CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 121140 / 16965
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-57331 Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions. 9.9 0.34% 2026-06-29 2026-06-29
CVE-2026-57330 Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions. 6.5 0.17% 2026-06-29 2026-06-29
CVE-2026-57329 Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions. 6.5 0.21% 2026-06-29 2026-07-01
CVE-2026-57328 Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. 6.5 0.21% 2026-06-29 2026-06-29
CVE-2026-57327 Subscriber Broken Access Control in MainWP <= 6.1.1 versions. 6.3 0.25% 2026-06-29 2026-06-29
CVE-2026-57326 Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. 6.1 0.18% 2026-06-29 2026-06-29
CVE-2026-57320 Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions. 7.1 0.18% 2026-06-29 2026-06-29
CVE-2026-57346 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3. 7.1 0.27% 2026-06-29 2026-06-29
CVE-2026-57676 Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User Avatar: from n/a through 4.9. 4.3 0.18% 2026-06-29 2026-07-08
CVE-2026-57667 Sales Representative SQL Injection in Groundhogg <= 4.5 versions. 8.5 0.21% 2026-06-26 2026-06-29
CVE-2026-57665 Unauthenticated Insecure Direct Object References (IDOR) in GravityView <= 3.0.0 versions. 5.3 0.19% 2026-06-26 2026-06-26
CVE-2026-57664 Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder <= 1.1.6 versions. 4.3 0.18% 2026-06-26 2026-06-26
CVE-2026-57663 Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes <= 8.2.7 versions. 8.5 0.21% 2026-06-26 2026-06-26
CVE-2026-57662 Contributor SQL Injection in Contest Gallery <= 30.0.0 versions. 8.5 0.21% 2026-06-26 2026-06-26
CVE-2026-57661 Subscriber Broken Access Control in WPComplete <= 2.9.5.5 versions. 5.4 0.22% 2026-06-26 2026-06-26
CVE-2026-57660 Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions. 5.3 0.18% 2026-06-26 2026-06-29
CVE-2026-57659 Unauthenticated Cross Site Request Forgery (CSRF) in Paid Memberships Pro - Add Member From Admin <= 0.7.2 versions. 8.8 0.13% 2026-06-26 2026-06-26
CVE-2026-57658 Administrator Arbitrary File Upload in TemplateSpare <= 4.2.0 versions. 9.1 0.28% 2026-06-26 2026-06-26
CVE-2026-57657 Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions. 4.3 0.10% 2026-06-26 2026-06-26
CVE-2026-57656 Author Cross Site Scripting (XSS) in Hester Core <= 1.1.8 versions. 5.9 0.14% 2026-06-26 2026-06-26
cvelogic Threat Intelligence