Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3471 3.3
Local 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-4159 2026-05-1 10:46 2026-03-19 Show GitHub Exploit DB Packet Storm
3472 9.8 緊急
Network 		Apache Software Foundation MINA Apache Software FoundationのMINAにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-41635 2026-05-1 10:46 2026-04-27 Show GitHub Exploit DB Packet Storm
3473 3.7
Network 		OpenClaw OpenClaw OpenClawにおける競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2026-41913 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
3474 8.5 重要
Network 		OpenClaw OpenClaw OpenClawにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41914 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
3475 6.1 警告
Local 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-41915 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
3476 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-41916 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
3477 6.5 警告
Network 		Technitium DNS Server TechnitiumのDNS Serverにおける指定された機能の不適切な提供に関する脆弱性 CWE-684
指定された機能の不適切な提供 		CVE-2026-42255 2026-05-1 10:46 2026-04-26 Show GitHub Exploit DB Packet Storm
3478 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-42420 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
3479 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-42421 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
3480 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42422 2026-05-1 10:46 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313611 6.1 MEDIUM
Network 		- - The WP Photo Album Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wppa-tab' parameter in all versions up to, and including, 8.8.05.003 due to insufficient input sa… CWE-79
Cross-site Scripting 		CVE-2024-9951 2024-10-18 21:52 2024-10-17 Show GitHub Exploit DB Packet Storm
313612 - - - This issue tracks two CWE-416 Use After Free (UAF) and one CWE-415 Double Free vulnerabilities in Goahead versions <= 6.0.0. These are caused by JST values not being nulled when freed during parsing … CWE-415
CWE-416
 Double Free
 Use After Free 		CVE-2024-3187 2024-10-18 21:52 2024-10-17 Show GitHub Exploit DB Packet Storm
313613 - - - CWE-476 NULL Pointer Dereference vulnerability in the evalExpr() function of GoAhead Web Server (version <= 6.0.0) when compiled with the ME_GOAHEAD_JAVASCRIPT flag. This vulnerability allows a remot… - CVE-2024-3186 2024-10-18 21:52 2024-10-17 Show GitHub Exploit DB Packet Storm
313614 - - - Multiple CWE-476 NULL Pointer Dereference vulnerabilities were found in GoAhead Web Server up to version 6.0.0 when compiled with the ME_GOAHEAD_REPLACE_MALLOC flag. Without a memory notifier for all… CWE-476
 NULL Pointer Dereference 		CVE-2024-3184 2024-10-18 21:52 2024-10-17 Show GitHub Exploit DB Packet Storm
313615 4.3 MEDIUM
Network 		- - The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to m… CWE-352
 Origin Validation Error 		CVE-2024-9352 2024-10-18 21:52 2024-10-17 Show GitHub Exploit DB Packet Storm
313616 - - - MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. This vulnerability could allow an attacker to tamper with sensitive data. - CVE-2024-4740 2024-10-18 18:15 2024-10-18 Show GitHub Exploit DB Packet Storm
313617 9.8 CRITICAL
Network 		- - SECOM WRTR-304GN-304TW-UPSC does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system c… CWE-78
OS Command  		CVE-2024-10118 2024-10-18 13:15 2024-10-18 Show GitHub Exploit DB Packet Storm
313618 5.9 MEDIUM
Network 		- - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CWE-416
 Use After Free 		CVE-2024-49023 2024-10-18 10:15 2024-10-18 Show GitHub Exploit DB Packet Storm
313619 5.9 MEDIUM
Network 		- - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CWE-122
Heap-based Buffer Overflow 		CVE-2024-43587 2024-10-18 10:15 2024-10-18 Show GitHub Exploit DB Packet Storm
313620 - - - Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access. - CVE-2024-47976 2024-10-18 07:15 2024-10-8 Show GitHub Exploit DB Packet Storm