Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3481	5.3	警告 Local	OpenClaw	OpenClaw	OpenClawにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-42427	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

3482	7.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける完全性チェックの欠如に関する脆弱性	CWE-353 完全性チェックの欠如	CVE-2026-42428	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

3483	7.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42429	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

3484	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42430	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

3485	8.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42431	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

3486	7.8	重要 Local	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42432	2026-05-1 10:46	2026-04-28	Show	GitHub Exploit DB Packet Storm

3487	6.3	警告 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-4515	2026-05-1 10:45	2026-03-21	Show	GitHub Exploit DB Packet Storm

3488	6.3	警告 Network	MetaGPT	MetaGPT	MetaGPTにおける複数の脆弱性	CWE-707 CWE-74	CVE-2026-4516	2026-05-1 10:45	2026-03-21	Show	GitHub Exploit DB Packet Storm

3489	7.8	重要 Local	Linux Foundation	pytorch	Linux Foundationのpytorchにおける複数の脆弱性	CWE-20 CWE-502	CVE-2026-4538	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

3490	6.3	警告 Network	WAVLINK	WL-WN578W2 ファームウェア	WAVLINKのWL-WN578W2 ファームウェアにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-4543	2026-05-1 10:45	2026-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315611	9.8	CRITICAL Network	nitropack	nitropack	Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. NitroPack allows Code Injection.This issue affects NitroPack: from n/a through 1.16.7.	CWE-94 Code Injection	CVE-2024-43922	2024-09-20 06:44	2024-08-30	Show	GitHub Exploit DB Packet Storm

315612	8.8	HIGH Adjacent	dlink	covr-x1870_firmware dir-x4860_firmware	Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded…	CWE-912 Hidden Functionality	CVE-2024-45696	2024-09-20 06:42	2024-09-16	Show	GitHub Exploit DB Packet Storm

315613	9.8	CRITICAL Network	dlink	dir-x4860_firmware	Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS comm…	CWE-912 Hidden Functionality	CVE-2024-45697	2024-09-20 06:40	2024-09-16	Show	GitHub Exploit DB Packet Storm

315614	9.8	CRITICAL Network	pluck-cms	pluck	Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-43042	2024-09-20 06:01	2024-08-17	Show	GitHub Exploit DB Packet Storm

315615	8.8	HIGH Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Due to the insufficient validation of the `path` parameter in the NuxtTestComponentWrapper, an…	CWE-94 Code Injection	CVE-2024-34344	2024-09-20 05:58	2024-08-6	Show	GitHub Exploit DB Packet Storm

315616	7.5	HIGH Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. `nuxt/icon` provides an API to allow client side icon lookup. This endpoint is at `/api/_nuxt_…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-42352	2024-09-20 05:55	2024-08-6	Show	GitHub Exploit DB Packet Storm

315617	7.8	HIGH Local	mongodb	mongodb c_driver php_driver	Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing…	NVD-CWE-noinfo	CVE-2024-7553	2024-09-20 05:46	2024-08-7	Show	GitHub Exploit DB Packet Storm

315618	6.1	MEDIUM Network	mailcow	mailcow\	mailcow: dockerized is an open source groupware/email suite based on docker. An unauthenticated attacker can inject a JavaScript payload into the API logs. This payload is executed whenever the API l…	CWE-79 Cross-site Scripting	CVE-2024-41959	2024-09-20 05:14	2024-08-6	Show	GitHub Exploit DB Packet Storm

315619	4.8	MEDIUM Network	mailcow	mailcow\	mailcow: dockerized is an open source groupware/email suite based on docker. An authenticated admin user can inject a JavaScript payload into the Relay Hosts configuration. The injected payload is ex…	CWE-79 Cross-site Scripting	CVE-2024-41960	2024-09-20 05:01	2024-08-6	Show	GitHub Exploit DB Packet Storm

315620	6.1	MEDIUM Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The `navigateTo` function attempts to blockthe `javascript:` protocol, but does not correctly …	CWE-79 Cross-site Scripting	CVE-2024-34343	2024-09-20 04:57	2024-08-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed