🔒 Security Intelligence Dashboard

Updated: 2026-07-15 (UTC)
NVD CVEs (today)
9
CISA KEV (added)
0
GH Advisories
20
JVN Items
0
News Articles
20
NVD CVEs — 本日公開 (9 件)
CVE-2026-13230
An information disclosure vulnerability was identified in TP-Link Kasa EC70 v4 and EC71 v4 in the local discovery mechanism, which exposes sensitive geolocation information without requiring authentication. This issue allows an attacker on the same local network to retrieve geolocation-related data
CVE-2026-9770
Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices.  An attacker with access to the firmware image can extract the embedded key.  Successful exploitation may allow an unauthenticated attacker on the s
CVE-2026-11851
Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection") in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the '  Sec
CVE-2026-13385
An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middle(MITM) user to make the router download and execute arbitrary command via a spoofed server. Refer to the '  Security Update for ASUS Router Firmware  ' s
CVE-2026-13585
Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe cases,
CVE-2026-15029
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections.
CVE-2026-15030
Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security Update
CVE-2026-8919
Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in informa
CVE-2026-8920
Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On speci
CISA Known Exploited Vulnerabilities — 本日追加 (0 件 / 累計 1642 件)

本日の新規追加なし

GitHub Security Advisories — 本日公開 (20 件)
GHSA-f3gg-32xv-8j76 CRITICAL
An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain...
GHSA-hc66-xcg9-cfg4 HIGH
Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote...
GHSA-f2xq-6hc9-3p2f MEDIUM
Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection") in the web...
GHSA-285c-cc6q-hwff HIGH
Improper Restriction of Communication Channel to Intended Endpoints and External Control of File...
GHSA-rccw-h6pm-46g4 MEDIUM
An information disclosure vulnerability was identified in TP-Link Kasa EC70 v4 and EC71 v4 in the...
GHSA-jf28-f99p-265w HIGH
Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not...
GHSA-q3g3-7q7p-5jwv HIGH
Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read...
GHSA-ccmx-85ff-f67h MEDIUM
Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS...
GHSA-cvqr-f3j3-pp87 HIGH
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface,...
GHSA-3rf8-mgfc-9vfp LOW
A vulnerability was determined in zhinianboke xianyu-auto-reply on Server. Affected by this...
JVN / JPCERT·CC — 最新情報

本日の新着なし

Security News