Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251361 6.5 警告 オラクル - Oracle Database の JavaVM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0866 2010-05-12 15:17 2010-04-13 Show GitHub Exploit DB Packet Storm
251362 7.1 危険 オラクル - Oracle Database の Core RDBMS コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0860 2010-05-12 15:16 2010-04-13 Show GitHub Exploit DB Packet Storm
251363 7.5 危険 オラクル - 複数の Oracle 製品の Oracle Internet Directory コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0853 2010-05-12 15:16 2010-04-13 Show GitHub Exploit DB Packet Storm
251364 2.6 注意 シックス・アパート株式会社 - Movable Type におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1985 2010-05-12 12:01 2010-05-12 Show GitHub Exploit DB Packet Storm
251365 10 危険 日立 - 複数の EUR Form 製品 および EUR 製品における任意のコードが実行される脆弱性 CWE-noinfo
情報不足 		- 2010-05-11 15:16 2010-03-31 Show GitHub Exploit DB Packet Storm
251366 6.4 警告 マイクロソフト - Microsoft Windows における ISATAP パケットの処理に関する IPv4 ソースアドレスの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0812 2010-05-11 15:16 2010-04-13 Show GitHub Exploit DB Packet Storm
251367 7.6 危険 マイクロソフト - Microsoft Office Visio における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0256 2010-05-11 15:16 2010-04-13 Show GitHub Exploit DB Packet Storm
251368 7.6 危険 マイクロソフト - Microsoft Office Visio における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0254 2010-05-11 15:15 2010-04-13 Show GitHub Exploit DB Packet Storm
251369 5 警告 マイクロソフト - Microsoft Windows の SMTP コンポーネントにおける情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2010-0025 2010-05-11 15:15 2010-04-13 Show GitHub Exploit DB Packet Storm
251370 5 警告 マイクロソフト - Microsoft Windows の SMTP コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0024 2010-05-11 15:15 2010-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1761 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired recipients to mint legacy callback payloads. Attackers can send raw card comman… CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-35664 2026-04-14 05:39 2026-04-11 Show GitHub Exploit DB Packet Storm
1762 8.8 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements… CWE-648
 Incorrect Use of Privileged APIs 		CVE-2026-35663 2026-04-14 05:39 2026-04-11 Show GitHub Exploit DB Packet Storm
1763 4.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.22 fails to enforce controlScope restrictions on the send action, allowing leaf subagents to message controlled child sessions beyond their authorized scope. Attackers can expl… CWE-862
 Missing Authorization 		CVE-2026-35662 2026-04-14 05:32 2026-04-11 Show GitHub Exploit DB Packet Storm
1764 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing require… CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-35661 2026-04-14 05:32 2026-04-11 Show GitHub Exploit DB Packet Storm
1765 8.1 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attack… CWE-862
 Missing Authorization 		CVE-2026-35660 2026-04-14 05:32 2026-04-11 Show GitHub Exploit DB Packet Storm
1766 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts ou… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-35658 2026-04-14 05:31 2026-04-11 Show GitHub Exploit DB Packet Storm
1767 7.8 HIGH
Local 		khyrenz parseusbs parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen() shell command, allowing arbitrary command execution … CWE-78
OS Command  		CVE-2026-40029 2026-04-14 05:27 2026-04-9 Show GitHub Exploit DB Packet Storm
1768 7.8 HIGH
Local 		khyrenz parseusbs parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is passed unsanitized into an os.popen() shell command with ls, allowing arbitrary… CWE-78
OS Command  		CVE-2026-40030 2026-04-14 05:27 2026-04-9 Show GitHub Exploit DB Packet Storm
1769 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 (patched in 2026.4.8) contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attack… CWE-601
Open Redirect 		CVE-2026-40037 2026-04-14 05:27 2026-04-9 Show GitHub Exploit DB Packet Storm
1770 4.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals… CWE-863
 Incorrect Authorization 		CVE-2026-35619 2026-04-14 05:27 2026-04-11 Show GitHub Exploit DB Packet Storm