CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 13297
«« 先頭 « 前へ 1 / 665 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-54130 Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network. 9.8 0.58% 2026-06-18 2026-06-25
CVE-2026-50656 Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available. 7.8 3.39% 2026-06-16 2026-06-17
CVE-2026-50519 Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network. 6.5 0.53% 2026-06-19 2026-06-29
CVE-2026-50512 Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. 7.8 0.26% 2026-06-09 2026-06-17
CVE-2026-50511 Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. 7.8 0.28% 2026-06-09 2026-06-17
CVE-2026-50508 Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. 6.5 0.66% 2026-06-09 2026-06-17
CVE-2026-50507 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. 6.8 5.01% 2026-06-09 2026-06-17
CVE-2026-49161 Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally. 7.8 0.19% 2026-06-09 2026-06-17
CVE-2026-49160 Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network. 7.5 48.44% 2026-06-09 2026-06-17
CVE-2026-48584 Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network. 9.9 0.50% 2026-06-19 2026-06-29
CVE-2026-48583 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. 7.8 0.27% 2026-06-09 2026-06-17
CVE-2026-48582 Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. 9.6 0.40% 2026-06-19 2026-06-24
CVE-2026-48579 Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network. 9.1 1.01% 2026-06-04 2026-06-17
CVE-2026-48578 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. 7.9 0.27% 2026-06-09 2026-06-17
CVE-2026-48576 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. 7.9 1.03% 2026-06-09 2026-06-17
CVE-2026-48575 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. 7.9 0.30% 2026-06-09 2026-06-17
CVE-2026-48574 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. 7.8 0.36% 2026-06-09 2026-06-17
CVE-2026-48573 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. 7.9 1.03% 2026-06-09 2026-06-17
CVE-2026-48570 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. 7.9 0.30% 2026-06-09 2026-06-17
CVE-2026-48569 Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. 7.1 0.35% 2026-06-09 2026-06-17
«« 先頭 « 前へ 1 / 665 次へ »
cvelogic Threat Intelligence