🔒 Security Intelligence Dashboard

Updated: 2026-04-29 (UTC)
NVD CVEs (today)
3
CISA KEV (added)
0
GH Advisories
20
JVN Items
0
News Articles
20
NVD CVEs — 本日公開 (3 件)
CVE-2026-40560
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An
CVE-2026-23773 4.3 MEDIUM
Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.
CVE-2026-42615 7.2 HIGH
GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /#recipe=Show_Base64_offsets('%3Cscript substring.
CISA Known Exploited Vulnerabilities — 本日追加 (0 件 / 累計 1585 件)

本日の新規追加なし

GitHub Security Advisories — 本日公開 (20 件)
GHSA-6pf6-fgmc-7xx9 LOW
A flaw has been found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the...
GHSA-6g3g-qm92-9fpx LOW
A vulnerability was determined in mrvautin expressCart up to...
GHSA-7phm-g9f2-g5ff MEDIUM
A vulnerability was found in Campcodes Online Learning Management System 1.0. Affected is an...
GHSA-wvf3-f2vp-h5cp MEDIUM
A vulnerability was detected in RemoteClinic up to 2.0. This affects an unknown part of the file ...
GHSA-cpx4-3j8q-c966 MEDIUM
A security vulnerability has been detected in SourceCodester Eye Clinic Management System 1.0....
GHSA-88gc-cq6j-h56m MEDIUM
A weakness has been identified in Campcodes Hospital Management System 1.0. Affected by this...
GHSA-3hhc-2692-pw9v LOW
A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function...
GHSA-6jw9-8fhm-rwm9 MEDIUM
Delta Electronics DIAView has an authentication bypass vulnerability.
GHSA-w6rf-hxpg-6cm8 LOW
A vulnerability has been found in Koillection up to 1.6.18. Affected is an unknown function of...
GHSA-66f6-pmgc-xcpm LOW
A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element...
JVN / JPCERT·CC — 最新情報

本日の新着なし

Security News
Krebs on Security
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
Patch Tuesday, April 2026 Edition
Russia Hacked Routers to Steal Microsoft Office Tokens
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
Schneier on Security
What Anthropic’s Mythos Means for the Future of Cybersecurity
Medieval Encrypted Letter Decoded
Friday Squid Blogging: How Squid Survived Extinction Events
Hiding Bluetooth Trackers in Mail
FBI Extracts Deleted Signal Messages from iPhone Notification Database
SANS ISC
ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)
HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)
TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)
ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)
The Hacker News
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE