CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 3404
«« 先頭 « 前へ 1 / 171 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-47646 Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network. 9.3 0.27% 2026-07-08 2026-07-09
CVE-2026-58525 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. 8.2 0.37% 2026-07-08 2026-07-09
CVE-2026-58295 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. 8.3 0.38% 2026-07-03 2026-07-07
CVE-2026-58293 External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.1 0.44% 2026-07-03 2026-07-07
CVE-2026-58289 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 9.0 0.44% 2026-07-03 2026-07-07
CVE-2026-58288 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.3 0.45% 2026-07-03 2026-07-07
CVE-2026-58287 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.3 0.45% 2026-07-03 2026-07-07
CVE-2026-58286 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. 8.1 0.31% 2026-07-03 2026-07-07
CVE-2026-58285 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.3 0.45% 2026-07-03 2026-07-07
CVE-2026-58284 Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.3 0.41% 2026-07-03 2026-07-07
CVE-2026-58283 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. 8.1 0.33% 2026-07-03 2026-07-06
CVE-2026-58282 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. 8.1 0.31% 2026-07-03 2026-07-06
CVE-2026-57983 Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. 8.7 0.46% 2026-07-03 2026-07-07
CVE-2026-57981 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.8 0.57% 2026-07-03 2026-07-07
CVE-2026-57974 Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.8 0.57% 2026-07-03 2026-07-07
CVE-2026-56645 Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 8.8 0.57% 2026-07-03 2026-07-07
CVE-2026-57100 Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network. 9.9 0.64% 2026-07-02 2026-07-08
CVE-2026-54998 Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. 8.8 0.64% 2026-07-02 2026-07-07
CVE-2026-45499 Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network. 9.9 0.62% 2026-07-02 2026-07-07
CVE-2026-41106 Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network. 9.3 0.54% 2026-07-02 2026-07-07
«« 先頭 « 前へ 1 / 171 次へ »
cvelogic Threat Intelligence