Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
200301	6	警告 Local	Fabrice Bellard	-	QEMU の hw/usb/hcd-ehci.c の ehci_process_itd 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-7995	2016-12-13 16:01	2016-09-26	Show	GitHub Exploit DB Packet Storm

200302	6	警告 Local	Fabrice Bellard	-	QEMU の hw/display/virtio-gpu.c の virtio_gpu_resource_create_2d 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-7994	2016-12-13 16:01	2016-09-18	Show	GitHub Exploit DB Packet Storm

200303	6	警告 Local	Fabrice Bellard	-	QEMU の hw/usb/hcd-xhci.c の usb_xhci_exit 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-7466	2016-12-13 16:01	2016-09-13	Show	GitHub Exploit DB Packet Storm

200304	6	警告 Local	Fabrice Bellard	-	QEMU の hw/virtio/virtio.c の virtqueue_map_desc 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2016-7422	2016-12-13 16:01	2016-09-15	Show	GitHub Exploit DB Packet Storm

200305	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/scsi/vmw_pvscsi.c の pvscsi_ring_pop_req_descr 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-7421	2016-12-13 16:01	2016-09-15	Show	GitHub Exploit DB Packet Storm

200306	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/display/vmware_vga.c の vmsvga_fifo_run 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-787 境界外書き込み	CVE-2016-7170	2016-12-13 16:01	2016-09-8	Show	GitHub Exploit DB Packet Storm

200307	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/scsi/mptconfig.c の mptsas_config_manufacturing_1 および mptsas_config_ioc_0 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-7157	2016-12-13 16:01	2016-08-31	Show	GitHub Exploit DB Packet Storm

200308	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/scsi/vmw_pvscsi.c の pvscsi_convert_sglist 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-7156	2016-12-13 16:01	2016-09-6	Show	GitHub Exploit DB Packet Storm

200309	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/scsi/vmw_pvscsi.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 CWE-399	CVE-2016-7155	2016-12-13 16:01	2016-09-1	Show	GitHub Exploit DB Packet Storm

200310	6	警告 Local	Fabrice Bellard	-	QEMU の hw/9pfs/9p.c におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-7116	2016-12-13 16:00	2016-08-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1321	2.5	LOW Local	saitoha	libsixel	libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel_decode_raw and sixel_decode causes a NULL pointe…	CWE-476 CWE-690 NULL Pointer Dereference Unchecked Return Value to NULL Pointer Dereference	CVE-2026-44638	2026-05-16 02:54	2026-05-15	Show	GitHub Exploit DB Packet Storm

1322	5.4	MEDIUM Network	lfprojects	mcp_registry	The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the public catalogue UI served at GET / (file internal/api/handlers/v0/ui_index.ht…	CWE-79 CWE-116 Cross-site Scripting Improper Encoding or Escaping of Output	CVE-2026-44429	2026-05-16 02:52	2026-05-15	Show	GitHub Exploit DB Packet Storm

1323	7.2	HIGH Network	misp	misp	MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed an authenticated organ…	CWE-863 Incorrect Authorization	CVE-2026-44380	2026-05-16 02:42	2026-05-14	Show	GitHub Exploit DB Packet Storm

1324	5.3	MEDIUM Network	misp	misp	MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow …	CWE-89 SQL Injection	CVE-2026-44381	2026-05-16 02:37	2026-05-14	Show	GitHub Exploit DB Packet Storm

1325	8.1	HIGH Network	fit2cloud	sqlbot	SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR (Insecure Direct Object Reference) and Authorization Bypass …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-42463	2026-05-16 02:34	2026-05-14	Show	GitHub Exploit DB Packet Storm

1326	9.1	CRITICAL Network	opnsense	opnsense	OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restore_config_section fails to sanitize user supplied input leading to Remote Code Execution. T…	CWE-88 Argument Injection	CVE-2026-44193	2026-05-16 02:30	2026-05-14	Show	GitHub Exploit DB Packet Storm

1327	4.7	MEDIUM Network	lfprojects	mcp_registry	The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.6, the client-side and server-side GitHub OIDC flow is bound only to a global audienc…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-44428	2026-05-16 02:23	2026-05-15	Show	GitHub Exploit DB Packet Storm

1328	9.1	CRITICAL Network	opnsense	opnsense	OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution (RCE) vulnerability in the OPNsense core allows a user with user-management privileg…	CWE-78 OS Command	CVE-2026-44194	2026-05-16 02:19	2026-05-14	Show	GitHub Exploit DB Packet Storm

1329	6.5	MEDIUM Network	shellhub	shellhub	ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/sessions/:uid returns the full session object for any authenticated caller, without scoping by the caller's tenant. An authenticated u…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-44423	2026-05-16 02:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

1330	7.5	HIGH Network	zitadel	zitadel	ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discovered in Zitadel's LDAP identity provider implementation, which fails to pro…	CWE-90 LDAP Injection	CVE-2026-44671	2026-05-16 02:15	2026-05-15	Show	GitHub Exploit DB Packet Storm