Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1191	6.5	警告 Network	Fudo Security	Fudo Enterprise	Fudo SecurityのFudo Enterpriseにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2025-13480	2026-05-13 10:27	2026-04-20	Show	GitHub Exploit DB Packet Storm

1192	9.8	緊急 Network	Delta Electronics, INC.	AS320T Firmware	Delta Electronics, INC.のAS320T Firmwareにおけるバッファサイズの計算の誤りに関する脆弱性	CWE-131 正しくないバッファサイズ計算	CVE-2026-1949	2026-05-13 10:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

1193	9.8	緊急 Network	Delta Electronics, INC.	AS320T Firmware	Delta Electronics, INC.のAS320T Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-1950	2026-05-13 10:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

1194	9.8	緊急 Network	Delta Electronics, INC.	AS320T Firmware	Delta Electronics, INC.のAS320T Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-1951	2026-05-13 10:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

1195	7.5	重要 Network	Delta Electronics, INC.	AS320T Firmware	Delta Electronics, INC.のAS320T Firmwareにおける非公開の機能に関する脆弱性	CWE-912 非公開の機能	CVE-2026-1952	2026-05-13 10:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

1196	9.1	緊急 Network	DDEV	DDEV	DDEVにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-32885	2026-05-13 10:27	2026-04-22	Show	GitHub Exploit DB Packet Storm

1197	6.5	警告 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-3340	2026-05-13 10:27	2026-04-30	Show	GitHub Exploit DB Packet Storm

1198	6.5	警告 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-3345	2026-05-13 10:27	2026-04-30	Show	GitHub Exploit DB Packet Storm

1199	6.4	警告 Network	langflow	Langflow Desktop	langflowのLangflow DesktopにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-3346	2026-05-13 10:27	2026-04-30	Show	GitHub Exploit DB Packet Storm

1200	4.8	警告 Network	V2Board	V2Board	V2Boardにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-37503	2026-05-13 10:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1831	-		-	-	The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. From 1.2581.0 to before 1.4304.0, Claude Desktop's SSH remote development fea…	CWE-297 CWE-322 Improper Validation of Certificate with Host Mismatch Key Exchange without Entity Authentication	CVE-2026-44467	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

1832	9.1	CRITICAL Network	-	-	auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the …	CWE-287 Improper Authentication	CVE-2026-42560	2026-05-14 01:58	2026-05-9	Show	GitHub Exploit DB Packet Storm

1833	8.8	HIGH Network	-	-	OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Prior to 2.1.2, .github/workflows/pre-commit-fix.yaml uses pull_request_ta…	CWE-94 CWE-95 Code Injection Eval Injection	CVE-2026-42603	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

1834	-		-	-	Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach t…	CWE-120 Classic Buffer Overflow	CVE-2026-42859	2026-05-14 01:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

1835	6.1	MEDIUM Network	-	-	fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace(/--/g, '- -'). This skip the values contain…	CWE-91 Blind XPath Injection	CVE-2026-44664	2026-05-14 01:58	2026-05-14	Show	GitHub Exploit DB Packet Storm

1836	-		-	-	New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-591…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42339	2026-05-14 01:53	2026-05-9	Show	GitHub Exploit DB Packet Storm

1837	6.5	MEDIUM Network	-	-	kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer (Kusto). Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the k…	CWE-943 Improper Neutralization of Special Elements in Data Query Logic	CVE-2026-42316	2026-05-14 01:53	2026-05-12	Show	GitHub Exploit DB Packet Storm

1838	6.2	MEDIUM Local	-	-	Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expand_rows() can corrupt the relationship between the grid’s logical dimensions and …	CWE-190 Integer Overflow or Wraparound	CVE-2026-42199	2026-05-14 01:52	2026-05-9	Show	GitHub Exploit DB Packet Storm

1839	6.5	MEDIUM Network	-	-	FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_mes…	CWE-369 Divide By Zero	CVE-2026-42209	2026-05-14 01:52	2026-05-9	Show	GitHub Exploit DB Packet Storm

1840	-		-	-	Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to versions 2.11.1-lts, 2.16.0-lts, and 2.17.0, the generated authentication filter …	CWE-200 Information Exposure	CVE-2026-42333	2026-05-14 01:52	2026-05-10	Show	GitHub Exploit DB Packet Storm