Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191291	6.5	警告 Network	SAP	-	SAP NetWeaver AS ABAP におけるサービス運用妨害 (DoS) 状態にされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-9843	2017-08-7 17:08	2017-03-14	Show	GitHub Exploit DB Packet Storm

191292	7.8	重要 Local	Iceni Technology	-	Infix の PDF 構文解析機能における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2017-2863	2017-08-7 17:08	2017-07-11	Show	GitHub Exploit DB Packet Storm

191293	7.8	重要 Local	radare	-	radare2 の shlr/grub/kern/misc.c の grub_memmove 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2017-10929	2017-08-7 17:08	2017-07-5	Show	GitHub Exploit DB Packet Storm

191294	6.5	警告 Adjacent	TP-LINK Technologies	-	TP-Link NC250 デバイスのファームウェアにおける認証なしでビデオおよびオーディオを表示される脆弱性	CWE-287 不適切な認証	CVE-2017-10796	2017-08-7 17:08	2017-07-3	Show	GitHub Exploit DB Packet Storm

191295	9.8	緊急 Network	Framasoft	-	Framadate における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-1000039	2017-08-7 16:59	2017-02-20	Show	GitHub Exploit DB Packet Storm

191296	9.8	緊急 Network	GNOME Project	-	gtk-vnc におけるレンダリング時にメモリを破損される脆弱性	CWE-119 バッファエラー	CVE-2017-1000044	2017-08-7 16:55	2017-07-17	Show	GitHub Exploit DB Packet Storm

191297	6.1	警告 Network	Rocket.Chat	-	Rocket.Chat におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-1000054	2017-08-7 16:44	2017-04-15	Show	GitHub Exploit DB Packet Storm

191298	7.5	重要 Network	Wireshark	-	Wireshark におけるリソース管理に関する脆弱性	CWE-399 リソース管理の問題	CVE-2017-11411	2017-08-7 16:42	2017-06-1	Show	GitHub Exploit DB Packet Storm

191299	7.5	重要 Network	Wireshark	-	Wireshark におけるリソース管理に関する脆弱性	CWE-399 リソース管理の問題	CVE-2017-11410	2017-08-7 16:42	2017-04-12	Show	GitHub Exploit DB Packet Storm

191300	7.5	重要 Network	Wireshark	-	Wireshark におけるリソース管理に関する脆弱性	CWE-399 リソース管理の問題	CVE-2017-11409	2017-08-7 16:42	2017-07-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
711	-		-	-	Clerk JavaScript is the official JavaScript repository for Clerk authentication. has(), auth.protect(), and related authorization predicates in @clerk/shared, @clerk/nextjs, @clerk/backend, and other… Update	CWE-754 CWE-863 Improper Check for Unusual or Exceptional Conditions Incorrect Authorization	CVE-2026-42349	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

712	-		-	-	The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. From 1.2581.0 to before 1.4304.0, Claude Desktop's SSH remote development fea… New	CWE-297 CWE-322 Improper Validation of Certificate with Host Mismatch Key Exchange without Entity Authentication	CVE-2026-44467	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

713	-		-	-	The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Window… New	CWE-59 CWE-269 Link Following Improper Privilege Management	CVE-2026-44470	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

714	5.5	MEDIUM Local	-	-	Vercel’s AI Cloud is a unified platform for building modern applications. From 50.16.0 to 52.0.0, hen the Vercel CLI runs in non-interactive mode (--non-interactive or auto-detected AI agent), comma… New	CWE-200 CWE-532 Information Exposure Inclusion of Sensitive Information in Log Files	CVE-2026-44479	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

715	3.7	LOW Network	-	-	Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, an external client could send a x-nextjs-data header on a normal request to a path han… New	CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data	CVE-2026-44572	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

716	9.1	CRITICAL Network	-	-	auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the … Update	CWE-287 Improper Authentication	CVE-2026-42560	2026-05-14 01:58	2026-05-9	Show	GitHub Exploit DB Packet Storm

717	8.8	HIGH Network	-	-	OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Prior to 2.1.2, .github/workflows/pre-commit-fix.yaml uses pull_request_ta… Update	CWE-94 CWE-95 Code Injection Eval Injection	CVE-2026-42603	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

718	-		-	-	Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach t… Update	CWE-120 Classic Buffer Overflow	CVE-2026-42859	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

719	6.1	MEDIUM Network	-	-	fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace(/--/g, '- -'). This skip the values contain… New	CWE-91 Blind XPath Injection	CVE-2026-44664	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

720	-		-	-	New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-591… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42339	2026-05-14 01:53	2026-05-9	Show	GitHub Exploit DB Packet Storm