Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3861 9.1 緊急
Network 		dgraph dgraph dgraphにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-41327 2026-04-30 11:01 2026-04-24 Show GitHub Exploit DB Packet Storm
3862 9.1 緊急
Network 		dgraph dgraph dgraphにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-41328 2026-04-30 11:01 2026-04-24 Show GitHub Exploit DB Packet Storm
3863 3.7
Network 		OpenClaw OpenClaw OpenClawにおけるインタラクション頻度の制御に関する脆弱性  CWE-799
インタラクション頻度の不適切な制御 		CVE-2026-41333 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
3864 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける安全でない失敗処理に関する脆弱性 CWE-636
安全でない失敗処理 		CVE-2026-41334 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
3865 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性 CWE-497
認可されていない制御領域への重要情報の漏えい 		CVE-2026-41335 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
3866 7.8 重要
Local 		OpenClaw OpenClaw OpenClawにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-41336 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
3867 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-41337 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
3868 5 警告
Local 		OpenClaw OpenClaw OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-41338 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
3869 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける不完全な内部状態の区別に関する脆弱性 CWE-372
不完全な内部状態の区別 		CVE-2026-41340 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
3870 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおける不十分な型の区別に関する脆弱性 CWE-351
不十分な型の区別 		CVE-2026-41341 2026-04-30 11:01 2026-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346681 - trend_micro officescan Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. NVD-CWE-Other
CVE-2004-2006 2017-07-11 10:31 2004-05-7 Show GitHub Exploit DB Packet Storm
346682 - adam_webb nukejokes Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to inject arbitrary HTML or web script via the (1) cat parameter in a CatView function or (… NVD-CWE-Other
CVE-2004-2007 2017-07-11 10:31 2004-05-8 Show GitHub Exploit DB Packet Storm
346683 - adam_webb nukejokes SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter. NVD-CWE-Other
CVE-2004-2008 2017-07-11 10:31 2004-05-8 Show GitHub Exploit DB Packet Storm
346684 - - - NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via (1) a direct call to mainfunctions.php, (2) an invalid jokeid parameter in a JokeView function or (3) an inv… NVD-CWE-Other
CVE-2004-2009 2017-07-11 10:31 2004-05-8 Show GitHub Exploit DB Packet Storm
346685 - - - PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a rem… NVD-CWE-Other
CVE-2004-2010 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
346686 - niels
vladimir_kotal
netbsd 		provos_systrace
systrace_port_for_freebsd
netbsd 		The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before settin… NVD-CWE-Other
CVE-2004-2012 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
346687 - webct webct Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags. NVD-CWE-Other
CVE-2004-2015 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
346688 - netchat subnet_chat_application Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request. NVD-CWE-Other
CVE-2004-2016 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
346689 - turbotraffictrader turbotraffictrader_c Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to … NVD-CWE-Other
CVE-2004-2017 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
346690 - francisco_burzi php-nuke PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remot… NVD-CWE-Other
CVE-2004-2018 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm