Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3871	7.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-41347	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3872	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41348	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3873	8.8	重要 Network	OpenClaw	OpenClaw	OpenClawにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-41349	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3874	4.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41350	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3875	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるCapture-replay による認証回避に関する脆弱性	CWE-294 Capture-replayによる認証回避	CVE-2026-41351	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3876	8.8	重要 Network	OpenClaw	OpenClaw	OpenClawにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-41352	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3877	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-41356	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3878	3.3	低 Local	OpenClaw	OpenClaw	OpenClawにおける重要な情報を使用しているプロセスの呼び出しに関する脆弱性	CWE-214 重要な情報を使用しているプロセスの呼び出し	CVE-2026-41357	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3879	8.8	重要 Network	OpenClaw	OpenClaw	OpenClawにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-41359	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

3880	7.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-184 CWE-918	CVE-2026-41361	2026-04-30 11:00	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
353291	-	pi3	pi3web	Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.	NVD-CWE-Other	CVE-2002-0433	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353292	-	marcus_s._xenakis	directory.php	Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter.	NVD-CWE-Other	CVE-2002-0434	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353293	-	gnu	fileutils	Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils …	NVD-CWE-Other	CVE-2002-0435	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353294	-	stefan_frings	sms_server_tools	Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attackers to execute arbitrary commands via shell metacharacters (backquotes) in message text, as described with the term "string format…	NVD-CWE-Other	CVE-2002-0437	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353295	-	caupo.net	cauposhop	Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by …	NVD-CWE-Other	CVE-2002-0439	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353296	-	jerrett_taylor	php_imglist	Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter.	NVD-CWE-Other	CVE-2002-0441	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353297	-	caldera	openserver	Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.	NVD-CWE-Other	CVE-2002-0442	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353298	-	microsoft	windows_2000_terminal_services	Microsoft Windows 2000 running the Terminal Server 90-day trial version, and possibly other versions, does not apply group policies to incoming users when the number of connections to the SYSVOL shar…	NVD-CWE-Other	CVE-2002-0444	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353299	-	php_firstpost	php_firstpost	article.php in PHP FirstPost 0.1 allows allows remote attackers to obtain the full pathname of the server via an invalid post number in the post parameter, which leaks the pathname in an error messag…	NVD-CWE-Other	CVE-2002-0445	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm

353300	-	black_tie_project	black_tie_project	categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathna…	NVD-CWE-Other	CVE-2002-0446	2008-09-6 05:28	2002-07-26	Show	GitHub Exploit DB Packet Storm