NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2026-39529 | Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions. | 9.8 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39522 | Unauthenticated Local File Inclusion in Solene <= 3.4 versions. | 8.1 | 0.42% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39446 | Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions. | 8.1 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39443 | Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions. | 8.1 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2026-39438 | Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions. | 9.3 | 0.37% | 2026-06-17 | 2026-06-17 |
| CVE-2026-34895 | Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions. | 8.1 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-34894 | Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions. | 8.1 | 0.42% | 2026-06-17 | 2026-06-17 |
| CVE-2026-34893 | Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions. | 8.1 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-27429 | Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions. | 9.8 | 0.56% | 2026-06-17 | 2026-06-17 |
| CVE-2026-27400 | Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions. | 8.6 | 0.51% | 2026-06-17 | 2026-06-17 |
| CVE-2026-27395 | Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions. | 9.8 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-27041 | Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium) <= 2.0.6 versions. | 9.9 | 0.32% | 2026-06-17 | 2026-06-17 |
| CVE-2026-25470 | Improper Control of Generation of Code ('Code Injection') vulnerability in ACPT ACPT (Pro) - Custom Post Types Plugin for WordPress allows Remote Code Inclusion. This issue affects ACPT (Pro) - Custom Post Types Plugin for WordPress: from n/a through 2.0.47. | 10.0 | 0.41% | 2026-06-17 | 2026-06-17 |
| CVE-2026-25446 | Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-25439 | Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions. | 8.1 | 0.32% | 2026-06-17 | 2026-06-17 |
| CVE-2026-24611 | Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions. | 9.1 | 0.44% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22343 | Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions. | 8.6 | 0.26% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22342 | Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions. | 8.8 | 0.18% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22340 | Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions. | 9.3 | 0.37% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22338 | Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions. | 8.1 | 0.34% | 2026-06-17 | 2026-06-17 |