Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229301 5 警告 Xerox - Xerox WorkCentre および WorkCentre Pro における電子メールメッセージの署名を変更される脆弱性 - CVE-2006-6431 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229302 7.8 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の Web services における重要な情報を取得される脆弱性 - CVE-2006-6430 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229303 5 警告 Xerox - Xerox WorkCentre などにおける特定の設定内容を変更される脆弱性 - CVE-2006-6429 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229304 7.5 危険 Xerox - Xerox WorkCentre などにおけるアクセス権を取得される脆弱性 - CVE-2006-6428 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229305 7.5 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の Web User Interface における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2006-6427 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229306 6.8 警告 thinkedit - ThinkEdit の design/thinkedit/render.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6426 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229307 6 警告 phpBB - phpBB のプライベートメッセージボックス実装 (privmsg.php) におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6421 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229308 6.8 警告 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6420 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229309 7.5 危険 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE における任意のローカルファイルをインクルードされる脆弱性 - CVE-2006-6419 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229310 7.5 危険 phpleague - univert - PhpLeague - Univert PhpLeague における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6416 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
721 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook e… Update CWE-799
 Improper Control of Interaction Frequency 		CVE-2026-41343 2026-04-29 03:56 2026-04-24 Show GitHub Exploit DB Packet Storm
722 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans default-account trust into all named accounts. Attackers can exp… Update CWE-372
 Incomplete Internal State Distinction 		CVE-2026-41340 2026-04-29 03:56 2026-04-24 Show GitHub Exploit DB Packet Storm
723 5.0 MEDIUM
Local 		openclaw openclaw OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act pattern… Update CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-41338 2026-04-29 03:56 2026-04-24 Show GitHub Exploit DB Packet Storm
724 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers wi… Update CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-41337 2026-04-29 03:55 2026-04-24 Show GitHub Exploit DB Packet Storm
725 7.8 HIGH
Local 		openclaw openclaw OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted… Update CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-41336 2026-04-29 03:55 2026-04-24 Show GitHub Exploit DB Packet Storm
726 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitiv… Update CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-41335 2026-04-29 03:55 2026-04-24 Show GitHub Exploit DB Packet Storm
727 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized … Update CWE-636
 Not Failing Securely ('Failing Open') 		CVE-2026-41334 2026-04-29 03:55 2026-04-24 Show GitHub Exploit DB Packet Storm
728 3.7 LOW
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can e… Update CWE-799
 Improper Control of Interaction Frequency 		CVE-2026-41333 2026-04-29 03:55 2026-04-24 Show GitHub Exploit DB Packet Storm
729 8.8 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node scope gate authentication mechanism. Attackers with device pairing credentials … Update CWE-862
 Missing Authorization 		CVE-2026-41352 2026-04-29 03:54 2026-04-24 Show GitHub Exploit DB Packet Storm
730 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: introduce smbdirect_socket.recv_io.credits.available The logic off managing recv credits by counting posted recv_… Update NVD-CWE-noinfo
CVE-2026-31539 2026-04-29 03:54 2026-04-25 Show GitHub Exploit DB Packet Storm