18 12:15	2026-05-12	Show	GitHub Exploit DB Packet Storm

837	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	インターネットキー交換 (IKE) プロトコルのサービス拒否の脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2026-35424	2026-05-18 12:15	2026-05-12	Show	GitHub Exploit DB Packet Storm

838	5.4	警告 Network	Frappe	Frappe	Frappeにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3837	2026-05-18 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

839	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows 11 24h2 Microsoft Windows 11 26h1 Microsoft Windows Server 2025	Windows カーネルの特権の昇格の脆弱性	CWE-822 信頼性のないポインタデリファレンス	CVE-2026-40369	2026-05-18 12:15	2026-05-12	Show	GitHub Exploit DB Packet Storm

840	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Microsoft Cryptographic Services の特権の昇格の脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-40377	2026-05-18 12:15	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
318961	7.5	HIGH Network	netsourcecommerce	productcart	EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.	CWE-326 Inadequate Encryption Strength	CVE-2004-2172	2024-02-15 01:58	2004-12-31	Show	GitHub Exploit DB Packet Storm

318962	-		cgiscript	csguestbook	csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.	CWE-94 Code Injection	CVE-2002-1750	2024-02-15 01:57	2002-12-31	Show	GitHub Exploit DB Packet Storm

318963	-		cgiscript	cschat-r-box	csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.	CWE-94 Code Injection	CVE-2002-1752	2024-02-15 01:57	2002-12-31	Show	GitHub Exploit DB Packet Storm

318964	-		cgiscript	csnews_professional	csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.	CWE-94 Code Injection	CVE-2002-1753	2024-02-15 01:56	2002-12-31	Show	GitHub Exploit DB Packet Storm

318965	5.5	MEDIUM Local	daansystems	newsreactor	NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.	CWE-326 Inadequate Encryption Strength	CVE-2002-1682	2024-02-15 01:55	2002-12-31	Show	GitHub Exploit DB Packet Storm

318966	7.8	HIGH Local	mckesson	pathways_homecare	Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.	CWE-326 Inadequate Encryption Strength	CVE-2001-1546	2024-02-15 01:55	2001-12-31	Show	GitHub Exploit DB Packet Storm

318967	9.8	CRITICAL Network	arkeia	arkeia	Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password g…	CWE-916 Use of Password Hash With Insufficient Computational Effort	CVE-2001-0967	2024-02-15 01:55	2001-08-31	Show	GitHub Exploit DB Packet Storm

318968	7.8	HIGH Local	spectrumcu	cash_receipting_system	Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a passw…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2005-4860	2024-02-15 01:54	2005-12-31	Show	GitHub Exploit DB Packet Storm

318969	-		plainblack	webgui	Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm.	CWE-94 Code Injection	CVE-2005-2837	2024-02-15 01:53	2005-09-8	Show	GitHub Exploit DB Packet Storm

318970	7.5	HIGH Network	vtun_project	vtun	Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain s…	CWE-326 Inadequate Encryption Strength	CVE-2002-1697	2024-02-15 00:51	2002-12-31	Show	GitHub Exploit DB Packet Storm