NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2025-48018 | An authenticated user can modify application state data. | 7.5 | 0.13% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48017 | Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files | 9.0 | 0.39% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48016 | OpenFlow discovery protocol can exhaust resources because it is not rate limited | 4.3 | 0.18% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48015 | Failed login response could be different depending on whether the username was local or central. | 3.7 | 0.20% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48014 | Password guessing limits could be bypassed when using LDAP authentication. | 7.5 | 0.36% | 2025-05-20 | 2026-06-17 |
| CVE-2025-46750 | SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set. | 4.4 | 0.15% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46749 | An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution. | 4.3 | 0.22% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46748 | An authenticated user attempting to change their password could do so without using the current password. | 2.7 | 0.20% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46747 | An authenticated user without user-management permissions could identify other user accounts. | 5.7 | 0.26% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46746 | An administrator could discover another account's credentials. | 5.8 | 0.19% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46745 | An authenticated user without user-management permissions could view other users account information. | 6.5 | 0.26% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46744 | An authenticated administrator could modify the Created By username for a user account | 2.7 | 0.20% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46743 | An authenticated user's token could be used by another source after the user had logged out prior to the token expiring. | 6.3 | 0.06% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46742 | Users who were required to change their password could still access system information before changing their password | 4.3 | 0.17% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46741 | A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred. | 5.7 | 0.06% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46740 | An authenticated user without user administrative permissions could change the administrator Account Name. | 7.5 | 0.27% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46739 | An unauthenticated user could discover account credentials via a brute-force attack without rate limiting | 8.1 | 0.33% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46738 | An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. | 6.6 | 0.15% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46737 | SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. | 7.4 | 0.08% | 2025-05-12 | 2026-06-17 |
| CVE-2024-2103 | Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 | 6.5 | 0.46% | 2024-04-04 | 2026-06-17 |