🔒 Security Intelligence Dashboard

Updated: 2026-07-14 (UTC)
NVD CVEs (today)
25
CISA KEV (added)
0
GH Advisories
20
JVN Items
0
News Articles
20
NVD CVEs — 本日公開 (25 件)
CVE-2026-15618 6.3 MEDIUM
A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. The affected element is the function guardExecCommand of the file tools/tool_exec.go of the component exec Safety Guard. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The ex
CVE-2026-15619 6.3 MEDIUM
A weakness has been identified in mosaxiv clawlet up to 0.2.10. The impacted element is the function web_fetch of the file tools/tool_web_fetch.go of the component IPv4 Handler. This manipulation of the argument url causes server-side request forgery. The attack can be initiated remotely. The exploi
CVE-2026-0487 8.4 HIGH
SAProuter on Microsoft Windows allows an unauthenticated attacker to load library (DLL) files from an untrusted location, allowing them to execute malicious code on the system. This could enable the attacker to hijack the DLL loading process and achieve arbitrary code execution. This has high impact
CVE-2026-15620 6.3 MEDIUM
A security vulnerability has been detected in mosaxiv clawlet up to 0.2.10. This affects the function tools.webFetch of the file tools/tool_web_fetch.go. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed publicly and may be us
CVE-2026-15621 5.3 MEDIUM
A vulnerability was detected in mosaxiv clawlet up to 0.2.10. This impacts the function read_file/write_file/edit_file of the file tools/fs_ops.go of the component File Tools. Performing a manipulation results in link following. The attack needs to be approached locally. The reported GitHub issue wa
CVE-2026-27690 9.1 CRITICAL
Due to an HTTP Request Smuggling vulnerability in SAP Approuter, an unauthenticated attacker could send a specially crafted HTTP request that leads to request-response desynchronization. This could result in the exposure of user responses and cause the system to become unavailable. This leads to a h
CVE-2026-44745 8.1 HIGH
SAP Approuter does not properly validate incoming request headers during the OAuth2 login flow under certain configurations. This allows an unauthenticated remote attacker to craft a malicious link which, when clicked by a victim, could lead to unauthorized access. Successful exploitation results in
CVE-2026-44747 9.9 CRITICAL
SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and availabilit
CVE-2026-44752 8.2 HIGH
SAP NetWeaver Application Server Java allows an unauthenticated attacker to inject malicious JavaScript through crafted URLs. When a victim accesses such a URL, the script executes in the user's browser, allowing the attacker to access sensitive session information and modify non-sensitive data disp
CVE-2026-44753 3.7 LOW
SAP HANA Database (user self service tools) allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts, re
CISA Known Exploited Vulnerabilities — 本日追加 (0 件 / 累計 1638 件)

本日の新規追加なし

GitHub Security Advisories — 本日公開 (20 件)
GHSA-jj94-w7r6-q859 LOW
A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this...
GHSA-qwq3-fp3r-94hc MEDIUM
A flaw has been found in poco-ai poco-claw up to 0.5.4. Affected is the function...
GHSA-jf6p-qvqv-f6g9 MEDIUM
SAP S/4HANA Draft operation does not perform necessary authorization checks for an authenticated...
GHSA-q988-g5jr-8jjr MEDIUM
The News Kit Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
GHSA-rg6f-xv76-vf59 MEDIUM
The FoodBook Lite - Online Food Ordering System plugin for WordPress is vulnerable to Missing...
GHSA-hfjv-fqqx-2hxw HIGH
SAP Change and Transport System Attach Tool (ctsattach) allows an authenticated attacker to...
GHSA-3qh8-qhwr-v2j5 LOW
A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the...
GHSA-5hp5-q35j-vjpg MEDIUM
setThemeRoot() failed to enforce the sap-allowed-theme-origins allowlist. An attacker-controlled...
GHSA-prrr-x57g-5wrp MEDIUM
The WP Customer Area plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
GHSA-4573-8946-684p MEDIUM
SAP Create Single Payment does not perform necessary authorization checks for an authenticated...
JVN / JPCERT·CC — 最新情報

本日の新着なし

Security News