Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196191 8.8 重要
Network 		Jensen of Scandinavia AS - 複数の Jensen of Scandinavia AS Air:Link デバイスにおけるスタックのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-10273 2017-05-1 17:32 2016-12-29 Show GitHub Exploit DB Packet Storm
196192 7.5 重要
Network 		Huawei - Huawei WS318 ファームウェアにおける PRNG における不十分なエントロピーに関する脆弱性 CWE-332
PRNG における不十分なエントロピー 		CVE-2014-9690 2017-05-1 16:40 2014-12-24 Show GitHub Exploit DB Packet Storm
196193 7.5 重要
Network 		Huawei - Huawei Eudemon8000E ファームウェアにおけるリソース管理に関する脆弱性 CWE-399
リソース管理の問題 		CVE-2014-3221 2017-05-1 16:40 2014-01-27 Show GitHub Exploit DB Packet Storm
196194 6.1 警告
Network 		Open eClass project - Open eClass におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-7389 2017-05-1 16:38 2017-03-29 Show GitHub Exploit DB Packet Storm
196195 6.1 警告
Network 		WallacePOS project - WallacePOS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-7388 2017-05-1 16:37 2017-03-29 Show GitHub Exploit DB Packet Storm
196196 6.1 警告
Network 		HelpMeWatchWho project - HelpMeWatchWho におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-7387 2017-05-1 16:37 2017-03-24 Show GitHub Exploit DB Packet Storm
196197 7.8 重要
Local 		openSUSE project
kernel.org
Fedora Project		 - util-linux におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2014-9114 2017-05-1 16:34 2014-11-27 Show GitHub Exploit DB Packet Storm
196198 8.8 重要
Network 		Google - 複数の OS 上で稼動する Google Chrome の FFmpeg における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2017-5051 2017-05-1 16:30 2017-03-9 Show GitHub Exploit DB Packet Storm
196199 8.8 重要
Network 		Google - 複数の OS 上で稼動する Google Chrome の FFmpeg における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2017-5050 2017-05-1 16:30 2017-03-9 Show GitHub Exploit DB Packet Storm
196200 8.8 重要
Network 		Google - 複数の OS 上で稼動する Google Chrome の FFmpeg における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2017-5049 2017-05-1 16:30 2017-03-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2101 5.5 MEDIUM
Local 		jqlang jq jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter fil… CWE-158
 Improper Neutralization of Null Byte or NUL Character 		CVE-2026-41256 2026-05-14 02:00 2026-05-12 Show GitHub Exploit DB Packet Storm
2102 8.4 HIGH
Local 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run_command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-43990 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
2103 8.4 HIGH
Local 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constru… CWE-78
CWE-184
OS Command 
 Incomplete Blacklist 		CVE-2026-43991 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
2104 9.8 CRITICAL
Network 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool (send_tokens, execute_contract, instantiate_contract, upload_wasm, ibc_transfer, etc.) accept… CWE-200
CWE-312
CWE-522
CWE-532
Information Exposure
 Cleartext Storage of Sensitive Information
 Insufficiently Protected Credentials
 Inclusion of Sensitive Information in Log Files 		CVE-2026-43992 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
2105 8.2 HIGH
Network 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch() on agent-supplied URLs without validating scheme, port, or reso… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-43993 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
2106 5.5 MEDIUM
Local 		jqlang jq jq is a command-line JSON processor. In 1.8.1 and earlier, jv_contains recurses into nested arrays/objects with no depth limit. With a sufficiently nested input structure (built programmatically with… CWE-674
 Uncontrolled Recursion 		CVE-2026-40612 2026-05-14 02:00 2026-05-12 Show GitHub Exploit DB Packet Storm
2107 7.5 HIGH
Network 		golang go A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module pr… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-42501 2026-05-14 01:59 2026-05-8 Show GitHub Exploit DB Packet Storm
2108 7.5 HIGH
Network 		golang go Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322. NVD-CWE-noinfo
CVE-2026-42499 2026-05-14 01:59 2026-05-8 Show GitHub Exploit DB Packet Storm
2109 6.1 MEDIUM
Network 		golang go If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2026-39826 2026-05-14 01:59 2026-05-8 Show GitHub Exploit DB Packet Storm
2110 5.3 MEDIUM
Network 		golang go ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitize… NVD-CWE-noinfo
CVE-2026-39825 2026-05-14 01:58 2026-05-8 Show GitHub Exploit DB Packet Storm