NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2026-28718 | Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 7.5 | 0.34% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28717 | Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | 5.0 | 0.11% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28716 | Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 4.4 | 0.09% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28715 | Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 6.5 | 0.28% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28714 | Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 4.8 | 0.17% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28713 | Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186. | 7.1 | 0.17% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28712 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | 6.3 | 0.09% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28711 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | 6.3 | 0.09% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28710 | Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 9.8 | 0.41% | 2026-03-05 | 2026-06-17 |
| CVE-2026-28709 | Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 4.3 | 0.15% | 2026-03-05 | 2026-06-17 |
| CVE-2025-30413 | Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | 4.4 | 0.15% | 2026-03-05 | 2026-06-17 |
| CVE-2025-11792 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 41124. | 7.3 | 0.11% | 2026-03-05 | 2026-06-17 |
| CVE-2025-11791 | Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124. | 7.1 | 0.09% | 2026-03-05 | 2026-06-17 |
| CVE-2025-11790 | Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124. | 4.4 | 0.11% | 2026-03-05 | 2026-06-17 |
| CVE-2025-30416 | Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | 10.0 | 0.44% | 2026-02-19 | 2026-06-17 |
| CVE-2025-30412 | Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | 10.0 | 0.55% | 2026-02-19 | 2026-06-17 |
| CVE-2025-30411 | Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | 10.0 | 0.62% | 2026-02-19 | 2026-06-17 |
| CVE-2025-30410 | Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800. | 9.8 | 0.55% | 2026-02-19 | 2026-06-17 |
| CVE-2026-0705 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.4.25342.354. | 6.7 | 0.10% | 2026-01-27 | 2026-06-17 |
| CVE-2025-7779 | Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197, Acronis True Image OEM (macOS) before build 42571. | 8.8 | 0.11% | 2025-09-30 | 2026-06-17 |