NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2026-27430 | Unauthenticated Cross Site Scripting (XSS) in TheFox <= 3.9.76 versions. | 7.1 | 0.19% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27426 | Unauthenticated Cross Site Scripting (XSS) in Automotive Car Dealership Business <= 13.3.3 versions. | 7.1 | 0.19% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27425 | Unauthenticated Cross Site Scripting (XSS) in Automotive Listings <= 18.6 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27419 | Subscriber Arbitrary File Upload in Zegen <= 1.1.9 versions. | 9.9 | 0.36% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27414 | Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions. | 8.8 | 0.29% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27412 | Unauthenticated Local File Inclusion in Pearl - Corporate Business <= 3.4.10 versions. | 8.1 | 0.28% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27408 | Unauthenticated Cross Site Scripting (XSS) in NativeChurch <= 4.8.8.2 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27404 | Unauthenticated Cross Site Scripting (XSS) in LMS <= 9.7 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27402 | Unauthenticated Cross Site Scripting (XSS) in Kids Life | Children School WordPress <= 5.2 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2026-27060 | Contributor PHP Object Injection in ARMember Premium <= 7.0 versions. | 8.8 | 0.29% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69156 | Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme <= 5.4 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69155 | Unauthenticated Cross Site Scripting (XSS) in Fitness Zone WordPress Theme <= 5.7 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69154 | Unauthenticated Cross Site Scripting (XSS) in SpaLab | Beauty Salon WordPress Theme <= 6.7 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69153 | Unauthenticated Cross Site Scripting (XSS) in Trendy Travel <= 6.7 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69152 | Unauthenticated Cross Site Scripting (XSS) in Artale | Wedding Photography WordPress <= 2.2.2 versions. | 7.1 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69134 | Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions. | 7.5 | 0.30% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69133 | Subscriber Local File Inclusion in Tourmaster <= 5.4.5 versions. | 7.5 | 0.40% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69132 | Subscriber Sensitive Data Exposure in Corpkit <= 1.0.5 versions. | 6.5 | 0.36% | 2026-07-02 | 2026-07-02 |
| CVE-2025-69094 | Subscriber SQL Injection in Unicamp <= 2.2.2 versions. | 8.5 | 0.28% | 2026-07-02 | 2026-07-02 |
| CVE-2025-66076 | Unauthenticated Broken Access Control in Woostify Sites Library <= 1.6.2 versions. | 5.3 | 0.21% | 2026-07-02 | 2026-07-02 |