Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253031	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1259	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

253032	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1261	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

253033	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1260	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

253034	4.3	警告	マイクロソフト	-	複数の Microsoft 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1257	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

253035	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1880	2010-06-30 18:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

253036	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1879	2010-06-30 18:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

253037	8.5	危険	PostgreSQL.org サイバートラスト株式会社レッドハット	-	PostgreSQL における任意の Perl コードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1447	2010-06-30 18:17	2010-05-14	Show	GitHub Exploit DB Packet Storm

253038	9.3	危険	アップル	-	Apple Mac OS の ColorSync における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-1726	2010-06-30 18:17	2009-08-5	Show	GitHub Exploit DB Packet Storm

253039	6.9	警告	アップルサイバートラスト株式会社 The Perl Foundation レッドハット	-	Perl の rmtree 関数における任意のファイルを削除される脆弱性	CWE-362 競合状態	CVE-2008-5303	2010-06-30 18:16	2008-12-1	Show	GitHub Exploit DB Packet Storm

253040	6.9	警告	アップルサイバートラスト株式会社 The Perl Foundation レッドハット	-	Perl の rmtree 関数における任意の setuid バイナリを作成される脆弱性	CWE-362 競合状態	CVE-2008-5302	2010-06-30 18:16	2008-12-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
421	7.6	HIGH Network	-	-	OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser inter… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41912	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

422	3.7	LOW Network	-	-	OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can ex… New	CWE-362 Race Condition	CVE-2026-41913	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

423	8.5	HIGH Network	-	-	OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to ac… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41914	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

424	5.3	MEDIUM Local	-	-	OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GIT_DIR and related varia… New	CWE-184 Incomplete Blacklist	CVE-2026-41915	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

425	5.4	MEDIUM Network	-	-	OpenClaw before 2026.4.8 contains an authentication state management vulnerability where the resolvedAuth closure becomes stale after configuration reload. Newly accepted gateway connections continue… New	CWE-613 Insufficient Session Expiration	CVE-2026-41916	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

426	4.3	MEDIUM Network	-	-	OpenClaw before 2026.4.8 contains improper input validation in base64 decode paths that allocate memory before enforcing decoded-size limits. Attackers can exploit multiple code paths to cause memory… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42420	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

427	5.4	MEDIUM Network	-	-	OpenClaw before 2026.4.8 contains a session management vulnerability where existing WebSocket sessions survive shared gateway token rotation. Attackers can maintain unauthorized access to WebSocket c… New	CWE-613 Insufficient Session Expiration	CVE-2026-42421	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

428	8.8	HIGH Network	-	-	OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to … New	CWE-863 Incorrect Authorization	CVE-2026-42422	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

429	7.5	HIGH Network	-	-	OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeo… New	CWE-636 Not Failing Securely ('Failing Open')	CVE-2026-42423	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm

430	5.7	MEDIUM Network	-	-	OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious sha… New	CWE-73 External Control of File Name or Path	CVE-2026-42424	2026-04-29 05:10	2026-04-29	Show	GitHub Exploit DB Packet Storm