CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 10112013297 筆結果
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-45503 Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network. 8.1 0.45% 2026-06-09 2026-06-17
CVE-2026-45502 Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network. 5.0 0.46% 2026-06-09 2026-06-17
CVE-2026-45501 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. 6.5 0.30% 2026-06-09 2026-06-17
CVE-2026-45500 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. 6.1 0.38% 2026-06-09 2026-06-17
CVE-2026-45491 Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally. 6.2 0.39% 2026-06-09 2026-06-17
CVE-2026-45490 Improper authorization in .NET allows an authorized attacker to elevate privileges locally. 7.8 0.38% 2026-06-09 2026-06-29
CVE-2026-45487 Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally. 7.8 0.18% 2026-06-09 2026-06-17
CVE-2026-45486 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. 7.8 0.37% 2026-06-09 2026-06-19
CVE-2026-45485 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. 3.3 0.44% 2026-06-09 2026-06-19
CVE-2026-45484 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. 8.8 1.98% 2026-06-09 2026-06-17
CVE-2026-45483 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network. 4.6 0.51% 2026-06-09 2026-06-17
CVE-2026-45482 Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network. 8.4 0.34% 2026-06-09 2026-06-23
CVE-2026-45481 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. 7.3 0.69% 2026-06-09 2026-06-17
CVE-2026-45479 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. 4.6 0.51% 2026-06-09 2026-06-17
CVE-2026-45476 Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally. 8.2 0.28% 2026-06-09 2026-06-23
CVE-2026-45475 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. 7.8 0.46% 2026-06-09 2026-06-19
CVE-2026-45474 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. 8.4 0.36% 2026-06-09 2026-06-19
CVE-2026-45472 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. 8.4 0.29% 2026-06-09 2026-06-19
CVE-2026-45471 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. 7.8 0.46% 2026-06-09 2026-06-19
CVE-2026-45469 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. 7.8 0.37% 2026-06-09 2026-06-19
cvelogic Threat Intelligence