Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194921 5.5 警告
Local 		radare - radare2 の libr/include/r_endian.h の r_read_* 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6197 2017-03-16 18:19 2017-02-20 Show GitHub Exploit DB Packet Storm
194922 5.5 警告
Local 		LibTIFF - LibTIFF の tif_dir.c の _TIFFVGetField 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-10095 2017-03-16 18:07 2016-12-4 Show GitHub Exploit DB Packet Storm
194923 7.8 重要
Local 		LibTIFF - LibTIFF の tools/tiff2pdf.c の t2p_readwrite_pdf_image_tile 関数における脆弱性 CWE-189
数値処理の問題 		CVE-2016-10094 2017-03-16 18:07 2016-12-21 Show GitHub Exploit DB Packet Storm
194924 7.8 重要
Local 		LibTIFF - LibTIFF の tools/tiffcp.c における整数オーバーフローの脆弱性 CWE-119
CWE-190
CVE-2016-10093 2017-03-16 18:07 2016-12-4 Show GitHub Exploit DB Packet Storm
194925 7.8 重要
Local 		LibTIFF - LibTIFF の tif_unix.c の readContigStripsIntoBuffer 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-10092 2017-03-16 18:07 2016-12-3 Show GitHub Exploit DB Packet Storm
194926 6.1 警告
Network 		Poodll.com. - Moodle 用 PoodLL Filter プラグインにおける任意の HTML およびスクリプトコードを実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5945 2017-03-16 17:54 2017-01-9 Show GitHub Exploit DB Packet Storm
194927 5.4 警告
Network 		Tenable, Inc. - Tenable Log Correlation Engine におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9261 2017-03-16 17:53 2016-09-7 Show GitHub Exploit DB Packet Storm
194928 5.4 警告
Network 		Tenable, Inc. - Tenable Nessus におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9259 2017-03-16 17:53 2016-11-9 Show GitHub Exploit DB Packet Storm
194929 6.1 警告
Network 		Emoncms - Emoncms における任意の HTML およびスクリプトコードを実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5964 2017-03-16 17:51 2017-02-12 Show GitHub Exploit DB Packet Storm
194930 5.5 警告
Local 		Fabrice Bellard - Virtio GPU Device エミュレーションサポートでビルドされた QEMU におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2016-10029 2017-03-16 17:51 2016-05-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
721 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.2 contains a timing side channel vulnerability in shared-secret comparison call sites that use early length-mismatch checks instead of fixed-length comparison helpers. Attacker… CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-41407 2026-05-1 04:38 2026-04-29 Show GitHub Exploit DB Packet Storm
722 5.4 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability that allows remote attackers to access restricted messages. Attackers can exploit fetched quoted, root, and thread context m… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-41406 2026-05-1 04:37 2026-04-29 Show GitHub Exploit DB Packet Storm
723 7.5 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaustion. Remote attackers can send malicio… CWE-408
 Incorrect Behavior Order: Early Amplification 		CVE-2026-41405 2026-05-1 04:37 2026-04-29 Show GitHub Exploit DB Packet Storm
724 7.3 HIGH
Network 		nextchat nextchat A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulatio… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-7178 2026-05-1 04:26 2026-04-28 Show GitHub Exploit DB Packet Storm
725 7.3 HIGH
Network 		nextchat nextchat A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation re… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-7177 2026-05-1 04:26 2026-04-28 Show GitHub Exploit DB Packet Storm
726 7.3 HIGH
Network 		mozilla firefox
thunderbird 		Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have… CWE-119
CWE-787
Incorrect Access of Indexable Resource ('Range Error') 
 Out-of-bounds Write 		CVE-2026-7323 2026-05-1 03:38 2026-04-29 Show GitHub Exploit DB Packet Storm
727 9.6 CRITICAL
Network 		google chrome Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-7333 2026-05-1 03:30 2026-04-29 Show GitHub Exploit DB Packet Storm
728 8.8 HIGH
Network 		google chrome Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-7334 2026-05-1 03:29 2026-04-29 Show GitHub Exploit DB Packet Storm
729 8.8 HIGH
Network 		google chrome Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-7335 2026-05-1 03:29 2026-04-29 Show GitHub Exploit DB Packet Storm
730 8.8 HIGH
Network 		google chrome Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-7336 2026-05-1 03:28 2026-04-29 Show GitHub Exploit DB Packet Storm