Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254391 7.6 危険 アップル - 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0155 2011-04-4 14:53 2011-03-3 Show GitHub Exploit DB Packet Storm
254392 7.6 危険 アップル - 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0154 2011-04-4 14:50 2011-03-3 Show GitHub Exploit DB Packet Storm
254393 7.6 危険 アップル - 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0153 2011-04-4 14:49 2011-03-3 Show GitHub Exploit DB Packet Storm
254394 7.6 危険 アップル - 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0152 2011-04-4 14:47 2011-03-3 Show GitHub Exploit DB Packet Storm
254395 7.6 危険 アップル - 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0151 2011-04-4 14:45 2011-03-3 Show GitHub Exploit DB Packet Storm
254396 10 危険 Wireshark
レッドハット		 - Wireshark の MAC-LTE 解析部におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-0444 2011-04-4 14:38 2011-01-11 Show GitHub Exploit DB Packet Storm
254397 5 警告 サイバートラスト株式会社
Wireshark
レッドハット
オラクル		 - Wireshark の BER 解析部の dissect_ber_unknown 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3445 2011-04-4 14:36 2010-10-11 Show GitHub Exploit DB Packet Storm
254398 5 警告 The PHP Group
アップル		 - PHP にサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2010-4409 2011-04-4 14:32 2010-12-1 Show GitHub Exploit DB Packet Storm
254399 5 警告 The PHP Group
アップル		 - PHP の IMAP 拡張 (ext/imap/php_imap.c) における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4150 2011-04-4 14:31 2010-12-7 Show GitHub Exploit DB Packet Storm
254400 6.8 警告 The PHP Group
アップル
サイバートラスト株式会社
レッドハット		 - PHP の utf8_decode 関数におけるクロスサイトスクリプティングおよび SQL インジェクションに対する保護メカニズムを回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3870 2011-04-4 14:29 2009-09-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
5501 5.5 MEDIUM
Local 		openclaw openclaw OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper me… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-41366 2026-04-29 03:45 2026-04-28 Show GitHub Exploit DB Packet Storm
5502 5.0 MEDIUM
Network 		openclaw openclaw OpenClaw versions 2026.2.14 through 2026.3.24 fail to consistently apply guild and channel policy gates to Discord button and component interactions. Attackers can trigger privileged component action… CWE-863
 Incorrect Authorization 		CVE-2026-41367 2026-04-29 03:45 2026-04-28 Show GitHub Exploit DB Packet Storm
5503 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using … CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-41368 2026-04-29 03:44 2026-04-28 Show GitHub Exploit DB Packet Storm
5504 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains insufficient environment variable sanitization in host exec operations, failing to filter package, registry, Docker, compiler, and TLS override variables. Attackers… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-41369 2026-04-29 03:44 2026-04-28 Show GitHub Exploit DB Packet Storm
5505 8.5 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate targ… CWE-863
 Incorrect Authorization 		CVE-2026-41371 2026-04-29 03:44 2026-04-28 Show GitHub Exploit DB Packet Storm
5506 5.8 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses re… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-41372 2026-04-29 03:43 2026-04-28 Show GitHub Exploit DB Packet Storm
5507 8.8 HIGH
Network 		jpcert logontracer An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user. CWE-78
OS Command  		CVE-2026-33277 2026-04-29 03:43 2026-04-27 Show GitHub Exploit DB Packet Storm
5508 7.4 HIGH
Network 		apache thrift Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixe… CWE-297
CWE-306
 Improper Validation of Certificate with Host Mismatch
Missing Authentication for Critical Function 		CVE-2026-41603 2026-04-29 03:42 2026-04-28 Show GitHub Exploit DB Packet Storm
5509 5.4 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability in MS Teams thread history fetched via Graph API. Attackers can retrieve thread messages that should be filtered by sender a… CWE-441
Confused Deputy 		CVE-2026-41365 2026-04-29 03:41 2026-04-28 Show GitHub Exploit DB Packet Storm
5510 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a path traversal vulnerability in ACP dispatch that allows attackers to read arbitrary files by manipulating inbound channel attachment paths. Remote attackers can … CWE-22
Path Traversal 		CVE-2026-41370 2026-04-29 03:41 2026-04-28 Show GitHub Exploit DB Packet Storm