Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229241	7.5	危険	unisor cms	-	UNISOR CMS の login.asp における SQL インジェクションの脆弱性	-	CVE-2006-5628	2012-12-20 18:02	2006-10-31	Show	GitHub Exploit DB Packet Storm

229242	7.5	危険	qnecms	-	QnECMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5627	2012-12-20 18:02	2006-10-31	Show	GitHub Exploit DB Packet Storm

229243	4.3	警告	phpfaber	-	phpFaber CMS の cms_images/js/htmlarea/htmlarea.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5626	2012-12-20 18:02	2006-10-31	Show	GitHub Exploit DB Packet Storm

229244	7.5	危険	thepeak	-	Thepeak File Upload Manager の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5617	2012-12-20 18:02	2006-10-30	Show	GitHub Exploit DB Packet Storm

229245	7.5	危険	Textpattern	-	Textpattern の publish.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5615	2012-12-20 18:02	2006-10-30	Show	GitHub Exploit DB Packet Storm

229246	10	危険	東芝	-	Toshiba Bluetooth スタックにおける脆弱性	CWE-noinfo 情報不足	CVE-2006-5611	2012-12-20 18:02	2006-10-30	Show	GitHub Exploit DB Packet Storm

229247	5	警告	TorrentFlux	-	TorrentFlux の dir.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5609	2012-12-20 18:02	2006-10-30	Show	GitHub Exploit DB Packet Storm

229248	6.8	警告	phpcards	-	phpCards の phpcards.footer.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5605	2012-12-20 18:02	2006-10-30	Show	GitHub Exploit DB Packet Storm

229249	7.5	危険	phpcards	-	phpCards の phpcards.header.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5604	2012-12-20 18:02	2006-10-30	Show	GitHub Exploit DB Packet Storm

229250	7.5	危険	Snitz	-	Snitz Forums 2000 の pop_mail.asp における SQL インジェクションの脆弱性	-	CVE-2006-5603	2012-12-20 18:02	2006-10-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
741	5.0	MEDIUM Network	openclaw	openclaw	OpenClaw versions 2026.2.14 through 2026.3.24 fail to consistently apply guild and channel policy gates to Discord button and component interactions. Attackers can trigger privileged component action… New	CWE-863 Incorrect Authorization	CVE-2026-41367	2026-04-29 03:45	2026-04-28	Show	GitHub Exploit DB Packet Storm

742	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using … New	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2026-41368	2026-04-29 03:44	2026-04-28	Show	GitHub Exploit DB Packet Storm

743	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.31 contains insufficient environment variable sanitization in host exec operations, failing to filter package, registry, Docker, compiler, and TLS override variables. Attackers… New	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2026-41369	2026-04-29 03:44	2026-04-28	Show	GitHub Exploit DB Packet Storm

744	8.5	HIGH Network	openclaw	openclaw	OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate targ… New	CWE-863 Incorrect Authorization	CVE-2026-41371	2026-04-29 03:44	2026-04-28	Show	GitHub Exploit DB Packet Storm

745	5.8	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses re… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-41372	2026-04-29 03:43	2026-04-28	Show	GitHub Exploit DB Packet Storm

746	8.8	HIGH Network	jpcert	logontracer	An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user. Update	CWE-78 OS Command	CVE-2026-33277	2026-04-29 03:43	2026-04-27	Show	GitHub Exploit DB Packet Storm

747	7.4	HIGH Network	apache	thrift	Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixe… New	CWE-297 CWE-306 Improper Validation of Certificate with Host Mismatch Missing Authentication for Critical Function	CVE-2026-41603	2026-04-29 03:42	2026-04-28	Show	GitHub Exploit DB Packet Storm

748	5.4	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability in MS Teams thread history fetched via Graph API. Attackers can retrieve thread messages that should be filtered by sender a… New	CWE-441 Confused Deputy	CVE-2026-41365	2026-04-29 03:41	2026-04-28	Show	GitHub Exploit DB Packet Storm

749	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.31 contains a path traversal vulnerability in ACP dispatch that allows attackers to read arbitrary files by manipulating inbound channel attachment paths. Remote attackers can … New	CWE-22 Path Traversal	CVE-2026-41370	2026-04-29 03:41	2026-04-28	Show	GitHub Exploit DB Packet Storm

750	7.5	HIGH Network	apache	thrift	Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, w… New	CWE-762 Mismatched Memory Management Routines	CVE-2025-48431	2026-04-29 03:40	2026-04-28	Show	GitHub Exploit DB Packet Storm