CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 2140 / 13920
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2008-4270 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5416. Reason: This candidate is a duplicate of CVE-2008-5416. Notes: All CVE users should reference CVE-2008-5416 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage 該当なし 0.17% 2008-12-30 2023-11-06
CVE-2026-42991 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. 7.8 0.17% 2026-06-09 2026-06-17
CVE-2025-59261 Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. 7.0 0.17% 2025-10-14 2026-06-17
CVE-2025-59193 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. 7.0 0.17% 2025-10-14 2026-06-17
CVE-2026-26167 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. 8.8 0.18% 2026-04-14 2026-06-17
CVE-2026-33100 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-04-14 2026-06-17
CVE-2026-33099 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-04-14 2026-06-17
CVE-2026-47648 Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-06-09 2026-06-17
CVE-2026-45603 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-06-09 2026-07-08
CVE-2026-45601 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-06-09 2026-07-08
CVE-2026-45598 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-06-09 2026-07-08
CVE-2026-45596 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-06-09 2026-06-17
CVE-2026-32219 Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-04-14 2026-06-17
CVE-2026-26168 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.8 0.18% 2026-04-14 2026-06-17
CVE-2026-27926 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-04-14 2026-06-17
CVE-2025-49756 Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally. 3.3 0.18% 2025-07-08 2026-06-17
CVE-2026-42836 Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2026-06-09 2026-06-17
CVE-2025-59205 Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2025-10-14 2026-06-17
CVE-2025-58727 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2025-10-14 2026-06-17
CVE-2025-49737 Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally. 7.0 0.18% 2025-07-08 2026-06-17
cvelogic Threat Intelligence