Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
214691	5	警告	Pivotal Software, Inc.	-	Pivotal Grails 用 Resources プラグインのデフォルト設定における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2857	2014-04-21 15:39	2014-02-19	Show	GitHub Exploit DB Packet Storm

214692	5	警告	Pivotal Software, Inc.	-	Pivotal Grails 用 Resources プラグインのデフォルト設定における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0053	2014-04-21 15:38	2014-02-19	Show	GitHub Exploit DB Packet Storm

214693	2.1	注意	Apache Software Foundation レッドハット	-	Apache Zookeeper における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-0085	2014-04-21 15:36	2014-04-14	Show	GitHub Exploit DB Packet Storm

214694	5.8	警告	Fedora Project レッドハット	-	libvirt の LXC ドライバにおける任意のホストデバイスを削除される脆弱性	CWE-59 リンク解釈の問題	CVE-2013-6456	2014-04-21 13:52	2013-12-17	Show	GitHub Exploit DB Packet Storm

214695	4.3	警告	Advanced Packaging Tool	-	Advanced Package Tool の apt-pkg/acquire-item.cc における任意のパッケージをインストールされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0214	2014-04-21 12:18	2012-03-4	Show	GitHub Exploit DB Packet Storm

214696	6.9	警告	Canonical	-	Ubuntu 上で稼動する libpam-modules の pam_motd における権限を取得される脆弱性	CWE-Other その他	CVE-2011-3628	2014-04-21 11:37	2011-10-24	Show	GitHub Exploit DB Packet Storm

214697	6	警告	レッドハット	-	複数の Red Hat 製品の監視プローブ表示における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2236	2014-04-21 11:10	2010-06-24	Show	GitHub Exploit DB Packet Storm

214698	4.4	警告	OpenFabrics Alliance	-	RHEL 6 および 5 の ibutils パッケージの ibmssh 実行ファイル用の特定の Red Hat ビルドスクリプトにおける権限を取得される脆弱性	CWE-22 パス・トラバーサル	CVE-2008-3277	2014-04-21 11:08	2008-08-5	Show	GitHub Exploit DB Packet Storm

214699	5.5	警告	DELL EMC (旧 EMC Corporation)	-	EMC Documentum Content Server におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0642	2014-04-18 18:50	2014-04-11	Show	GitHub Exploit DB Packet Storm

214700	4.9	警告	VMware	-	Windows 上で稼働する VMware Workstation および VMware Player の vmx86.sys におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2014-2384	2014-04-18 17:10	2014-03-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
411	7.3	HIGH Adjacent	-	-	OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Att… New	CWE-346 Origin Validation Error	CVE-2026-41342	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

412	5.3	MEDIUM Network	-	-	OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook e… New	CWE-799 Improper Control of Interaction Frequency	CVE-2026-41343	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

413	5.4	MEDIUM Network	-	-	OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attack… New	CWE-863 Incorrect Authorization	CVE-2026-41344	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

414	5.3	MEDIUM Network	-	-	OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by… New	CWE-522 Insufficiently Protected Credentials	CVE-2026-41345	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

415	5.3	MEDIUM Network	-	-	OpenClaw 2026.2.26 before 2026.3.31 enforces pending pairing-request caps per channel file instead of per account, allowing attackers to exhaust the shared pending window. Remote attackers can submit… New	CWE-799 Improper Control of Interaction Frequency	CVE-2026-41346	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

416	7.1	HIGH Network	-	-	OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by s… New	CWE-352 Origin Validation Error	CVE-2026-41347	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

417	5.4	MEDIUM Network	-	-	OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord slash command and autocomplete paths that fail to enforce group DM channel allowlist restrictions. Authorized Disco… New	CWE-863 Incorrect Authorization	CVE-2026-41348	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

418	8.8	HIGH Network	-	-	OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this to … New	CWE-862 Missing Authorization	CVE-2026-41349	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

419	4.3	MEDIUM Network	-	-	OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the session_status function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invoc… New	CWE-863 Incorrect Authorization	CVE-2026-41350	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm

420	5.3	MEDIUM Network	-	-	OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can re-enc… New	CWE-294 Authentication Bypass by Capture-replay	CVE-2026-41351	2026-04-24 23:40	2026-04-24	Show	GitHub Exploit DB Packet Storm