Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
213751 6.8 警告 アップル - Apple OS X の NetFS クライアントフレームワークにおけるファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4441 2014-10-22 17:19 2014-10-16 Show GitHub Exploit DB Packet Storm
213752 2.6 注意 アップル - Apple OS X の MCX デスクトップ構成プロファイルの実装における重要な情報を取得される脆弱性 CWE-16
環境設定 		CVE-2014-4440 2014-10-22 17:14 2014-10-16 Show GitHub Exploit DB Packet Storm
213753 4.3 警告 アップル - Apple OS X の LaunchServices におけるサンドボックス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-4437 2014-10-22 17:06 2014-10-16 Show GitHub Exploit DB Packet Storm
213754 4.4 警告 アップル - Apple OS X の "iCloud Find My Mac" 機能におけるアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2014-4435 2014-10-22 17:04 2014-10-16 Show GitHub Exploit DB Packet Storm
213755 4.9 警告 アップル - Apple OS X のカーネルにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-4434 2014-10-22 16:59 2014-10-16 Show GitHub Exploit DB Packet Storm
213756 4.4 警告 アップル - Apple OS X のカーネルにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-4433 2014-10-22 16:58 2014-10-16 Show GitHub Exploit DB Packet Storm
213757 4.6 警告 アップル - Apple OS X の Dock におけるウィンドウを表示される脆弱性 CWE-287
不適切な認証 		CVE-2014-4431 2014-10-22 16:55 2014-10-16 Show GitHub Exploit DB Packet Storm
213758 4 警告 アップル - Apple OS X の CoreStorage における平文データを取得される脆弱性 CWE-310
暗号の問題 		CVE-2014-4430 2014-10-22 16:53 2014-10-16 Show GitHub Exploit DB Packet Storm
213759 5 警告 アップル - Apple OS X のアプリケーションのサンドボックスにおけるサンドボックス保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4427 2014-10-22 16:51 2014-10-16 Show GitHub Exploit DB Packet Storm
213760 4.6 警告 アップル - Apple OS X の CFPreferences におけるアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2014-4425 2014-10-22 16:49 2014-10-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
371 7.6 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser inter… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-41912 2026-05-1 04:38 2026-04-29 Show GitHub Exploit DB Packet Storm
372 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit upload_file and u… New CWE-22
Path Traversal 		CVE-2026-41911 2026-05-1 04:38 2026-04-29 Show GitHub Exploit DB Packet Storm
373 4.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.8 omits owner-only enforcement for cross-channel allowlist writes in the /allowlist endpoint. An authorized non-owner sender can bypass access controls to perform allowlist mod… New CWE-863
 Incorrect Authorization 		CVE-2026-41910 2026-05-1 04:38 2026-04-29 Show GitHub Exploit DB Packet Storm
374 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk spa… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41408 2026-05-1 04:38 2026-04-29 Show GitHub Exploit DB Packet Storm
375 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.2 contains a timing side channel vulnerability in shared-secret comparison call sites that use early length-mismatch checks instead of fixed-length comparison helpers. Attacker… New CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-41407 2026-05-1 04:38 2026-04-29 Show GitHub Exploit DB Packet Storm
376 5.4 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability that allows remote attackers to access restricted messages. Attackers can exploit fetched quoted, root, and thread context m… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-41406 2026-05-1 04:37 2026-04-29 Show GitHub Exploit DB Packet Storm
377 7.5 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaustion. Remote attackers can send malicio… New CWE-408
 Incorrect Behavior Order: Early Amplification 		CVE-2026-41405 2026-05-1 04:37 2026-04-29 Show GitHub Exploit DB Packet Storm
378 7.3 HIGH
Network 		nextchat nextchat A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulatio… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-7178 2026-05-1 04:26 2026-04-28 Show GitHub Exploit DB Packet Storm
379 7.3 HIGH
Network 		nextchat nextchat A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation re… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-7177 2026-05-1 04:26 2026-04-28 Show GitHub Exploit DB Packet Storm
380 7.3 HIGH
Network 		mozilla firefox
thunderbird 		Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have… Update CWE-119
CWE-787
Incorrect Access of Indexable Resource ('Range Error') 
 Out-of-bounds Write 		CVE-2026-7323 2026-05-1 03:38 2026-04-29 Show GitHub Exploit DB Packet Storm