Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251041 4.7 警告 マイクロソフト - Microsoft Windows の win32k.sys におけるサービス運用妨害 (システムハング) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2002 2011-10-21 15:25 2011-10-11 Show GitHub Exploit DB Packet Storm
251042 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格またはサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-1985 2011-10-21 15:24 2011-10-11 Show GitHub Exploit DB Packet Storm
251043 9.3 危険 マイクロソフト - Microsoft Windows Vista および Windows 7 の Windows Media Center における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-2009 2011-10-21 15:24 2011-10-11 Show GitHub Exploit DB Packet Storm
251044 9.3 危険 マイクロソフト - Microsoft Windows の Microsoft Active Accessibility コンポーネントにおける権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-1247 2011-10-21 15:23 2011-10-11 Show GitHub Exploit DB Packet Storm
251045 4 警告 マイクロソフト - 複数の Microsoft 製品における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2011-1892 2011-10-21 15:18 2011-09-13 Show GitHub Exploit DB Packet Storm
251046 4.3 警告 マイクロソフト - Microsoft Windows SharePoint Services および SharePoint Foundation におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1891 2011-10-21 15:18 2011-09-13 Show GitHub Exploit DB Packet Storm
251047 4.3 警告 マイクロソフト - 複数の Microsoft SharePoint 製品の EditForm.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1890 2011-10-21 15:17 2011-09-13 Show GitHub Exploit DB Packet Storm
251048 4.3 警告 マイクロソフト - 複数の Microsoft SharePoint 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-0653 2011-10-21 15:17 2011-09-13 Show GitHub Exploit DB Packet Storm
251049 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2001 2011-10-21 11:55 2011-10-11 Show GitHub Exploit DB Packet Storm
251050 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2000 2011-10-21 11:50 2011-10-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2221 6.1 MEDIUM
Local 		openclaw openclaw OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GIT_DIR and related varia… CWE-184
 Incomplete Blacklist 		CVE-2026-41915 2026-04-30 23:04 2026-04-29 Show GitHub Exploit DB Packet Storm
2222 5.4 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.8 contains a session management vulnerability where existing WebSocket sessions survive shared gateway token rotation. Attackers can maintain unauthorized access to WebSocket c… CWE-613
 Insufficient Session Expiration 		CVE-2026-42421 2026-04-30 23:04 2026-04-29 Show GitHub Exploit DB Packet Storm
2223 8.8 HIGH
Network 		tenda f456_firmware A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argumen… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7099 2026-04-30 23:04 2026-04-27 Show GitHub Exploit DB Packet Storm
2224 8.8 HIGH
Network 		tenda f456_firmware A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overf… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7100 2026-04-30 23:03 2026-04-27 Show GitHub Exploit DB Packet Storm
2225 8.8 HIGH
Network 		tenda f456_firmware A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page leads to buffer over… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7030 2026-04-30 23:03 2026-04-26 Show GitHub Exploit DB Packet Storm
2226 8.8 HIGH
Network 		tenda f456_firmware A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argum… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7098 2026-04-30 23:03 2026-04-27 Show GitHub Exploit DB Packet Storm
2227 8.8 HIGH
Network 		tenda f456_firmware A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulation of the argument menufacturer/Go can … CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7029 2026-04-30 23:03 2026-04-26 Show GitHub Exploit DB Packet Storm
2228 8.5 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to ac… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-41914 2026-04-30 23:02 2026-04-29 Show GitHub Exploit DB Packet Storm
2229 7.5 HIGH
Network 		vmware spring_boot Values produced by ${random.value} are not suitable for use as secrets. ${random.uuid} is not affected. ${random.int} and ${random.long} should never be used for secrets as they are numeric values wi… CWE-330
 Use of Insufficiently Random Values 		CVE-2026-40975 2026-04-30 22:57 2026-04-28 Show GitHub Exploit DB Packet Storm
2230 9.1 CRITICAL
Network 		vmware spring_boot In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web applica… CWE-862
 Missing Authorization 		CVE-2026-40976 2026-04-30 22:54 2026-04-28 Show GitHub Exploit DB Packet Storm