Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3901 7.8 重要
Local 		OpenClaw OpenClaw OpenClawにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-41396 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3902 9.6 緊急
Network 		OpenClaw OpenClaw OpenClawにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-41397 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3903 4 警告
Local 		OpenClaw OpenClaw OpenClawにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-41403 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3904 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41404 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3905 7.5 重要
Network 		OpenClaw OpenClaw OpenClawにおける不適切な動作順序(早期増幅)に関する脆弱性 CWE-408
不適切な動作順序(早期増幅) 		CVE-2026-41405 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3906 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-41406 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3907 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-41407 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3908 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-41408 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3909 4.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41910 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
3910 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41911 2026-05-7 12:29 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315491 - - - Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server. - CVE-2024-44734 2024-10-17 04:35 2024-10-12 Show GitHub Exploit DB Packet Storm
315492 - - - Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name. - CVE-2024-44730 2024-10-17 04:35 2024-10-12 Show GitHub Exploit DB Packet Storm
315493 - - - Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting. - CVE-2024-44729 2024-10-17 04:35 2024-10-12 Show GitHub Exploit DB Packet Storm
315494 7.1 HIGH
Local 		microsoft azure_monitor_agent Azure Monitor Agent Elevation of Privilege Vulnerability NVD-CWE-noinfo
CVE-2024-38097 2024-10-17 04:28 2024-10-9 Show GitHub Exploit DB Packet Storm
315495 6.1 MEDIUM
Network 		microchip timeprovider_4100_firmware Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This… CWE-79
Cross-site Scripting 		CVE-2024-43687 2024-10-17 04:28 2024-10-5 Show GitHub Exploit DB Packet Storm
315496 7.5 HIGH
Network 		microsoft windows_server_2022_23h2 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-38029 2024-10-17 04:27 2024-10-9 Show GitHub Exploit DB Packet Storm
315497 6.1 MEDIUM
Network 		microchip timeprovider_4100_firmware Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects Ti… CWE-79
Cross-site Scripting 		CVE-2024-43686 2024-10-17 04:20 2024-10-5 Show GitHub Exploit DB Packet Storm
315498 8.2 HIGH
Network 		cacti cacti Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewse… CWE-79
Cross-site Scripting 		CVE-2024-43365 2024-10-17 04:15 2024-10-8 Show GitHub Exploit DB Packet Storm
315499 8.8 HIGH
Network 		phpoffice phpspreadsheet PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images h… CWE-22
CWE-918
Path Traversal
Server-Side Request Forgery (SSRF)  		CVE-2024-45291 2024-10-17 04:09 2024-10-8 Show GitHub Exploit DB Packet Storm
315500 5.3 MEDIUM
Network 		php-fpm php-fpm In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being proce… NVD-CWE-noinfo
CVE-2024-8925 2024-10-17 03:53 2024-10-8 Show GitHub Exploit DB Packet Storm