NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2026-58647 | Improper neutralization of input during web page generation ('cross-site scripting') in Power BI allows an authorized attacker to perform spoofing over a network. | 8.0 | 0.54% | 2026-07-14 | 2026-07-16 |
| CVE-2026-49177 | Out-of-bounds read in Windows TCP/IP allows an authorized attacker to disclose information locally. | 5.5 | 0.31% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58545 | Improper access control in Windows Kernel allows an authorized attacker to bypass a security feature locally. | 5.5 | 0.25% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58626 | Use after free in Windows Remote Desktop Services allows an authorized attacker to execute code over a network. | 8.8 | 0.85% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58627 | Uncontrolled resource consumption in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | 7.5 | 0.89% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58629 | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | 7.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58632 | Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. | 7.8 | 0.30% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58637 | Use after free in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. | 7.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58638 | Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally. | 6.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-62826 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | 4.6 | 該当なし | 2026-07-16 | 2026-07-16 |
| CVE-2026-59117 | Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code over a network. | 7.5 | 該当なし | 2026-07-16 | 2026-07-16 |
| CVE-2026-58643 | Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network. | 6.1 | 該当なし | 2026-07-16 | 2026-07-16 |
| CVE-2026-58598 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Backup Engine allows an authorized attacker to elevate privileges locally. | 7.0 | 該当なし | 2026-07-16 | 2026-07-16 |
| CVE-2026-50653 | Loop with unreachable exit condition ('infinite loop') in Azure Active Directory allows an unauthorized attacker to deny service over a network. | 7.5 | 0.80% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50652 | Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to deny service over a network. | 7.5 | 1.17% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50647 | Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | 7.5 | 1.10% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50411 | Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | 7.5 | 0.80% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50368 | Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | 7.5 | 0.80% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50355 | Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | 7.5 | 1.10% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50324 | Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | 5.9 | 0.80% | 2026-07-14 | 2026-07-16 |