NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2026-40753 | Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions. | 8.1 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40751 | Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions. | 8.1 | 0.32% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40749 | Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40748 | Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40747 | Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40746 | Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40739 | Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions. | 8.1 | 0.32% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40736 | Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions. | 8.1 | 0.32% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40735 | Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | 8.1 | 0.40% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40731 | Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions. | 8.1 | 0.42% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40726 | Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions. | 8.2 | 0.24% | 2026-06-17 | 2026-06-17 |
| CVE-2026-40725 | Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions. | 9.8 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39598 | Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server. This issue affects Academy LMS Pro: from n/a before 3.5.2. | 8.0 | 0.28% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39596 | Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions. | 9.3 | 0.37% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39589 | Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39582 | Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions. | 8.1 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39580 | Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions. | 8.1 | 0.32% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39573 | Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions. | 8.1 | 0.40% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39568 | Unauthenticated Local File Inclusion in Mr. SEO <= 2.0 versions. | 8.1 | 0.42% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39567 | Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions. | 8.1 | 0.40% | 2026-06-17 | 2026-06-17 |