Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2721 7.1 重要
Network 		OpenClaw OpenClaw OpenClawにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-41299 2026-04-30 12:26 2026-04-21 Show GitHub Exploit DB Packet Storm
2722 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける不完全な内部状態の区別に関する脆弱性 CWE-372
不完全な内部状態の区別 		CVE-2026-41300 2026-04-30 12:26 2026-04-21 Show GitHub Exploit DB Packet Storm
2723 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-41301 2026-04-30 12:26 2026-04-21 Show GitHub Exploit DB Packet Storm
2724 6.3 警告
Network 		OpenClaw OpenClaw OpenClawにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41302 2026-04-30 12:26 2026-04-21 Show GitHub Exploit DB Packet Storm
2725 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41303 2026-04-30 12:26 2026-04-21 Show GitHub Exploit DB Packet Storm
2726 6.5 警告
Network 		pypdf project pypdf pypdf projectのpypdfにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-41312 2026-04-30 12:26 2026-04-22 Show GitHub Exploit DB Packet Storm
2727 6.5 警告
Network 		pypdf project pypdf pypdf projectのpypdfにおける過度な反復の脆弱性 CWE-834
過度なイテレーション 		CVE-2026-41313 2026-04-30 12:26 2026-04-22 Show GitHub Exploit DB Packet Storm
2728 6.5 警告
Network 		pypdf project pypdf pypdf projectのpypdfにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-41314 2026-04-30 12:26 2026-04-22 Show GitHub Exploit DB Packet Storm
2729 5.4 警告
Network 		mintplexlabs anythingllm mintplexlabsのanythingllmにおける複数の脆弱性 CWE-116
CWE-1336
CWE-79
CVE-2026-41318 2026-04-30 12:26 2026-04-24 Show GitHub Exploit DB Packet Storm
2730 9.1 緊急
Network 		The Kyverno Authors Kyverno The Kyverno AuthorsのKyvernoにおける複数の脆弱性 CWE-200
CWE-918
CVE-2026-41323 2026-04-30 12:26 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314071 - - - Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin interface in SAP Production and Revenue Accounting allows unauthorized access that could lead to disc… CWE-862
 Missing Authorization 		CVE-2024-45286 2024-09-10 13:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314072 - - - The RFC enabled function module allows a low privileged user to add any workbook to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information … CWE-862
 Missing Authorization 		CVE-2024-44116 2024-09-10 12:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314073 - - - The RFC enabled function module allows a low privileged user to add URLs to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about ta… CWE-862
 Missing Authorization 		CVE-2024-44115 2024-09-10 12:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314074 - - - Due to missing authorization checks, SAP Business Warehouse (BEx Analyzer) allows an authenticated attacker to access information over the network which is otherwise restricted. On successful exploit… CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2024-44113 2024-09-10 12:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314075 - - - The RFC enabled function module allows a low privileged user to read any user's workplace favourites and user menu along with all the specific data of each node. Usernames can be enumerated by exploi… - CVE-2024-42380 2024-09-10 12:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314076 - - - Due to weak encoding of user-controlled inputs, eProcurement on SAP S/4HANA allows malicious scripts to be executed in the application, potentially leading to a Reflected Cross-Site Scripting (XSS) v… CWE-79
Cross-site Scripting 		CVE-2024-42378 2024-09-10 12:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314077 - - - The RFC enabled function module allows a low privileged user to delete the workplace favourites of any user. This vulnerability could be utilized to identify usernames and access information about ta… CWE-862
 Missing Authorization 		CVE-2024-42371 2024-09-10 12:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314078 - - - Due to missing authorization checks, SAP BEx Analyzer allows an authenticated attacker to access information over the network which is otherwise restricted. On successful exploitation the attacker ca… CWE-359
CWE-862
 Exposure of Private Personal Information to an Unauthorized Actor
 Missing Authorization 		CVE-2024-41729 2024-09-10 12:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314079 9.8 CRITICAL
Network 		- - **UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and NAS542 firmware versions through V5.21(ABAG.15… CWE-78
OS Command  		CVE-2024-6342 2024-09-10 11:15 2024-09-10 Show GitHub Exploit DB Packet Storm
314080 - - - Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php. - CVE-2024-44849 2024-09-10 05:35 2024-09-10 Show GitHub Exploit DB Packet Storm