Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3101	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性	CWE-497 認可されていない制御領域への重要情報の漏えい	CVE-2026-41335	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3102	7.8	重要 Local	OpenClaw	OpenClaw	OpenClawにおける信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-41336	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3103	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-41337	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3104	5	警告 Local	OpenClaw	OpenClaw	OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-41338	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3105	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不完全な内部状態の区別に関する脆弱性	CWE-372 不完全な内部状態の区別	CVE-2026-41340	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3106	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不十分な型の区別に関する脆弱性	CWE-351 不十分な型の区別	CVE-2026-41341	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3107	8.1	重要 Adjacent	OpenClaw	OpenClaw	OpenClawにおける同一生成元ポリシー違反に関する脆弱性	CWE-346 同一生成元ポリシー違反	CVE-2026-41342	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3108	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるインタラクション頻度の制御に関する脆弱性	CWE-799 インタラクション頻度の不適切な制御	CVE-2026-41343	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3109	8.8	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41344	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3110	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおける認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-41345	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314571	-		-	-	CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1.0 allows add_members.php fullname stored XSS.	-	CVE-2024-45528	2024-09-4 00:35	2024-09-2	Show	GitHub Exploit DB Packet Storm

314572	-		-	-	REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead to resultant logout CSRF via index.php?logout=1, and can also be used to insert a link to an external …	-	CVE-2024-45527	2024-09-4 00:35	2024-09-2	Show	GitHub Exploit DB Packet Storm

314573	-		-	-	Lightdash version 0.1024.6 allows users with the necessary permissions, such as Administrator or Editor, to create and share dashboards. A dashboard that contains HTML elements which point to a threa…	-	CVE-2024-6586	2024-09-4 00:35	2024-08-31	Show	GitHub Exploit DB Packet Storm

314574	-		-	-	Multiple stored cross-site scripting (“XSS”) vulnerabilities in the markdown dashboard and dashboard comment functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to i…	-	CVE-2024-6585	2024-09-4 00:35	2024-08-31	Show	GitHub Exploit DB Packet Storm

314575	5.4	MEDIUM Network	automattic	ghacitivity ghactivity	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic GHActivity allows Stored XSS.This issue affects GHActivity: from n/a through 2.…	CWE-79 Cross-site Scripting	CVE-2024-43949	2024-09-4 00:27	2024-08-30	Show	GitHub Exploit DB Packet Storm

314576	6.1	MEDIUM Network	dineshkarki	wp_armour	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dinesh Karki WP Armour Extended.This issue affects WP Armour Extended: from n/a through 1.…	CWE-79 Cross-site Scripting	CVE-2024-43948	2024-09-4 00:22	2024-08-30	Show	GitHub Exploit DB Packet Storm

314577	5.4	MEDIUM Network	sktthemes	skt_blocks	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Blocks – Gutenberg based Page Builder allows Stored XSS.This issue affects …	CWE-79 Cross-site Scripting	CVE-2024-43946	2024-09-4 00:21	2024-08-30	Show	GitHub Exploit DB Packet Storm

314578	5.4	MEDIUM Network	wpdeveloper	embedpress	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4…	CWE-79 Cross-site Scripting	CVE-2024-43936	2024-09-4 00:20	2024-08-30	Show	GitHub Exploit DB Packet Storm

314579	5.4	MEDIUM Network	wpdelicious	wp_delicious	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Delicious Delicious Recipes – WordPress Recipe Plugin allows Stored XSS.This issue affe…	CWE-79 Cross-site Scripting	CVE-2024-43935	2024-09-4 00:19	2024-08-30	Show	GitHub Exploit DB Packet Storm

314580	5.4	MEDIUM Network	robfelty	collapsing_archives	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robert Felty Collapsing Archives allows Stored XSS.This issue affects Collapsing Archives:…	CWE-79 Cross-site Scripting	CVE-2024-43934	2024-09-4 00:17	2024-08-30	Show	GitHub Exploit DB Packet Storm