CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 81100 / 16965
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-27430 Unauthenticated Cross Site Scripting (XSS) in TheFox <= 3.9.76 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-27426 Unauthenticated Cross Site Scripting (XSS) in Automotive Car Dealership Business <= 13.3.3 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-27425 Unauthenticated Cross Site Scripting (XSS) in Automotive Listings <= 18.6 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2026-27419 Subscriber Arbitrary File Upload in Zegen <= 1.1.9 versions. 9.9 0.36% 2026-07-02 2026-07-02
CVE-2026-27414 Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions. 8.8 0.29% 2026-07-02 2026-07-02
CVE-2026-27412 Unauthenticated Local File Inclusion in Pearl - Corporate Business <= 3.4.10 versions. 8.1 0.28% 2026-07-02 2026-07-02
CVE-2026-27408 Unauthenticated Cross Site Scripting (XSS) in NativeChurch <= 4.8.8.2 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2026-27404 Unauthenticated Cross Site Scripting (XSS) in LMS <= 9.7 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2026-27402 Unauthenticated Cross Site Scripting (XSS) in Kids Life | Children School WordPress <= 5.2 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2026-27060 Contributor PHP Object Injection in ARMember Premium <= 7.0 versions. 8.8 0.29% 2026-07-02 2026-07-02
CVE-2025-69156 Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme <= 5.4 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2025-69155 Unauthenticated Cross Site Scripting (XSS) in Fitness Zone WordPress Theme <= 5.7 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2025-69154 Unauthenticated Cross Site Scripting (XSS) in SpaLab | Beauty Salon WordPress Theme <= 6.7 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2025-69153 Unauthenticated Cross Site Scripting (XSS) in Trendy Travel <= 6.7 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2025-69152 Unauthenticated Cross Site Scripting (XSS) in Artale | Wedding Photography WordPress <= 2.2.2 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2025-69134 Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions. 7.5 0.30% 2026-07-02 2026-07-02
CVE-2025-69133 Subscriber Local File Inclusion in Tourmaster <= 5.4.5 versions. 7.5 0.40% 2026-07-02 2026-07-02
CVE-2025-69132 Subscriber Sensitive Data Exposure in Corpkit <= 1.0.5 versions. 6.5 0.36% 2026-07-02 2026-07-02
CVE-2025-69094 Subscriber SQL Injection in Unicamp <= 2.2.2 versions. 8.5 0.28% 2026-07-02 2026-07-02
CVE-2025-66076 Unauthenticated Broken Access Control in Woostify Sites Library <= 1.6.2 versions. 5.3 0.21% 2026-07-02 2026-07-02
cvelogic Threat Intelligence