Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251891 4.3 警告 オラクル - Oracle E-Business Suite の Business Intelligence コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-2246 2011-08-1 11:46 2011-07-19 Show GitHub Exploit DB Packet Storm
251892 6.8 警告 オラクル - Oracle Enterprise Manager Grid Control の Database Control コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0845 2011-08-1 11:45 2011-07-19 Show GitHub Exploit DB Packet Storm
251893 5 警告 オラクル - Oracle Fusion Middleware の Oracle Business Intelligence Enterprise Edition コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-2241 2011-08-1 11:42 2011-07-19 Show GitHub Exploit DB Packet Storm
251894 4 警告 オラクル - Oracle Fusion Middleware の Oracle BPEL Process Manager コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0884 2011-08-1 11:40 2011-07-19 Show GitHub Exploit DB Packet Storm
251895 4 警告 オラクル - Oracle Fusion Middleware の Oracle Containers for J2EE コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0883 2011-08-1 11:33 2011-07-19 Show GitHub Exploit DB Packet Storm
251896 6 警告 オラクル - Oracle Database Server および Oracle Fusion Middleware における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2232 2011-08-1 11:32 2011-07-19 Show GitHub Exploit DB Packet Storm
251897 4.3 警告 オラクル - Oracle Database Server および Oracle Fusion Middleware における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2231 2011-08-1 11:31 2011-07-19 Show GitHub Exploit DB Packet Storm
251898 10 危険 オラクル - Oracle Secure Backup における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2261 2011-08-1 11:30 2011-07-19 Show GitHub Exploit DB Packet Storm
251899 5.1 警告 サイバートラスト株式会社
Carnegie Mellon University (Project Cyrus)
レッドハット		 - Cyrus IMAP Server の STARTTLS 実装における暗号化セッションにコマンドを挿入される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1926 2011-08-1 11:02 2011-05-23 Show GitHub Exploit DB Packet Storm
251900 6.9 警告 GNU Project
サイバートラスト株式会社
レッドハット		 - bash-doc における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-5374 2011-08-1 10:58 2008-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2851 4.3 MEDIUM
Network 		openclaw openclaw OpenClaw versions 2026.2.19 before 2026.3.31 contain an improper cache isolation vulnerability in the Zalo webhook replay-dedupe mechanism that is shared across authenticated webhook targets. Attacke… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-41362 2026-04-29 03:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2852 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension resolveUploadInput function that bypasses file-system sandbox restrictions. Attackers can e… CWE-22
Path Traversal 		CVE-2026-41363 2026-04-29 03:46 2026-04-28 Show GitHub Exploit DB Packet Storm
2853 8.1 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attackers to write arbitrary files. Attackers can exploit this by uploading tar archi… CWE-59
Link Following 		CVE-2026-41364 2026-04-29 03:45 2026-04-28 Show GitHub Exploit DB Packet Storm
2854 5.5 MEDIUM
Local 		openclaw openclaw OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper me… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-41366 2026-04-29 03:45 2026-04-28 Show GitHub Exploit DB Packet Storm
2855 5.0 MEDIUM
Network 		openclaw openclaw OpenClaw versions 2026.2.14 through 2026.3.24 fail to consistently apply guild and channel policy gates to Discord button and component interactions. Attackers can trigger privileged component action… CWE-863
 Incorrect Authorization 		CVE-2026-41367 2026-04-29 03:45 2026-04-28 Show GitHub Exploit DB Packet Storm
2856 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using … CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-41368 2026-04-29 03:44 2026-04-28 Show GitHub Exploit DB Packet Storm
2857 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 contains insufficient environment variable sanitization in host exec operations, failing to filter package, registry, Docker, compiler, and TLS override variables. Attackers… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-41369 2026-04-29 03:44 2026-04-28 Show GitHub Exploit DB Packet Storm
2858 8.5 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate targ… CWE-863
 Incorrect Authorization 		CVE-2026-41371 2026-04-29 03:44 2026-04-28 Show GitHub Exploit DB Packet Storm
2859 5.8 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses re… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-41372 2026-04-29 03:43 2026-04-28 Show GitHub Exploit DB Packet Storm
2860 8.8 HIGH
Network 		jpcert logontracer An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user. CWE-78
OS Command  		CVE-2026-33277 2026-04-29 03:43 2026-04-27 Show GitHub Exploit DB Packet Storm