CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 10773
«« 先頭 « 前へ 1 / 539 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-9691 Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions. 9.8 0.48% 2026-06-15 2026-06-17
CVE-2026-9690 Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions. 7.5 0.47% 2026-06-17 2026-06-17
CVE-2026-6372 Missing Authorization vulnerability in Plisio Accept Cryptocurrencies with Plisio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept Cryptocurrencies with Plisio: from n/a through 2.0.5. 7.5 0.20% 2026-04-15 2026-06-17
CVE-2026-57766 Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor <= 3.5.6 versions. 8.8 該当なし 2026-07-02 2026-07-02
CVE-2026-57765 Contributor SQL Injection in WP EasyCart <= 5.9.0 versions. 8.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57764 Contributor Cross Site Scripting (XSS) in Surbma | Yoast SEO Breadcrumb Shortcode <= 1.2 versions. 6.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57763 Contributor Cross Site Scripting (XSS) in Structured Content <= 1.7.0 versions. 6.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57761 Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions. 7.1 該当なし 2026-07-02 2026-07-02
CVE-2026-57759 Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions. 8.8 該当なし 2026-07-02 2026-07-02
CVE-2026-57758 Unauthenticated Cross Site Request Forgery (CSRF) in Permalink Manager for WooCommerce <= 1.0.8.2 versions. 7.1 該当なし 2026-07-02 2026-07-02
CVE-2026-57757 Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions. 7.1 該当なし 2026-07-02 2026-07-02
CVE-2026-57756 Contributor SQL Injection in nicen-localize-image <= 1.4.9 versions. 8.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57755 Contributor Cross Site Scripting (XSS) in Mosaic Gallery &#8211; Advanced Gallery <= 1.2.0 versions. 6.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57754 Contributor Cross Site Scripting (XSS) in Livemesh Addons for WPBakery Page Builder <= 3.9.4 versions. 6.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57752 Contributor SQL Injection in iNET Webkit 1.2.4 versions. 8.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57751 Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions. 8.1 該当なし 2026-07-02 2026-07-02
CVE-2026-57749 Contributor Local File Inclusion in SportsPress Pro <= 2.7.29 versions. 7.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57748 Contributor Local File Inclusion in Shopify <= 1.0.0 versions. 7.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57747 Unauthenticated Cross Site Request Forgery (CSRF) in Booked <= 3.0.0 versions. 6.5 該当なし 2026-07-02 2026-07-02
CVE-2026-57746 Subscriber Broken Access Control in Booked <= 3.0.0 versions. 7.1 該当なし 2026-07-02 2026-07-02
«« 先頭 « 前へ 1 / 539 次へ »
cvelogic Threat Intelligence