Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3861	7.8	重要 Local	OpenClaw	OpenClaw	OpenClawにおける信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-41336	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3862	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-41337	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3863	5	警告 Local	OpenClaw	OpenClaw	OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-41338	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3864	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不完全な内部状態の区別に関する脆弱性	CWE-372 不完全な内部状態の区別	CVE-2026-41340	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3865	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不十分な型の区別に関する脆弱性	CWE-351 不十分な型の区別	CVE-2026-41341	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3866	8.1	重要 Adjacent	OpenClaw	OpenClaw	OpenClawにおける同一生成元ポリシー違反に関する脆弱性	CWE-346 同一生成元ポリシー違反	CVE-2026-41342	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3867	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるインタラクション頻度の制御に関する脆弱性	CWE-799 インタラクション頻度の不適切な制御	CVE-2026-41343	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3868	8.8	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41344	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3869	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおける認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-41345	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3870	7.5	重要 Network	OpenClaw	OpenClaw	OpenClawにおけるインタラクション頻度の制御に関する脆弱性	CWE-799 インタラクション頻度の不適切な制御	CVE-2026-41346	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1481	5.3	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a craf…	CWE-20 Improper Input Validation	CVE-2026-8538	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

1482	8.8	HIGH Network	google	chrome	Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-843 Type Confusion	CVE-2026-8540	2026-05-19 10:29	2026-05-15	Show	GitHub Exploit DB Packet Storm

1483	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef is accessible without authentication and executes request.ap…	CWE-862 Missing Authorization	CVE-2026-45667	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

1484	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/{note_id} endpoint lacks proper authorization checks, allowin…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45666	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

1485	8.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Banner component due…	CWE-79 Cross-site Scripting	CVE-2026-45665	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

1486	6.3	MEDIUM Network	-	-	A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based …	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-8733	2026-05-19 06:16	2026-05-17	Show	GitHub Exploit DB Packet Storm

1487	-		-	-	* Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. * KSU keys using SYMCRYPTO will be impacted by this vulnerability.	CWE-331 Insufficient Entropy	CVE-2025-14972	2026-05-19 05:27	2026-05-16	Show	GitHub Exploit DB Packet Storm

1488	8.2	HIGH Network	-	-	A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control fu…	CWE-124 Buffer Underflow	CVE-2026-34253	2026-05-19 05:23	2026-05-16	Show	GitHub Exploit DB Packet Storm

1489	7.5	HIGH Network	-	-	An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream._write, lib/smtp-stream.js components	CWE-400 Uncontrolled Resource Consumption	CVE-2026-38728	2026-05-19 05:23	2026-05-16	Show	GitHub Exploit DB Packet Storm

1490	4.6	MEDIUM Network	-	-	HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.	CWE-863 Incorrect Authorization	CVE-2026-21789	2026-05-19 05:23	2026-05-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed