Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2951 8.5 重要
Network 		OpenClaw OpenClaw OpenClawにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41914 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2952 6.1 警告
Local 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-41915 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2953 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-41916 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2954 6.5 警告
Network 		Technitium DNS Server TechnitiumのDNS Serverにおける指定された機能の不適切な提供に関する脆弱性 CWE-684
指定された機能の不適切な提供 		CVE-2026-42255 2026-05-1 10:46 2026-04-26 Show GitHub Exploit DB Packet Storm
2955 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-42420 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2956 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-42421 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2957 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42422 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2958 7.5 重要
Network 		OpenClaw OpenClaw OpenClawにおける安全でない失敗処理に関する脆弱性 CWE-636
安全でない失敗処理 		CVE-2026-42423 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2959 5 警告
Local 		OpenClaw OpenClaw OpenClawにおけるファイル名やパス名の外部制御に関する脆弱性 CWE-73
ファイル名やパス名の外部制御 		CVE-2026-42424 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2960 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42426 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1941 6.5 MEDIUM
Network 		mongodb mongodb An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and … CWE-1325
 Improperly Controlled Sequential Memory Allocation 		CVE-2026-8199 2026-05-14 07:31 2026-05-13 Show GitHub Exploit DB Packet Storm
1942 6.1 MEDIUM
Network 		mediawiki mediawiki Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/ActionEntryPoint.Php, includes/Request/FauxResponse.Php. This issue affects … CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-34095 2026-05-14 07:30 2026-05-12 Show GitHub Exploit DB Packet Storm
1943 - - - Rejected reason: This CVE is a duplicate of another CVE. - CVE-2026-40328 2026-05-14 07:16 2026-05-14 Show GitHub Exploit DB Packet Storm
1944 - - - Rejected reason: This CVE is a duplicate of another CVE. - CVE-2026-40327 2026-05-14 07:16 2026-05-14 Show GitHub Exploit DB Packet Storm
1945 8.8 HIGH
Network 		- - Insufficient input validation of the `plugin` parameter of the `create_user` plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user. CWE-94
Code Injection 		CVE-2026-29202 2026-05-14 07:16 2026-05-9 Show GitHub Exploit DB Packet Storm
1946 4.3 MEDIUM
Network 		- - Insufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relative file path is passed. CWE-23
 Relative Path Traversal 		CVE-2026-29201 2026-05-14 07:16 2026-05-9 Show GitHub Exploit DB Packet Storm
1947 7.5 HIGH
Network 		apple ipados
iphone_os
macos
tvos
visionos
watchos 		A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 2… CWE-693
 Protection Mechanism Failure 		CVE-2026-43660 2026-05-14 06:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1948 7.5 HIGH
Network 		apple ipados
iphone_os
macos
tvos
visionos
watchos 		The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously c… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-43658 2026-05-14 06:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1949 4.3 MEDIUM
Network 		apple ipados
iphone_os
macos
visionos 		The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-28971 2026-05-14 06:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1950 7.5 HIGH
Network 		apple ipados
iphone_os
macos
visionos 		This issue was addressed with improved access restrictions. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. Processing mal… CWE-200
Information Exposure 		CVE-2026-28962 2026-05-14 06:16 2026-05-12 Show GitHub Exploit DB Packet Storm