NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2026-21571 | This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H allows an authenticated attacker to execute commands on the remote system, which has high impact to confidentiality, high impact to integrity, high impact to ava | 9.4 | 1.27% | 2026-04-21 | 2026-06-17 |
| CVE-2026-21570 | This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.6, allows an authenticated attacker to execute malicious code on the remote system. Atlassian recommends that Bamboo Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified suppo | 8.6 | 0.51% | 2026-03-17 | 2026-06-17 |
| CVE-2026-21569 | This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE (XML External Entity Injection) vulnerability, with a CVSS Score of 7.9, allows an authenticated attacker to access local and remote content which has high impact to confidentiality, low impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Crowd Data Center and Server customers upgrade to la | 7.9 | 0.30% | 2026-01-27 | 2026-06-17 |
| CVE-2025-22203 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22202 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22201 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22200 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22199 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22198 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22197 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22196 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22195 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22194 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22193 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22192 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22191 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22190 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22189 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22188 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |
| CVE-2025-22187 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | 該当なし | 該当なし | 2025-12-31 | 2025-12-31 |