Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2121 9.8 緊急
Network 		ThemeMove UniCamp ThemeMoveのWordPress用UniCampにおけるPHP リモートファイルインクルージョンの脆弱性 CWE-98
PHP リモートファイルインクルージョン 		CVE-2025-54701 2026-02-6 10:40 2025-08-14 Show GitHub Exploit DB Packet Storm
2122 5.3 警告
Network 		Codeshare Codeshare Codeshareにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2025-60925 2026-02-6 10:40 2025-11-4 Show GitHub Exploit DB Packet Storm
2123 6.1 警告
Network 		Zucchetti s.p.a. Infinity Zucchetti
ZMaintenance Infinity 		Zucchetti s.p.a.のZMaintenance Infinity等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-61431 2026-02-6 10:40 2025-11-4 Show GitHub Exploit DB Packet Storm
2124 9.1 緊急
Network 		Shopify remix-run/deno
@remix-run/node
@react-router/node 		Shopifyの@react-router/node等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2025-61686 2026-02-6 10:40 2026-01-10 Show GitHub Exploit DB Packet Storm
2125 9.8 緊急
Network 		EUROLAB srl ELTS 100 Firmware EUROLAB srlのELTS 100 Firmwareにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2025-63225 2026-02-6 10:40 2025-11-18 Show GitHub Exploit DB Packet Storm
2126 3.5
Adjacent 		Freebox Freebox One Firmware
Freebox v5 HD Firmware
Freebox v5 Crystal Firmware
Freebox v6 Revolution Firmware
Freebox Mini 4K&nbs… 		FreeboxのFreebox Mini 4K Firmware等の複数製品における重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2025-63292 2026-02-6 10:40 2025-11-17 Show GitHub Exploit DB Packet Storm
2127 6.5 警告
Network 		workdo HRM SaaS WorkDoのHRM SaaSにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2025-63294 2026-02-6 10:40 2025-11-4 Show GitHub Exploit DB Packet Storm
2128 7.5 重要
Network 		kiloview E3 Firmware Kiloview Electronics Co., Ltd.のE3 Firmwareにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2025-63560 2026-02-6 10:40 2025-11-6 Show GitHub Exploit DB Packet Storm
2129 6.5 警告
Network 		GuoMinJim PersonManage GuoMinJimのPersonManageにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2025-63686 2026-02-6 10:40 2025-11-7 Show GitHub Exploit DB Packet Storm
2130 5.4 警告
Network 		Magento, Inc. E-Commerce Bhabishya-123のE-commerceにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-63883 2026-02-6 10:40 2025-11-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
401 5.5 MEDIUM
Local 		uutils coreutils A logic error in the cut utility of uutils coreutils causes the program to incorrectly interpret the literal two-byte string '' (two single quotes) as an empty delimiter. The implementation mistakenl… Update CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-35380 2026-04-30 00:57 2026-04-23 Show GitHub Exploit DB Packet Storm
402 5.4 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a logic error in Discord component interaction routing that misclassifies group direct messages as direct messages in extensions/discord/src/monitor/agent-component… Update CWE-351
 Insufficient Type Distinction 		CVE-2026-41341 2026-04-30 00:56 2026-04-24 Show GitHub Exploit DB Packet Storm
403 8.1 HIGH
Adjacent 		openclaw openclaw OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Att… Update CWE-346
 Origin Validation Error 		CVE-2026-41342 2026-04-30 00:55 2026-04-24 Show GitHub Exploit DB Packet Storm
404 8.8 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attack… Update CWE-863
 Incorrect Authorization 		CVE-2026-41344 2026-04-30 00:52 2026-04-24 Show GitHub Exploit DB Packet Storm
405 10.0 CRITICAL
Network 		voidzero vite\+ Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `downloadPackageManager()` accepts an untrusted `version` string and uses it directly in filesystem paths. A… Update CWE-22
Path Traversal 		CVE-2026-41211 2026-04-30 00:49 2026-04-23 Show GitHub Exploit DB Packet Storm
406 7.8 HIGH
Local 		parzivalhack pyspector PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to preve… Update CWE-184
 Incomplete Blacklist 		CVE-2026-41206 2026-04-30 00:48 2026-04-23 Show GitHub Exploit DB Packet Storm
407 5.4 MEDIUM
Network 		siemvk openlearn OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when `safeMode` is enabled, unapproved forum posts are hidden from the public list, but … Update CWE-284
Improper Access Control 		CVE-2026-41243 2026-04-30 00:39 2026-04-23 Show GitHub Exploit DB Packet Storm
408 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release() unregisters raw CAN receive filters via can_rx_unregister(), but… Update CWE-416
 Use After Free 		CVE-2026-31532 2026-04-30 00:26 2026-04-23 Show GitHub Exploit DB Packet Storm
409 7.3 HIGH
Network 		- - A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c. This impacts the function search_papers of the file research_se… New CWE-22
Path Traversal 		CVE-2026-7384 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
410 8.8 HIGH
Network 		- - Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus … New CWE-59
Link Following 		CVE-2026-5161 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm