Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226701 7.5 危険 rein velt - Ve-EDIT の debugger/debug_php.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3064 2012-12-20 19:28 2009-09-3 Show GitHub Exploit DB Packet Storm
226702 7.5 危険 phplivesupport - OSI Codes PHP Live! の message_box.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3062 2012-12-20 19:28 2009-09-3 Show GitHub Exploit DB Packet Storm
226703 7.5 危険 silcnet - Secure Internet Live Conferencing (SILC) Toolkit などの lib/silcclient/client_entry.c におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2009-3051 2012-12-20 19:28 2009-09-10 Show GitHub Exploit DB Packet Storm
226704 7.5 危険 SPIP - SPIP におけるインストールなどに関する許可されていない操作を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3041 2012-12-20 19:28 2009-08-6 Show GitHub Exploit DB Packet Storm
226705 9.3 危険 シマンテック - Symantec Altiris Deployment Solution などの Web コンソールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3033 2012-12-20 19:28 2009-11-24 Show GitHub Exploit DB Packet Storm
226706 9.3 危険 シマンテック - Symantec Altiris Deployment Solution などの BrowseAndSaveFile メソッドにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3031 2012-12-20 19:28 2009-11-2 Show GitHub Exploit DB Packet Storm
226707 4.3 警告 シマンテック - Symantec SecurityExpressions Audit および Compliance Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3030 2012-12-20 19:28 2009-10-6 Show GitHub Exploit DB Packet Storm
226708 3.5 注意 シマンテック - SecurityExpressions Audit および Compliance Server のコンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3029 2012-12-20 19:28 2009-10-6 Show GitHub Exploit DB Packet Storm
226709 4.3 警告 Pidgin - Pidgin におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-3025 2012-12-20 19:28 2009-08-31 Show GitHub Exploit DB Packet Storm
226710 4.3 警告 QtWeb.NET - QtWeb におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3015 2012-12-20 19:28 2009-08-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2451 4.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memory_get function that allows callers to read any Markdown files within the workspace root. Attackers with… CWE-183
 Permissive List of Allowed Inputs 		CVE-2026-44111 2026-05-8 04:42 2026-05-7 Show GitHub Exploit DB Packet Storm
2452 8.8 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.15 contains an authorization bypass vulnerability in Matrix room control-command authorization that trusts DM pairing-store entries. Attackers with DM-paired sender IDs can exe… CWE-863
 Incorrect Authorization 		CVE-2026-44110 2026-05-8 04:41 2026-05-7 Show GitHub Exploit DB Packet Storm
2453 9.8 CRITICAL
Network 		openclaw openclaw OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptK… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-44109 2026-05-8 04:40 2026-05-7 Show GitHub Exploit DB Packet Storm
2454 9.8 CRITICAL
Network 		openclaw openclaw OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP and WebSocket handlers fail to re-reso… CWE-672
 Operation on a Resource after Expiration or Release 		CVE-2026-43585 2026-05-8 04:36 2026-05-7 Show GitHub Exploit DB Packet Storm
2455 8.8 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows operator-supplied overrides of high-risk interpreter startup … CWE-184
 Incomplete Blacklist 		CVE-2026-43584 2026-05-8 04:36 2026-05-7 Show GitHub Exploit DB Packet Storm
2456 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: Fix buffer size in DMA and memcpy Buffer size used in dma allocation and memcpy is wrong. It can lead to und… CWE-787
 Out-of-bounds Write 		CVE-2026-31743 2026-05-8 04:36 2026-05-2 Show GitHub Exploit DB Packet Storm
2457 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group too… CWE-862
 Missing Authorization 		CVE-2026-43583 2026-05-8 04:36 2026-05-7 Show GitHub Exploit DB Packet Storm
2458 6.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.10 contains a server-side request forgery vulnerability in browser navigation policy that allows attackers to bypass hostname validation through DNS rebinding attacks. Attacker… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-43582 2026-05-8 04:35 2026-05-7 Show GitHub Exploit DB Packet Storm
2459 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found dev_energymodel_nl_get_perf_domains_doit() calls em_perf_do… CWE-476
 NULL Pointer Dereference 		CVE-2026-31744 2026-05-8 04:33 2026-05-2 Show GitHub Exploit DB Packet Storm
2460 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in reset_add_gpio_aux_device() error path When __auxiliary_device_add() fails, reset_add_gpio_aux_de… CWE-415
 Double Free 		CVE-2026-31745 2026-05-8 04:31 2026-05-2 Show GitHub Exploit DB Packet Storm