NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2008-4270 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5416. Reason: This candidate is a duplicate of CVE-2008-5416. Notes: All CVE users should reference CVE-2008-5416 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | 該当なし | 0.17% | 2008-12-30 | 2023-11-06 |
| CVE-2026-42991 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | 7.8 | 0.17% | 2026-06-09 | 2026-06-17 |
| CVE-2025-59261 | Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | 7.0 | 0.17% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59193 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | 7.0 | 0.17% | 2025-10-14 | 2026-06-17 |
| CVE-2026-26167 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | 8.8 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-33100 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-33099 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-47648 | Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-06-17 |
| CVE-2026-45603 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-07-08 |
| CVE-2026-45601 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-07-08 |
| CVE-2026-45598 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-07-08 |
| CVE-2026-45596 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-06-17 |
| CVE-2026-32219 | Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-26168 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.8 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-27926 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2025-49756 | Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally. | 3.3 | 0.18% | 2025-07-08 | 2026-06-17 |
| CVE-2026-42836 | Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-06-17 |
| CVE-2025-59205 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2025-10-14 | 2026-06-17 |
| CVE-2025-58727 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2025-10-14 | 2026-06-17 |
| CVE-2025-49737 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2025-07-08 | 2026-06-17 |