Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
236561	10	危険	IBM	-	IBM TPMfOSD の HTTP サーバにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0401	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

236562	4.3	警告	singapore modern	-	Singapore 用の modern template におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0400	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

236563	5	警告	Kayako	-	Kayako SupportSuite におけるサーバー設定情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-0395	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

236564	9.3	危険	マイクロソフト	-	Microsoft Visual Basic Enterprise Edition 6.0 SP6 におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0392	2012-09-25 16:59	2008-01-22	Show	GitHub Exploit DB Packet Storm

236565	4.9	警告	OpenBSD	-	OpenBSD におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2008-0384	2012-09-25 16:59	2008-01-11	Show	GitHub Exploit DB Packet Storm

236566	7.5	危険	MyBB Group	-	MyBB における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0383	2012-09-25 16:59	2008-01-22	Show	GitHub Exploit DB Packet Storm

236567	7.5	危険	mybulletinboard	-	MyBB における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-0382	2012-09-25 16:59	2008-01-22	Show	GitHub Exploit DB Packet Storm

236568	4.3	警告	Mahara	-	Mahara における脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0381	2012-09-25 16:59	2008-01-22	Show	GitHub Exploit DB Packet Storm

236569	6.8	警告	日本電気	-	SocksCap におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0378	2012-09-25 16:59	2008-01-22	Show	GitHub Exploit DB Packet Storm

236570	10	危険	news	-	MicroNews における管理権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-0377	2012-09-25 16:59	2008-01-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
341	-		-	-	Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidenti… New	CWE-306 Missing Authentication for Critical Function	CVE-2025-62619	2026-05-15 00:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

342	-		-	-	Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resource… New	CWE-269 Improper Privilege Management	CVE-2025-62625	2026-05-15 00:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

343	-		-	-	Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution. New	CWE-427 Uncontrolled Search Path Element	CVE-2025-62628	2026-05-15 00:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

344	5.5	MEDIUM Local	microsoft	windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2025	Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally. New	CWE-125 Out-of-bounds Read	CVE-2026-35419	2026-05-15 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

345	7.1	HIGH Local	m2team	nanazip	NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered … New	CWE-125 Out-of-bounds Read	CVE-2026-42446	2026-05-15 00:49	2026-05-13	Show	GitHub Exploit DB Packet Storm

346	7.1	HIGH Network	m2team	nanazip	NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is … New	CWE-787 Out-of-bounds Write	CVE-2026-44215	2026-05-15 00:48	2026-05-13	Show	GitHub Exploit DB Packet Storm

347	8.8	HIGH Adjacent	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network. New	CWE-122 Heap-based Buffer Overflow	CVE-2026-34329	2026-05-15 00:43	2026-05-13	Show	GitHub Exploit DB Packet Storm

348	7.5	HIGH Network	vllm	vllm	vLLM is an inference and serving engine for large language models (LLMs). From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, tex… New	CWE-129 Improper Validation of Array Index	CVE-2026-44222	2026-05-15 00:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

349	10.0	CRITICAL Network	vm2_project	vm2	vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, it is possible to obtain the host Object. There are various ways to use the host Object, to escape the sandbox, one example would be usi… New	CWE-94 Code Injection	CVE-2026-43997	2026-05-15 00:37	2026-05-14	Show	GitHub Exploit DB Packet Storm

350	6.5	MEDIUM Network	vllm	vllm	vLLM is an inference and serving engine for large language models (LLMs). From to before 0.20.0, the extract_hidden_states speculative decoding proposer in vLLM returns a tensor with an incorrect sh… New	CWE-131 CWE-704 Incorrect Calculation of Buffer Size Incorrect Type Conversion or Cast	CVE-2026-44223	2026-05-15 00:37	2026-05-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed