Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223021 4.6 警告 SUSE - SUSE Linux におけるバッファオーバーフローの脆弱性 - CVE-2006-0043 2014-03-11 17:43 2006-01-31 Show GitHub Exploit DB Packet Storm
223022 3.5 注意 IBM - IBM Cognos Business Intelligence のサーバにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0861 2014-03-11 17:33 2014-02-14 Show GitHub Exploit DB Packet Storm
223023 6.5 警告 ownCloud - ownCloud Server の lib/bookmarks.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-2046 2014-03-11 17:30 2013-05-14 Show GitHub Exploit DB Packet Storm
223024 6.5 警告 ownCloud - ownCloud Server の lib/db.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-2045 2014-03-11 17:30 2013-05-14 Show GitHub Exploit DB Packet Storm
223025 6.5 警告 ownCloud - ownCloud Server の addressbookprovider.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-1893 2014-03-11 17:29 2013-03-25 Show GitHub Exploit DB Packet Storm
223026 4.3 警告 ownCloud - ownCloud Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1890 2014-03-11 17:29 2013-03-24 Show GitHub Exploit DB Packet Storm
223027 7.5 危険 Zemanta - WordPress 用 Search Everything プラグインの se_search_default における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-2316 2014-03-11 17:24 2014-02-11 Show GitHub Exploit DB Packet Storm
223028 4.3 警告 ShinePHP - WordPress 用 Thank You Counter Button プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2315 2014-03-11 17:24 2014-02-25 Show GitHub Exploit DB Packet Storm
223029 4.3 警告 SFR - SFR Box ルータのファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-1599 2014-03-11 15:46 2014-02-25 Show GitHub Exploit DB Packet Storm
223030 4.3 警告 Atlassian - Atlassian JIRA の Issue Collector プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-2314 2014-03-11 15:26 2014-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 6.5 MEDIUM
Network 		- - OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by craftin… New CWE-1023
 Incomplete Comparison with Missing Factors 		CVE-2026-53839 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
62 9.8 CRITICAL
Network 		- - OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic t… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-53838 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
63 3.7 LOW
Network 		- - OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event handlers that fails to validate channel type metadata. Attackers can bypass intended DM policy decisions… New CWE-636
 Not Failing Securely ('Failing Open') 		CVE-2026-53837 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
64 8.8 HIGH
Network 		- - OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recogn… New CWE-184
 Incomplete Blacklist 		CVE-2026-53836 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
65 4.3 MEDIUM
Network 		- - OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu dynamic-agent bindings that allows authenticated senders to create or update bindings without honoring con… New CWE-863
 Incorrect Authorization 		CVE-2026-53835 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
66 7.5 HIGH
Network 		- - OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke s… New CWE-863
 Incorrect Authorization 		CVE-2026-53834 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
67 7.7 HIGH
Local 		- - OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate configuration without explicit allowFrom restrictio… New CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-53833 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
68 7.7 HIGH
Local 		- - OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gate… New CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-53832 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
69 8.3 HIGH
Network 		- - OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenti… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-53831 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm
70 6.5 MEDIUM
Network 		- - OpenClaw before 2026.4.22 contains a webhook secret revocation bypass vulnerability allowing callers with old Slack and Zalo webhook secrets to remain active after secrets.reload. Attackers can explo… New CWE-613
 Insufficient Session Expiration 		CVE-2026-53830 2026-06-13 07:16 2026-06-13 Show GitHub Exploit DB Packet Storm