CISA の Known Exploited Vulnerabilities(KEV)カタログと整合するビューで、実際に悪用が確認されている脆弱性だけに絞ります。CVE・ベンダー・製品名で素早く検索し、資産への影響を把握しやすくします。机上のスコアだけでなく現場の脅威活動を前に出して優先度を決められるため、対応リソースを最も切迫した事象に寄せられます。
| CVE | 脆弱性名 | ベンダー/製品 | 掲載日 | 対応期限 | 概要 |
|---|---|---|---|---|---|
| CVE-2026-20253 | Splunk Enterprise Missing Authentication for Critical Function Vulnerability | Splunk / Enterprise | 2026-06-18 | 2026-06-21 | In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authenticat… |
| CVE-2026-48907 | Widget Factory Joomla Content Editor Improper Access Control Vulnerability | Widget Factory / Joomla Content Editor | 2026-06-16 | 2026-06-19 | A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution. |
| CVE-2026-54420 | LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability | LiteSpeed / cPanel Plugin | 2026-06-15 | 2026-06-18 | LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026. |
| CVE-2026-20262 | Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability | Cisco / Catalyst SD-WAN Manager | 2026-06-15 | 2026-06-29 | A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does n… |
| CVE-2026-35273 | Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability | Oracle / PeopleSoft Enterprise PeopleTools | 2026-06-12 | 2026-06-15 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP t… |
| CVE-2026-10520 | Ivanti Sentry OS Command Injection Vulnerability | Ivanti / Sentry | 2026-06-11 | 2026-06-14 | An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution |
| CVE-2026-7473 | Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability | Arista / Extensible Operating System | 2026-06-09 | 2026-06-23 | On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tun… |
| CVE-2026-20245 | Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability | Cisco / Catalyst SD-WAN Manager | 2026-06-09 | 2026-06-23 | A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands a… |
| CVE-2026-11645 | Google Chromium V8 Out-of-Bounds Read and Write Vulnerability | Google / Chromium V8 | 2026-06-09 | 2026-06-23 | Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-50751 | Check Point Security Gateway Improper Authentication Vulnerability | Check Point / Security Gateway | 2026-06-08 | 2026-06-11 | A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password. |
| CVE-2026-42271 | BerriAI LiteLLM Command Injection Vulnerability | BerriAI / LiteLLM | 2026-06-08 | 2026-06-22 | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full s… |
| CVE-2026-28318 | SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability | SolarWinds / Serv-U | 2026-06-05 | 2026-06-19 | SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the u… |
| CVE-2026-45247 | Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability | Mirasvit / Mirasvit Full Page Cache Warmer | 2026-06-03 | 2026-06-06 | Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit … |
| CVE-2025-48595 | Android Framework Integer Overflow Vulnerability | Android / Framework | 2026-06-02 | 2026-06-05 | In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| CVE-2022-0492 | Linux Kernel Improper Authentication Vulnerability | Linux / Kernel | 2026-06-02 | 2026-06-05 | A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpecte… |
| CVE-2024-21182 | Oracle WebLogic Server Unspecified Vulnerability | Oracle / WebLogic Server | 2026-06-01 | 2026-06-04 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise… |
| CVE-2026-0257 | Palo Alto Networks PAN-OS Authentication Bypass Vulnerability | Palo Alto Networks / PAN-OS | 2026-05-29 | 2026-06-01 | Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues. |
| CVE-2026-8398 | Daemon Tools Lite Embedded Malicious Code Vulnerability | Daemon / Daemon Tools Lite | 2026-05-27 | 2026-05-30 | A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorize… |
| CVE-2026-48027 | Nx Console Embedded Malicious Code Vulnerability | Nx / Nx Console | 2026-05-27 | 2026-06-10 | Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detec… |
| CVE-2026-45321 | TanStack Unspecified Vulnerability | TanStack / TanStack | 2026-05-27 | 2026-06-10 | On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publis… |