Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197101	7.5	重要 Network	libdwarf project	-	libdwarf の get_attr_value 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-5039	2017-03-7 16:56	2016-05-5	Show	GitHub Exploit DB Packet Storm

197102	7.5	重要 Network	libdwarf project	-	libdwarf の dwarf_macro5.c の dwarf_get_macro_startend_file 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-5038	2017-03-7 16:56	2016-05-5	Show	GitHub Exploit DB Packet Storm

197103	5.5	警告 Local	libdwarf project	-	libdwarf の _dwarf_load_section 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2016-5037	2017-03-7 16:56	2016-05-5	Show	GitHub Exploit DB Packet Storm

197104	7.5	重要 Network	libdwarf project	-	libdwarf の print_sections.c の dump_block 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-5036	2017-03-7 16:56	2016-05-6	Show	GitHub Exploit DB Packet Storm

197105	5.5	警告 Local	libdwarf project	-	libdwarf の dwarf_line_table_reader.c の _dwarf_read_line_table_header 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-5035	2017-03-7 16:56	2016-05-6	Show	GitHub Exploit DB Packet Storm

197106	5.5	警告 Local	libdwarf project	-	libdwarf の dwarf_elf_access.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-787 境界外書き込み	CVE-2016-5034	2017-03-7 16:56	2016-05-13	Show	GitHub Exploit DB Packet Storm

197107	5.5	警告 Local	libdwarf project	-	libdwarf の print_exprloc_content 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-5033	2017-03-7 16:56	2016-05-17	Show	GitHub Exploit DB Packet Storm

197108	5.5	警告 Local	libdwarf project	-	libdwarf の dwarf_get_xu_hash_entry 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-5032	2017-03-7 16:56	2016-05-17	Show	GitHub Exploit DB Packet Storm

197109	5.5	警告 Local	libdwarf project	-	libdwarf の print_frame_inst_bytes 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-5031	2017-03-7 16:56	2016-05-17	Show	GitHub Exploit DB Packet Storm

197110	5.5	警告 Local	libdwarf project	-	libdwarf の _dwarf_calculate_info_section_end_ptr 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2016-5030	2017-03-7 16:56	2016-05-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
711	-		-	-	Clerk JavaScript is the official JavaScript repository for Clerk authentication. has(), auth.protect(), and related authorization predicates in @clerk/shared, @clerk/nextjs, @clerk/backend, and other… Update	CWE-754 CWE-863 Improper Check for Unusual or Exceptional Conditions Incorrect Authorization	CVE-2026-42349	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

712	-		-	-	The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. From 1.2581.0 to before 1.4304.0, Claude Desktop's SSH remote development fea… New	CWE-297 CWE-322 Improper Validation of Certificate with Host Mismatch Key Exchange without Entity Authentication	CVE-2026-44467	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

713	-		-	-	The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Window… New	CWE-59 CWE-269 Link Following Improper Privilege Management	CVE-2026-44470	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

714	5.5	MEDIUM Local	-	-	Vercel’s AI Cloud is a unified platform for building modern applications. From 50.16.0 to 52.0.0, hen the Vercel CLI runs in non-interactive mode (--non-interactive or auto-detected AI agent), comma… New	CWE-200 CWE-532 Information Exposure Inclusion of Sensitive Information in Log Files	CVE-2026-44479	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

715	3.7	LOW Network	-	-	Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, an external client could send a x-nextjs-data header on a normal request to a path han… New	CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data	CVE-2026-44572	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

716	9.1	CRITICAL Network	-	-	auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the … Update	CWE-287 Improper Authentication	CVE-2026-42560	2026-05-14 01:58	2026-05-9	Show	GitHub Exploit DB Packet Storm

717	8.8	HIGH Network	-	-	OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Prior to 2.1.2, .github/workflows/pre-commit-fix.yaml uses pull_request_ta… Update	CWE-94 CWE-95 Code Injection Eval Injection	CVE-2026-42603	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

718	-		-	-	Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach t… Update	CWE-120 Classic Buffer Overflow	CVE-2026-42859	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

719	6.1	MEDIUM Network	-	-	fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace(/--/g, '- -'). This skip the values contain… New	CWE-91 Blind XPath Injection	CVE-2026-44664	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

720	-		-	-	New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-591… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42339	2026-05-14 01:53	2026-05-9	Show	GitHub Exploit DB Packet Storm