Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2381	7.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42429	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2382	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42430	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2383	8.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42431	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2384	7.8	重要 Local	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42432	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2385	6.3	警告 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-4515	2026-05-1 10:45	2026-03-21	Show	GitHub Exploit DB Packet Storm

2386	6.3	警告 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-707 CWE-74	CVE-2026-4516	2026-05-1 10:45	2026-03-21	Show	GitHub Exploit DB Packet Storm

2387	7.8	重要 Local	Linux Foundation	pytorch	Linux Foundationのpytorchにおける複数の脆弱性	CWE-20 CWE-502	CVE-2026-4538	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

2388	6.3	警告 Network	WAVLINK	WL-WN578W2 ファームウェア	WAVLINKのWL-WN578W2 ファームウェアにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-4543	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

2389	4.8	警告 Network	WAVLINK	WL-WN578W2 ファームウェア	WAVLINKのWL-WN578W2 ファームウェアにおける複数の脆弱性	CWE-79 CWE-94	CVE-2026-4544	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

2390	8.8	重要 Network	シスコシステムズ (Linksys)	mr9600 ファームウェア	Linksysのmr9600 ファームウェアにおける複数の脆弱性	CWE-77 CWE-78	CVE-2026-4558	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313401	-	-	-	OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the devi…	-	CVE-2024-43778	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313402	-	-	-	Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the d…	-	CVE-2024-41929	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313403	-	-	-	SQL injection vulnerability in Welcart e-Commerce prior to 2.11.2 allows an attacker who can login to the product to obtain or alter the information stored in the database.	-	CVE-2024-42404	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313404	-	-	-	Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product.	-	CVE-2024-45679	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313405	-	-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a …	CWE-89 SQL Injection	CVE-2024-43969	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313406	-	-	-	Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medi…	-	CVE-2024-8905	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313407	-	-	-	Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	-	CVE-2024-8904	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313408	-	-	-	Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages r…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-46982	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313409	-	-	-	Vite a frontend build tooling framework for javascript. Affected versions of vite were discovered to contain a DOM Clobbering vulnerability when building scripts to `cjs`/`iife`/`umd` output format. …	CWE-79 Cross-site Scripting	CVE-2024-45812	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

313410	-	-	-	Vite a frontend build tooling framework for javascript. In affected versions the contents of arbitrary files can be returned to the browser. `@fs` denies access to files outside of Vite serving allow…	CWE-200 CWE-284 Information Exposure Improper Access Control	CVE-2024-45811	2024-09-20 21:30	2024-09-18	Show	GitHub Exploit DB Packet Storm