Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200121 7.8 重要
Local 		Igor Sysoev - Debian および Ubuntu 上で稼動する nginx パッケージにおける root 権限を取得される脆弱性 CWE-59
リンク解釈の問題 		CVE-2016-1247 2016-11-30 17:27 2016-11-15 Show GitHub Exploit DB Packet Storm
200122 7.8 重要
Local 		Linux
Canonical		 - Ubuntu の linux パッケージの overlayfs の実装における root アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-1328 2016-11-30 16:50 2015-06-15 Show GitHub Exploit DB Packet Storm
200123 5.5 警告
Local 		Linux - Linux Kernel の TCP スタックにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-8645 2016-11-30 16:32 2016-11-21 Show GitHub Exploit DB Packet Storm
200124 5.5 警告
Local 		Linux - Linux Kernel の crypto/algif_skcipher.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2015-8970 2016-11-30 16:32 2015-12-25 Show GitHub Exploit DB Packet Storm
200125 5.5 警告
Local 		Linux - Linux Kernel の crypto/algif_hash.c の hash_accept 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2016-8646 2016-11-30 16:04 2016-02-19 Show GitHub Exploit DB Packet Storm
200126 5.5 警告
Local 		Linux - Linux Kernel の lib/mpi/mpi-pow.c の mpi_powm 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-399
CVE-2016-8650 2016-11-30 16:04 2016-11-24 Show GitHub Exploit DB Packet Storm
200127 7.8 重要
Local 		Linux - Linux Kernel の security/keys/big_key.c におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2016-9313 2016-11-30 16:04 2016-11-10 Show GitHub Exploit DB Packet Storm
200128 7.8 重要
Local 		Linux - Linux Kernel の arch/x86/include/asm/uaccess.h における non-SMEP プラットフォーム上で root アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9644 2016-11-30 15:49 2016-11-1 Show GitHub Exploit DB Packet Storm
200129 9.8 緊急
Network 		Linux - Linux Kernel の net/sctp/sm_statefuns.c の sctp_sf_ootb 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-9555 2016-11-30 15:49 2016-11-15 Show GitHub Exploit DB Packet Storm
200130 5.5 警告
Local 		Linux - Linux Kernel の cgroup オフラインの実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-399
CVE-2016-9191 2016-11-30 15:49 2016-11-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1611 8.4 HIGH
Local 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run_command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-43990 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
1612 8.4 HIGH
Local 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constru… CWE-78
CWE-184
OS Command 
 Incomplete Blacklist 		CVE-2026-43991 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
1613 9.8 CRITICAL
Network 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool (send_tokens, execute_contract, instantiate_contract, upload_wasm, ibc_transfer, etc.) accept… CWE-200
CWE-312
CWE-522
CWE-532
Information Exposure
 Cleartext Storage of Sensitive Information
 Insufficiently Protected Credentials
 Inclusion of Sensitive Information in Log Files 		CVE-2026-43992 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
1614 8.2 HIGH
Network 		- - JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch() on agent-supplied URLs without validating scheme, port, or reso… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-43993 2026-05-14 02:00 2026-05-13 Show GitHub Exploit DB Packet Storm
1615 5.5 MEDIUM
Local 		jqlang jq jq is a command-line JSON processor. In 1.8.1 and earlier, jv_contains recurses into nested arrays/objects with no depth limit. With a sufficiently nested input structure (built programmatically with… CWE-674
 Uncontrolled Recursion 		CVE-2026-40612 2026-05-14 02:00 2026-05-12 Show GitHub Exploit DB Packet Storm
1616 7.5 HIGH
Network 		golang go A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module pr… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-42501 2026-05-14 01:59 2026-05-8 Show GitHub Exploit DB Packet Storm
1617 7.5 HIGH
Network 		golang go Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322. NVD-CWE-noinfo
CVE-2026-42499 2026-05-14 01:59 2026-05-8 Show GitHub Exploit DB Packet Storm
1618 6.1 MEDIUM
Network 		golang go If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2026-39826 2026-05-14 01:59 2026-05-8 Show GitHub Exploit DB Packet Storm
1619 5.3 MEDIUM
Network 		golang go ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitize… NVD-CWE-noinfo
CVE-2026-39825 2026-05-14 01:58 2026-05-8 Show GitHub Exploit DB Packet Storm
1620 6.1 MEDIUM
Network 		golang go CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune ins… CWE-79
Cross-site Scripting 		CVE-2026-39823 2026-05-14 01:58 2026-05-8 Show GitHub Exploit DB Packet Storm