NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2026-50673 | Null pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | 7.8 | 0.19% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50672 | Use after free in Windows NTFS allows an authorized attacker to elevate privileges locally. | 7.0 | 0.16% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50670 | Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally. | 8.8 | 0.24% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50669 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | 7.0 | 0.16% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50668 | Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to elevate privileges with a physical attack. | 6.8 | 0.31% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50667 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows NTFS allows an authorized attacker to elevate privileges locally. | 7.8 | 2.16% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50666 | Use after free in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges over a network. | 8.8 | 0.62% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50665 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | 7.8 | 0.34% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50661 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | 6.1 | 0.38% | 2026-07-14 | 2026-07-14 |
| CVE-2026-50658 | Time-of-check time-of-use (toctou) race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally. | 7.0 | 0.19% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50657 | Exposure of private personal information to an unauthorized actor in Microsoft Defender allows an authorized attacker to disclose information locally. | 4.7 | 0.41% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50655 | Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. | 7.8 | 0.52% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50647 | Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | 7.5 | 1.10% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50518 | Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network. | 9.8 | 7.36% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50510 | Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally. | 7.8 | 0.31% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50509 | Deserialization of untrusted data in Windows Wireless Wide Area Network Service allows an authorized attacker to elevate privileges locally. | 7.8 | 2.31% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50505 | Use after free in Windows Message Queuing allows an authorized attacker to execute code over a network. | 7.5 | 0.48% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50504 | Buffer over-read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. | 6.5 | 0.64% | 2026-07-14 | 2026-07-14 |
| CVE-2026-50503 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally. | 7.0 | 0.19% | 2026-07-14 | 2026-07-15 |
| CVE-2026-50502 | Insufficient granularity of access control in Windows Event Logging Service allows an authorized attacker to execute code over a network. | 8.0 | 0.61% | 2026-07-14 | 2026-07-16 |