Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3461	6.1	警告 Local	VMware	Spring AI	VMwareのSpring AIにおける安全でない一時ファイルに関する脆弱性	CWE-377 安全でない一時ファイル	CVE-2026-40979	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

3462	6.5	警告 Network	VMware	Spring AI	VMwareのSpring AIにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-40980	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

3463	5.3	警告 Local	OpenClaw	OpenClaw	OpenClawにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-41332	2026-05-1 10:47	2026-04-23	Show	GitHub Exploit DB Packet Storm

3464	4.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性	CWE-497 認可されていない制御領域への重要情報の漏えい	CVE-2026-41339	2026-05-1 10:47	2026-04-23	Show	GitHub Exploit DB Packet Storm

3465	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不適切な動作順序（早期増幅）に関する脆弱性	CWE-408 不適切な動作順序（早期増幅）	CVE-2026-41374	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

3466	4.6	警告 Adjacent	OpenClaw	OpenClaw	OpenClawにおける同一生成元ポリシー違反に関する脆弱性	CWE-346 同一生成元ポリシー違反	CVE-2026-41398	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

3467	7.5	重要 Network	OpenClaw	OpenClaw	OpenClawにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-41399	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

3468	7.5	重要 Network	OpenClaw	OpenClaw	OpenClawにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-41400	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

3469	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける誤って解決された名前や参照の使用に関する脆弱性	CWE-706 誤って解決された名前や参照の使用	CVE-2026-41402	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

3470	9.8	緊急 Network	Apache Software Foundation	MINA	Apache Software FoundationのMINAにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-41409	2026-05-1 10:46	2026-04-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346851	-	vortex_portal	vortex_portal	PHP remote file include vulnerability in (1) content.php and (2) index.php for Vortex Portal allows remote attackers to execute arbitrary PHP code via a URL in the act parameter.	NVD-CWE-Other	CVE-2005-0879	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

346852	-	vortex_portal	vortex_portal	content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message.	NVD-CWE-Other	CVE-2005-0880	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

346853	-	interspire	articlelive	Cross-site scripting (XSS) vulnerability in articles.newcomment for Interspire ArticleLive 2005 allows remote attackers to inject arbitrary web script or HTML via the Articleld parameter.	NVD-CWE-Other	CVE-2005-0881	2017-07-11 10:32	2005-03-23	Show	GitHub Exploit DB Packet Storm

346854	-	birdblog	birdblog	SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) userpw parameters.	NVD-CWE-Other	CVE-2005-0882	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

346855	-	digitalhive	digitalhive	Multiple cross-site scripting (XSS) vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the mt parameter to the membres.php page or (…	NVD-CWE-Other	CVE-2005-0883	2017-07-11 10:32	2005-03-23	Show	GitHub Exploit DB Packet Storm

346856	-	digitalhive	digitalhive	DigitalHive 2.0 allows remote attackers to re-install the product by directly accessing the install script.	NVD-CWE-Other	CVE-2005-0884	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

346857	-	michael_dean	double_choco_latte	Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in (1) functions.inc.php or (2) main.php, which cau…	NVD-CWE-Other	CVE-2005-0887	2017-07-11 10:32	2005-03-24	Show	GitHub Exploit DB Packet Storm

346858	-	michael_dean	double_choco_latte	Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) class or (2) method n…	NVD-CWE-Other	CVE-2005-0888	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

346859	-	microsoft	windows_xp	Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe.	CWE-20 Improper Input Validation	CVE-2005-0904	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

346860	-	smarty	smarty	Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code.	NVD-CWE-Other	CVE-2005-0913	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm