CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 2126 / 26
«« 先頭 « 前へ 2 / 2 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-27388 Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens. 8.3 0.36% 2025-08-14 2026-06-17
CVE-2025-27389 A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning. 5.1 0.11% 2025-12-04 2026-06-17
CVE-2026-22077 OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure. 5.6 0.08% 2026-04-27 2026-06-17
CVE-2026-22070 ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. 7.1 0.21% 2026-04-30 2026-06-17
CVE-2026-22069 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 該当なし 0.11% 2026-05-19 2026-06-29
CVE-2026-22078 Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel. 7.3 0.09% 2026-06-29 2026-06-29
«« 先頭 « 前へ 2 / 2 次へ »
cvelogic Threat Intelligence