Secure Gatev1.0.0新着セキュリティニュース バックナンバー

新着セキュリティニュース バックナンバー

直近表示から外れた情報を確認できます。診断結果とは別情報として扱います。

総件数212402件
表示件数50件/ページ
ページ87

CVE-2025-68063

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey <= 4.4.3 versions.

CVE-2025-68052

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.

CVE-2025-66123

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions.

CVE-2025-64637

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Unauthenticated Content Injection in Auros Core <= 5.3.1 versions.

CVE-2025-64636

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions.

CVE-2025-63079

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions.

CVE-2025-63078

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions.

CVE-2025-63041

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions.

CVE-2026-57940

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

HTMLy 3.1.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the RSS feed import functionality. The function get_feed() in system/admin/admin.php passes user-supplied $feed_url directly to file_get_contents() without any validation. An authenticated attacker with administrative privileges can exploit this by entering a crafted URL (e.g., http://dnslog.example.com, file:///etc/passwd, or http://169.254.169.254 in cloud contexts) via Tools -> Import RSS. The server will then make a request to the attacker-controlled target.

CVE-2026-57926

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack

CVE-2026-57925

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags

CVE-2026-57924

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details

CVE-2026-57923

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings

CVE-2026-57922

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible

CVE-2026-57921

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint

CVE-2026-53914

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata

CVE-2026-13426

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

The Mattermost Go module github.com/mattermost/mattermost/server/public versions < v0.1.22 fail to validate path parameters when constructing API route paths which allows an attacker to redirect API calls to unintended endpoints via crafted IDs containing path traversal components. Mattermost Advisory ID: MMSA-2025-00532

CVE-2026-57920

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} endpoints.

CVE-2026-57915

Threat Intelligence NVD CVE 危険度: high 緊急度: high

It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to version 2.1.2, which fixes this issue.

CVE-2026-40711

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

CVE-2025-64152

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.6, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.6 and 2.0.7, which fixes the issue.

CVE-2025-55017

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 2.0.0 before 2.0.6, from 1.0.0 before 1.3.6. Users are recommended to upgrade to version 1.3.6 and 2.0.6, which fixes the issue.

CVE-2026-57914

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

By sending a deeply nested ASN1 structure to a Apache Kerby client or service, it's possible to trigger a StackOverFlow Exception which can lead to denial of service issues. Users are recommended to upgrade to version 2.1.2, which fixes this issue.

CVE-2026-57620

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8.

CVE-2026-57918

Threat Intelligence NVD CVE 危険度: high 緊急度: high

libnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a crafted NFS server, when the expected pdu size exceeds the absolute pdu size from the xid/record-marker.

CVE-2026-57913

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts.

CVE-2026-57912

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers.

CVE-2026-57473

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

A vulnerability exists in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) due to the possibility of brute-force cracking the credentials. This issue could allow attackers on the same local network to intercept traffic between the Hub and associated cameras and compromise the credentials of connected cameras.

CVE-2026-13325

Threat Intelligence NVD CVE 危険度: high 緊急度: high

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces (0.0.0.0/::) on a random port with no authentication, peer allow-list, or handshake token. This listener proxies directly into the target virt-launcher's virtqemud control socket. An attacker with a running pod on the cluster network can connect to this listener and issue unfiltered libvirt RPC commands against another tenant's virtual machine, including reading VM memory and configuration, modifying VM state via QMP, or destroying the VM. The bind address is unconditionally 0.0.0.0 — configuring a dedicated migration network via migrations.network only changes the advertised migration IP, not the listener bind address, so the port remains reachable on the pod network even when a dedicated migration network is configured. The API documentation describes disableTLS as removing "the additional layer of live migration encryption" without disclosing that it also removes all mutual authentication.

CVE-2025-7958

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details.

CVE-2026-6658

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

A vulnerability in jupyter/nbconvert versions <= 7.17.0 allows for Cross-site Scripting (XSS) via unsanitized `text/vnd.mermaid` output in HTML exports. The `data_mermaid` block in `share/templates/lab/base.html.j2` renders `text/vnd.mermaid` cell output directly into HTML without escaping, enabling attackers to inject arbitrary HTML/JavaScript by breaking out of the `<pre>` tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export.

CVE-2026-1869

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to unauthorized modification of data due to missing validation checks in the confirm_payment() function in all versions up to, and including, 5.2.0. This makes it possible for unauthenticated attackers to bypass payment processing and activate paid memberships.

CVE-2026-11702

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess applications are predictable across processes.

CVE-2026-11625

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess applications are predictable across processes.

CVE-2026-57881

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient length validation when processing remote login data. A remote attacker may exploit this vulnerability by sending crafted login data with overly long input, resulting in memory corruption, denial of service, or potentially arbitrary code execution.

CVE-2026-57880

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing RTSP Digest authentication fields. A remote attacker may exploit this vulnerability by sending a crafted RTSP request containing overly long authentication data, resulting in memory corruption, denial of service, or potentially arbitrary code execution.

CVE-2026-57879

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by sending a crafted RTSP request, resulting in memory corruption, denial of service, or potentially arbitrary code execution.

CVE-2026-57878

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this vulnerability by sending a crafted HTTP request with overly long input, resulting in memory corruption, denial of service, or potentially arbitrary code execution.

CVE-2026-57877

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper handling of externally controlled input during log message formatting in the login processing path. A remote attacker may exploit this vulnerability by sending crafted login data, potentially causing information disclosure, memory corruption, or a denial of service.

CVE-2026-57876

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing HTTP request body data. A remote attacker may exploit this vulnerability by sending a crafted request with excessive input, causing memory corruption and resulting in a denial of service.

CVE-2026-57875

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the affected components. A remote attacker may exploit this vulnerability by sending a specially crafted HTTP request, causing the affected process to crash and resulting in a denial of service.

CVE-2026-57874

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing filename values in multipart upload data. A remote attacker may exploit this vulnerability by sending a crafted upload request with overly long input, causing memory corruption and resulting in a denial of service.

CVE-2026-57873

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of multipart upload headers when processing certificate-related upload fields. A remote attacker may exploit this vulnerability by sending a malformed multipart request, causing the affected CGI process to crash and resulting in a denial of service.

CVE-2026-57872

Threat Intelligence NVD CVE 危険度: high 緊急度: high

An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attacker may exploit this vulnerability by sending a crafted request to read arbitrary files accessible to the affected process, resulting in information disclosure.

CVE-2026-49486

Threat Intelligence NVD CVE 危険度: high 緊急度: high

The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control channel was TLS-protected the data channel was transmitted in cleartext. Any deployment using `FTPSHook` or `FTPSFileTransmitOperator` to move files over FTPS exposed file contents and credentials-in-transit to a network attacker able to observe the data connection. Upgrade apache-airflow-providers-ftp to `3.15.1` or later, which issues `PROT P` to encrypt the data channel.

CVE-2026-2053

Threat Intelligence NVD CVE 危険度: high 緊急度: high

The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled input within these headers. This omission allows an attacker to manipulate WS-Addressing headers to specify arbitrary destinations for server-initiated requests. Successful exploitation allows an unauthenticated attacker to control the destination of server-initiated requests originating from the WSO2 API Manager. This direct control can enable unauthorized access to internal network resources or services that would typically be inaccessible from external networks.

CVE-2026-8380

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugin WordPress plugin through 23.6's "Allow guest uploads" setting is enabled by an administrator, the same deletion primitive becomes reachable by unauthenticated users.

CVE-2026-10835

Threat Intelligence NVD CVE 危険度: high 緊急度: high

The SALESmanago & Leadoo WordPress plugin before 3.11.3 does not properly sanitise and escape a parameter passed to one of its AJAX actions before using it in a SQL statement, and fails to enforce authorisation on that action, allowing authenticated users with minimal permissions, such as subscribers, to perform SQL injection attacks.

CVE-2026-10823

Threat Intelligence NVD CVE 危険度: high 緊急度: high

The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supplied query parameter, allowing unauthenticated attackers to retrieve the titles and content of private, draft, and other non-public posts.

CVE-2025-10268

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server.