NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
5101	7.5	HIGH Network	froxlor	froxlor	Froxlor is open source server administration software. Prior to version 2.3.6, `DataDump.add()` constructs the export destination path from user-supplied input without passing the `$fixed_homedir` pa…	CWE-59 Link Following	CVE-2026-41231	2026-04-28 02:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5102	8.5	HIGH Network	froxlor	froxlor	Froxlor is open source server administration software. Prior to version 2.3.6, `DomainZones::add()` accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in …	CWE-93 CRLF Injection	CVE-2026-41230	2026-04-28 02:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5103	9.1	CRITICAL Network	froxlor	froxlor	Froxlor is open source server administration software. Prior to version 2.3.6, `PhpHelper::parseArrayToString()` writes string values into single-quoted PHP string literals without escaping single qu…	CWE-94 Code Injection	CVE-2026-41229	2026-04-28 02:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

5104	9.9	CRITICAL Network	froxlor	froxlor	Froxlor is open source server administration software. Prior to version 2.3.6, the Froxlor API endpoint `Customers.update` (and `Admins.update`) does not validate the `def_language` parameter against…	CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')	CVE-2026-41228	2026-04-28 02:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

5105	4.9	MEDIUM Network	powerdns	recursor	An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.	CWE-476 NULL Pointer Dereference	CVE-2026-33600	2026-04-28 01:59	2026-04-22	Show	GitHub Exploit DB Packet Storm

5106	5.4	MEDIUM Network	froxlor	froxlor	Froxlor is open source server administration software. Prior to version 2.3.6, in `Domains.add()`, the `adminid` parameter is accepted from user input and used without validation when the calling res…	CWE-863 Incorrect Authorization	CVE-2026-41233	2026-04-28 01:59	2026-04-23	Show	GitHub Exploit DB Packet Storm

5107	4.9	MEDIUM Network	powerdns	recursor	If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to …	CWE-476 NULL Pointer Dereference	CVE-2026-33601	2026-04-28 01:58	2026-04-22	Show	GitHub Exploit DB Packet Storm

5108	7.5	HIGH Network	powerdns	dnsdist	An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-33254	2026-04-28 01:58	2026-04-22	Show	GitHub Exploit DB Packet Storm

5109	5.3	MEDIUM Network	openclaw	openclaw	OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature vali…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-41301	2026-04-28 01:56	2026-04-21	Show	GitHub Exploit DB Packet Storm

5110	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows. Attackers can route gateway credentials to malicious endpoint…	CWE-372 Incomplete Internal State Distinction	CVE-2026-41300	2026-04-28 01:56	2026-04-21	Show	GitHub Exploit DB Packet Storm

5111	7.1	HIGH Network	openclaw	openclaw	OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the chat.send gateway method where ACP-only provenance fields are gated by self-declared client metadata from WebSocket han…	CWE-807 Reliance on Untrusted Inputs in a Security Decision	CVE-2026-41299	2026-04-28 01:56	2026-04-21	Show	GitHub Exploit DB Packet Storm

5112	5.4	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.2 fails to enforce write scopes on the POST /sessions/:sessionKey/kill endpoint in identity-bearing HTTP modes. Read-scoped callers can terminate running subagent sessions by s…	CWE-862 Missing Authorization	CVE-2026-41298	2026-04-28 01:56	2026-04-21	Show	GitHub Exploit DB Packet Storm

5113	7.3	HIGH Network	tenda	w30e_firmware	Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary …	CWE-77 Command Injection	CVE-2026-38834	2026-04-28 01:44	2026-04-22	Show	GitHub Exploit DB Packet Storm

5114	9.8	CRITICAL Network	tenda	w30e_firmware	Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to…	CWE-77 Command Injection	CVE-2026-38835	2026-04-28 01:44	2026-04-22	Show	GitHub Exploit DB Packet Storm

5115	7.8	HIGH Local	deepcool	deepcreative	Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file	CWE-277 Insecure Inherited Permissions	CVE-2026-30266	2026-04-28 01:42	2026-04-21	Show	GitHub Exploit DB Packet Storm

5116	6.3	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows remote attackers to make arbitrary network requests. Attack…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41302	2026-04-28 00:26	2026-04-21	Show	GitHub Exploit DB Packet Storm

5117	9.9	CRITICAL Network	doorman	doorman	Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update their own account role to a non-admin privileged role via /platform/user/{username}. The `role` field is a…	CWE-269 Improper Privilege Management	CVE-2026-30269	2026-04-28 00:24	2026-04-21	Show	GitHub Exploit DB Packet Storm

5118	8.2	HIGH Network	ultradag	ultradag	UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails a…	CWE-460 CWE-696 Improper Cleanup on Thrown Exception Incorrect Behavior Order	CVE-2026-40583	2026-04-28 00:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

5119	8.8	HIGH Network	openclaw	openclaw	OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. Attackers can send Discord text…	CWE-863 Incorrect Authorization	CVE-2026-41303	2026-04-28 00:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

5120	-	-	-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…	-	CVE-2026-6337	2026-04-28 00:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

5121	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU…	-	CVE-2026-31669	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5122	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dst_cache per encap route, s…	-	CVE-2026-31668	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5123	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered repro…	-	CVE-2026-31667	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5124	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() After commit 1618aa3c2e01 ("btrfs: simplify ret…	-	CVE-2026-31666	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5125	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: fix use-after-free in timeout object destroy nft_ct_timeout_obj_destroy() frees the timeout object with kfree(…	-	CVE-2026-31665	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5126	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transport_finish NF_HOOK After async crypto completes, xfrm_input_resume() calls dev_put() immedia…	-	CVE-2026-31663	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5127	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG The GRP_ACK_MSG handler in tipc_group_proto_rcv() currently decrements bc_…	-	CVE-2026-31662	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5128	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_global_data() builds the allocation length for a g…	-	CVE-2026-31659	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5129	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadv_bla_add_claim() can replace claim->backbone_gw and drop the old gate…	-	CVE-2026-31657	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5130	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat A use-after-free / refcount underflow is possible when the hea…	-	CVE-2026-31656	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5131	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len = no…	-	CVE-2026-31649	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5132	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() When running stress-ng on my Arm64 machine with v7.0-rc3 ke…	-	CVE-2026-31648	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5133	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966x_fdma_reload() When lan966x_fdma_reload() fails to allocate new RX buffers, t…	-	CVE-2026-31644	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5134	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpc_preparse_xdr_yfs_rxgk() reads the raw key length and ticket length from the X…	-	CVE-2026-31641	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5135	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc_post_response(), the code should be comparing th…	-	CVE-2026-31640	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5136	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc_input_packet_on_conn() can process a to-client packet after the current cl…	-	CVE-2026-31638	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5137	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the …	-	CVE-2026-31637	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5138	9.1	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgk_verify_authenticator() copies auth_len bytes into a temporary buffer and t…	-	CVE-2026-31636	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5139	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgk_verify_response() decodes auth_len from the packet and is supposed …	-	CVE-2026-31635	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5140	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's a potential integer overflow due to roun…	-	CVE-2026-31633	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5141	8.2	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgk_do_verify_authenticator() Fix rxgk_do_verify_authenticator() to check the buffer size before c…	-	CVE-2026-31631	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5142	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AF_RXRPC procfs helpers format local and remote socket addresses into fix…	-	CVE-2026-31630	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5143	8.8	HIGH Adjacent	-	-	In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCP_CLOSED checks In nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket state is…	-	CVE-2026-31629	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5144	8.8	HIGH Network	roxy-wi	roxy-wi	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the /config/ < service > /find-in-config endpoint in Roxy-WI fails to sanitize the use…	CWE-78 OS Command	CVE-2026-33208	2026-04-28 00:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

5145	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it shou…	-	CVE-2026-31627	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5146	7.1	HIGH Adjacent	-	-	In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() Initialize le_tmp64 to zero in rtw_BIP_verify() to prevent using unin…	-	CVE-2026-31626	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5147	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fops_vcodec_release() function frees the context structur…	-	CVE-2026-31584	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5148	8.8	HIGH Adjacent	-	-	In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgw_csum_crc8_rel() cgw_csum_crc8_rel() correctly computes bounds-safe indices via calc_idx(): …	-	CVE-2026-31570	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5149	7.3	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, cu…	-	CVE-2026-31569	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

5150	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib amdgpu_amdkfd_submit_ib() submits a GPU job and gets a fence fro…	-	CVE-2026-31566	2026-04-28 00:16	2026-04-25	Show	GitHub Exploit DB Packet Storm