Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252381	4	警告	Vtiger	-	vtiger CRM におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4679	2011-12-12 11:39	2011-12-7	Show	GitHub Exploit DB Packet Storm

252382	5	警告	Novell	-	Novell Messenger および Novell GroupWise Messenger における任意のメモリ配置を読み取られる脆弱性	CWE-200 情報漏えい	CVE-2011-3179	2011-12-12 11:37	2011-10-25	Show	GitHub Exploit DB Packet Storm

252383	10	危険	Novell	-	Novell ZENworks Asset Management の rtrlet コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-2653	2011-12-12 11:36	2011-11-2	Show	GitHub Exploit DB Packet Storm

252384	7.8	危険	日立	-	JP1/Cm2/Network Node Manager i におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2011-12-9 16:35	2011-10-12	Show	GitHub Exploit DB Packet Storm

252385	5	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (CPU およびメモリ消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4687	2011-12-9 16:07	2011-12-7	Show	GitHub Exploit DB Packet Storm

252386	5	警告	Opera Software ASA	-	Opera の Web Workers 実装におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2011-4686	2011-12-9 16:06	2011-12-7	Show	GitHub Exploit DB Packet Storm

252387	5	警告	Opera Software ASA	-	Opera の Dragonfly におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-4685	2011-12-9 16:05	2011-12-7	Show	GitHub Exploit DB Packet Storm

252388	10	危険	Opera Software ASA	-	Opera における証明書失効の処理に関する詳細不明な脆弱性	CWE-310 暗号の問題	CVE-2011-4684	2011-12-9 16:05	2011-12-7	Show	GitHub Exploit DB Packet Storm

252389	10	危険	Opera Software ASA	-	Opera における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2011-4683	2011-12-9 16:04	2011-12-7	Show	GitHub Exploit DB Packet Storm

252390	6.4	警告	Opera Software ASA	-	Opera の JavaScript エンジンにおける同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4682	2011-12-9 16:03	2011-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
5071	5.0	MEDIUM Local	openclaw	openclaw	OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious sha…	CWE-73 External Control of File Name or Path	CVE-2026-42424	2026-04-30 23:05	2026-04-29	Show	GitHub Exploit DB Packet Storm

5072	8.8	HIGH Network	openclaw	openclaw	OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unpr…	CWE-863 Incorrect Authorization	CVE-2026-42426	2026-04-30 23:05	2026-04-29	Show	GitHub Exploit DB Packet Storm

5073	7.5	HIGH Network	openclaw	openclaw	OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeo…	CWE-636 Not Failing Securely ('Failing Open')	CVE-2026-42423	2026-04-30 23:04	2026-04-29	Show	GitHub Exploit DB Packet Storm

5074	8.8	HIGH Network	openclaw	openclaw	OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to …	CWE-863 Incorrect Authorization	CVE-2026-42422	2026-04-30 23:04	2026-04-29	Show	GitHub Exploit DB Packet Storm

5075	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.8 contains improper input validation in base64 decode paths that allocate memory before enforcing decoded-size limits. Attackers can exploit multiple code paths to cause memory…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42420	2026-04-30 23:04	2026-04-29	Show	GitHub Exploit DB Packet Storm

5076	5.4	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.8 contains an authentication state management vulnerability where the resolvedAuth closure becomes stale after configuration reload. Newly accepted gateway connections continue…	CWE-613 Insufficient Session Expiration	CVE-2026-41916	2026-04-30 23:04	2026-04-29	Show	GitHub Exploit DB Packet Storm

5077	6.1	MEDIUM Local	openclaw	openclaw	OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GIT_DIR and related varia…	CWE-184 Incomplete Blacklist	CVE-2026-41915	2026-04-30 23:04	2026-04-29	Show	GitHub Exploit DB Packet Storm

5078	5.4	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.8 contains a session management vulnerability where existing WebSocket sessions survive shared gateway token rotation. Attackers can maintain unauthorized access to WebSocket c…	CWE-613 Insufficient Session Expiration	CVE-2026-42421	2026-04-30 23:04	2026-04-29	Show	GitHub Exploit DB Packet Storm

5079	8.8	HIGH Network	tenda	f456_firmware	A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argumen…	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7099	2026-04-30 23:04	2026-04-27	Show	GitHub Exploit DB Packet Storm

5080	8.8	HIGH Network	tenda	f456_firmware	A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overf…	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7100	2026-04-30 23:03	2026-04-27	Show	GitHub Exploit DB Packet Storm