Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2961	5.3	警告 Local	OpenClaw	OpenClaw	OpenClawにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-42427	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2962	7.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける完全性チェックの欠如に関する脆弱性	CWE-353 完全性チェックの欠如	CVE-2026-42428	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2963	7.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42429	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2964	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42430	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2965	8.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42431	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2966	7.8	重要 Local	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42432	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

2967	6.3	警告 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-4515	2026-05-1 10:45	2026-03-21	Show	GitHub Exploit DB Packet Storm

2968	6.3	警告 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-707 CWE-74	CVE-2026-4516	2026-05-1 10:45	2026-03-21	Show	GitHub Exploit DB Packet Storm

2969	7.8	重要 Local	Linux Foundation	pytorch	Linux Foundationのpytorchにおける複数の脆弱性	CWE-20 CWE-502	CVE-2026-4538	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

2970	6.3	警告 Network	WAVLINK	WL-WN578W2 ファームウェア	WAVLINKのWL-WN578W2 ファームウェアにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-4543	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313951	5.3	MEDIUM Network	shedaniel	roughlyenoughitems	Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index…	CWE-129 Improper Validation of Array Index	CVE-2024-42698	2024-09-20 01:29	2024-08-29	Show	GitHub Exploit DB Packet Storm

313952	5.3	MEDIUM Network	mezz	justenoughitems	JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JE…	CWE-129 Improper Validation of Array Index	CVE-2024-41565	2024-09-20 01:19	2024-08-29	Show	GitHub Exploit DB Packet Storm

313953	7.3	HIGH Local	openpolicyagent	open_policy_agent	A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrar…	CWE-294 Authentication Bypass by Capture-replay	CVE-2024-8260	2024-09-20 01:08	2024-08-30	Show	GitHub Exploit DB Packet Storm

313954	4.6	MEDIUM Physics	ibm	maas360_mdm	IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device.	CWE-798 Use of Hard-coded Credentials	CVE-2024-35118	2024-09-20 00:53	2024-08-30	Show	GitHub Exploit DB Packet Storm

313955	8.1	HIGH Network	zohocorp	manageengine_exchange_reporter_plus	Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.	CWE-89 SQL Injection	CVE-2024-6204	2024-09-20 00:41	2024-08-31	Show	GitHub Exploit DB Packet Storm

313956	8.1	HIGH Network	master-nan	sweet-cms	A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/l…	CWE-117 Improper Output Neutralization for Logs	CVE-2024-8334	2024-09-20 00:39	2024-08-30	Show	GitHub Exploit DB Packet Storm

313957	9.8	CRITICAL Network	openrapid	rapidcms	A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username …	CWE-89 SQL Injection	CVE-2024-8335	2024-09-20 00:31	2024-08-30	Show	GitHub Exploit DB Packet Storm

313958	8.1	HIGH Network	eclipse	eclipse_dataspace_components	In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date…	CWE-287 Improper Authentication	CVE-2024-8642	2024-09-20 00:18	2024-09-11	Show	GitHub Exploit DB Packet Storm

313959	7.5	HIGH Network	hoverfly	hoverfly	Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST handler allows users to create new simulation views from …	CWE-22 Path Traversal	CVE-2024-45388	2024-09-20 00:18	2024-09-3	Show	GitHub Exploit DB Packet Storm

313960	4.6	MEDIUM Physics	idec	kit-fc6a-24-kc_firmware kit-fc6a-24-pc_firmware kit-fc6a-24-ra_firmware kit-fc6a-24-ra-hg1g_firmware kit-fc6a-24-ra-hg2g-5tn_firmware kit-fc6a-24-ra-hg2g-5tt_firmware kit-fc6a-24-rc…	Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtaine…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2024-41927	2024-09-20 00:10	2024-09-4	Show	GitHub Exploit DB Packet Storm