Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1901 9 緊急
Network 		angular Angular CLI angularのAngular CLIにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-32635 2026-05-7 12:30 2026-03-16 Show GitHub Exploit DB Packet Storm
1902 6.5 警告
Network 		Ruby on Rails project rails Ruby on Rails projectのRailsにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-33658 2026-05-7 12:30 2026-03-26 Show GitHub Exploit DB Packet Storm
1903 9.8 緊急
Network 		ggml.ai llama.cpp ggml.aiのllama.cppにおけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-34159 2026-05-7 12:30 2026-04-1 Show GitHub Exploit DB Packet Storm
1904 7.8 重要
Local 		OpenClaw OpenClaw OpenClawにおける許容された入力値の許可リストに関する脆弱性 CWE-183
許容された入力値の許可リスト 		CVE-2026-41387 2026-05-7 12:30 2026-04-28 Show GitHub Exploit DB Packet Storm
1905 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける不完全な内部状態の区別に関する脆弱性 CWE-372
不完全な内部状態の区別 		CVE-2026-41388 2026-05-7 12:30 2026-04-28 Show GitHub Exploit DB Packet Storm
1906 7.3 重要
Local 		OpenClaw OpenClaw OpenClawにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-41390 2026-05-7 12:30 2026-04-28 Show GitHub Exploit DB Packet Storm
1907 6.1 警告
Local 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-41391 2026-05-7 12:30 2026-04-28 Show GitHub Exploit DB Packet Storm
1908 7.3 重要
Local 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-41392 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1909 4.8 警告
Adjacent 		OpenClaw OpenClaw OpenClawにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-41393 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
1910 8.2 重要
Network 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-41394 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312971 6.5 MEDIUM
Network 		syscomgo omflow OMFLOW from The SYSCOM Group does not properly restrict the query range of its data query functionality, allowing remote attackers with regular privileges to obtain accounts and password hashes of ot… NVD-CWE-noinfo
CVE-2024-8780 2024-09-20 23:35 2024-09-16 Show GitHub Exploit DB Packet Storm
312972 6.5 MEDIUM
Network 		syscomgo omflow OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files. CWE-22
Path Traversal 		CVE-2024-8778 2024-09-20 23:23 2024-09-16 Show GitHub Exploit DB Packet Storm
312973 7.5 HIGH
Network 		syscomgo omflow OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can… CWE-522
 Insufficiently Protected Credentials 		CVE-2024-8777 2024-09-20 23:22 2024-09-16 Show GitHub Exploit DB Packet Storm
312974 6.5 MEDIUM
Network 		ibm aspera_shares IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system. CWE-613
 Insufficient Session Expiration 		CVE-2024-38315 2024-09-20 23:09 2024-09-17 Show GitHub Exploit DB Packet Storm
312975 7.8 HIGH
Local 		mattermost mattermost_desktop Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of … CWE-427
 Uncontrolled Search Path Element 		CVE-2024-39613 2024-09-20 22:59 2024-09-16 Show GitHub Exploit DB Packet Storm
312976 5.3 MEDIUM
Physics 		rfideas micard_plus_ci_firmware
micard_plus_ble_firmware 		The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card read… NVD-CWE-noinfo
CVE-2024-1578 2024-09-20 22:53 2024-09-16 Show GitHub Exploit DB Packet Storm
312977 6.1 MEDIUM
Network 		jetbrains intellij_idea In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible CWE-79
Cross-site Scripting 		CVE-2024-46970 2024-09-20 22:23 2024-09-16 Show GitHub Exploit DB Packet Storm
312978 5.0 MEDIUM
Network 		nozominetworks cmc
guardian 		An access control vulnerability was discovered in the Reports section due to a specific access restriction not being properly enforced for users with limited privileges. If a logged-in user with r… CWE-863
 Incorrect Authorization 		CVE-2024-4465 2024-09-20 22:15 2024-09-12 Show GitHub Exploit DB Packet Storm
312979 5.5 MEDIUM
Local 		samsung exynos_980_firmware
exynos_850_firmware
exynos_1080_firmware
exynos_1280_firmware
exynos_1380_firmware
exynos_1330_firmware
exynos_1480_firmware
exynos_w920_firmware
exynos_w9… 		An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_b… CWE-787
 Out-of-bounds Write 		CVE-2024-27365 2024-09-20 22:09 2024-09-10 Show GitHub Exploit DB Packet Storm
312980 7.2 HIGH
Network 		mailcow mailcow\ mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated at… NVD-CWE-noinfo
CVE-2024-41958 2024-09-20 21:58 2024-08-6 Show GitHub Exploit DB Packet Storm