Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2711 7.7 重要
Network 		OpenClaw OpenClaw OpenClawにおける複数の脆弱性 CWE-1188
CWE-918
CVE-2026-43527 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2712 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける保存または転送前の重要な情報の削除に関する脆弱性 CWE-212
保存または転送前の重要な情報の不適切な削除 		CVE-2026-43528 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2713 2.5
Local 		OpenClaw OpenClaw OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-43529 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2714 7.7 重要
Network 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-43532 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2715 8.6 重要
Network 		OpenClaw OpenClaw OpenClawにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-43533 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2716 9.8 緊急
Network 		OpenClaw OpenClaw OpenClawにおけるデータの信頼性についての不十分な検証に関する脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2026-43534 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2717 9.8 緊急
Network 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-43566 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2718 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-43567 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2719 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-43568 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2720 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-43569 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312621 9.8 CRITICAL
Network 		codezips pet_shop_management_system A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /deleteanimal.php. The manipulation of the … CWE-89
SQL Injection 		CVE-2024-10427 2024-10-31 03:21 2024-10-28 Show GitHub Exploit DB Packet Storm
312622 7.5 HIGH
Network 		vasyltech advanced_access_manager The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media paramet… CWE-22
Path Traversal 		CVE-2019-25213 2024-10-31 03:20 2024-10-16 Show GitHub Exploit DB Packet Storm
312623 5.4 MEDIUM
Network 		cvat computer_vision_annotation_tool Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task,… CWE-863
 Incorrect Authorization 		CVE-2024-47172 2024-10-31 03:20 2024-10-1 Show GitHub Exploit DB Packet Storm
312624 9.8 CRITICAL
Network 		kaswara_project kaswara The Kaswara Modern VC Addons plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.0.1 due to insufficient capability checking on various AJAX actions. This m… CWE-862
 Missing Authorization 		CVE-2021-4448 2024-10-31 03:18 2024-10-16 Show GitHub Exploit DB Packet Storm
312625 9.8 CRITICAL
Network 		codezips pet_shop_management_system A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /animalsadd.php. The manipulation of the argument id… CWE-89
SQL Injection 		CVE-2024-10426 2024-10-31 03:16 2024-10-28 Show GitHub Exploit DB Packet Storm
312626 - - - ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE. An attacker could exploit these vulnerabilities by sending a specially crafted firmware or configura… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2024-8036 2024-10-31 03:15 2024-10-26 Show GitHub Exploit DB Packet Storm
312627 7.1 HIGH
Local 		apple iphone_os
ipados
visionos
tvos 		A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup… NVD-CWE-noinfo
CVE-2024-44252 2024-10-31 03:11 2024-10-29 Show GitHub Exploit DB Packet Storm
312628 9.8 CRITICAL
Network 		codezips pet_shop_management_system A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. Affected is an unknown function of the file /deletebird.php. The manipulation of the argument … CWE-89
SQL Injection 		CVE-2024-10431 2024-10-31 03:10 2024-10-28 Show GitHub Exploit DB Packet Storm
312629 7.5 HIGH
Network 		useragent_project useragent Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of… CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2020-26311 2024-10-31 03:07 2024-10-27 Show GitHub Exploit DB Packet Storm
312630 6.1 MEDIUM
Network 		openrefine openrefine OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `/extension/gdata/authorized` endpoint includes the `state` GET parameter verbatim in a `<script>` tag … CWE-79
Cross-site Scripting 		CVE-2024-47878 2024-10-31 03:01 2024-10-25 Show GitHub Exploit DB Packet Storm