聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2026-47639 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | 5.4 | 0.51% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47638 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | 4.6 | 0.51% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47637 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | 4.6 | 0.51% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47636 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | 5.4 | 0.51% | 2026-06-09 | 2026-06-19 |
| CVE-2026-47635 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | 8.4 | 0.26% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47634 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | 7.3 | 0.56% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47631 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | 8.1 | 0.35% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47298 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | 8.0 | 0.67% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47293 | Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. | 7.0 | 0.20% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47292 | Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally. | 7.8 | 0.37% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47291 | Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. | 9.8 | 21.51% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47289 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | 8.8 | 1.00% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47288 | Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network. | 7.1 | 0.50% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47287 | Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network. | 6.5 | 0.62% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47284 | Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network. | 6.5 | 0.76% | 2026-06-09 | 2026-06-17 |
| CVE-2026-47281 | Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. | 9.6 | 0.59% | 2026-06-09 | 2026-06-17 |
| CVE-2026-45658 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | 7.8 | 0.29% | 2026-06-09 | 2026-06-17 |
| CVE-2026-45657 | Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network. | 9.8 | 15.48% | 2026-06-09 | 2026-06-17 |
| CVE-2026-45656 | Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally. | 7.8 | 0.31% | 2026-06-09 | 2026-06-17 |
| CVE-2026-45655 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | 5.3 | 0.41% | 2026-06-09 | 2026-06-17 |