Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1421 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける不完全な内部状態の区別に関する脆弱性 CWE-372
不完全な内部状態の区別 		CVE-2026-41388 2026-05-7 12:30 2026-04-28 Show GitHub Exploit DB Packet Storm
1422 7.3 重要
Local 		OpenClaw OpenClaw OpenClawにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-41390 2026-05-7 12:30 2026-04-28 Show GitHub Exploit DB Packet Storm
1423 6.1 警告
Local 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-41391 2026-05-7 12:30 2026-04-28 Show GitHub Exploit DB Packet Storm
1424 7.3 重要
Local 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-41392 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1425 4.8 警告
Adjacent 		OpenClaw OpenClaw OpenClawにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-41393 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1426 8.2 重要
Network 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-41394 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1427 7.5 重要
Network 		OpenClaw OpenClaw OpenClawにおける暗号化処理の不備に関する脆弱性 CWE-325
暗号化処理の不備 		CVE-2026-41395 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1428 7.8 重要
Local 		OpenClaw OpenClaw OpenClawにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-41396 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1429 9.6 緊急
Network 		OpenClaw OpenClaw OpenClawにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-41397 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1430 4 警告
Local 		OpenClaw OpenClaw OpenClawにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-41403 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312751 5.3 MEDIUM
Network 		mezz justenoughitems JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JE… CWE-129
 Improper Validation of Array Index 		CVE-2024-41565 2024-09-20 01:19 2024-08-29 Show GitHub Exploit DB Packet Storm
312752 7.3 HIGH
Local 		openpolicyagent open_policy_agent A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrar… CWE-294
Authentication Bypass by Capture-replay  		CVE-2024-8260 2024-09-20 01:08 2024-08-30 Show GitHub Exploit DB Packet Storm
312753 4.6 MEDIUM
Physics 		ibm maas360_mdm IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-35118 2024-09-20 00:53 2024-08-30 Show GitHub Exploit DB Packet Storm
312754 8.1 HIGH
Network 		zohocorp manageengine_exchange_reporter_plus Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. CWE-89
SQL Injection 		CVE-2024-6204 2024-09-20 00:41 2024-08-31 Show GitHub Exploit DB Packet Storm
312755 8.1 HIGH
Network 		master-nan sweet-cms A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/l… CWE-117
 Improper Output Neutralization for Logs 		CVE-2024-8334 2024-09-20 00:39 2024-08-30 Show GitHub Exploit DB Packet Storm
312756 9.8 CRITICAL
Network 		openrapid rapidcms A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username … CWE-89
SQL Injection 		CVE-2024-8335 2024-09-20 00:31 2024-08-30 Show GitHub Exploit DB Packet Storm
312757 8.1 HIGH
Network 		eclipse eclipse_dataspace_components In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date… CWE-287
Improper Authentication 		CVE-2024-8642 2024-09-20 00:18 2024-09-11 Show GitHub Exploit DB Packet Storm
312758 7.5 HIGH
Network 		hoverfly hoverfly Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST handler allows users to create new simulation views from … CWE-22
Path Traversal 		CVE-2024-45388 2024-09-20 00:18 2024-09-3 Show GitHub Exploit DB Packet Storm
312759 4.6 MEDIUM
Physics 		idec kit-fc6a-24-kc_firmware
kit-fc6a-24-pc_firmware
kit-fc6a-24-ra_firmware
kit-fc6a-24-ra-hg1g_firmware
kit-fc6a-24-ra-hg2g-5tn_firmware
kit-fc6a-24-ra-hg2g-5tt_firmware
kit-fc6a-24-rc… 		Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtaine… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-41927 2024-09-20 00:10 2024-09-4 Show GitHub Exploit DB Packet Storm
312760 7.8 HIGH
Local 		adobe acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc 		Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context … CWE-416
 Use After Free 		CVE-2024-41869 2024-09-20 00:09 2024-09-13 Show GitHub Exploit DB Packet Storm