🔒 Security Intelligence Dashboard

Updated: 2026-07-16 (UTC)
NVD CVEs (today)
6
CISA KEV (added)
0
GH Advisories
17
JVN Items
0
News Articles
20
NVD CVEs — 本日公開 (6 件)
CVE-2026-15907 7.3 HIGH
A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function of the file /webui/?g=log_fw_nbc_mail_jsondata. Executing a manipulation of the argument subject can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be
CVE-2026-15909 6.3 MEDIUM
A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of the file proses/add.php. The manipulation of the argument kd_cs leads to authorization bypass. The attack is possible to be carried out remotely. This product
CVE-2026-1609 8.1 HIGH
A flaw was found in Keycloak. When the JSON Web Token (JWT) authorization grant preview feature is enabled and a user account is disabled, Keycloak fails to validate the user’s disabled status during JWT authorization grant processing. A remote attacker with low privileges can exploit this improper
CVE-2026-23538 7.5 HIGH
A vulnerability was identified in the Feast Feature Server's `/ws/chat` endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU,
CVE-2026-3842 7.8 HIGH
A flaw was found in QEMU. This vulnerability allows a local attacker within a guest virtual machine to write data beyond its allocated memory. This occurs when cpu_physical_memory_map() returns a shorter length than expected, leading to an out-of-bounds write. Successful exploitation could result in
CVE-2026-48863 7.5 HIGH
A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processing t
CISA Known Exploited Vulnerabilities — 本日追加 (0 件 / 累計 1644 件)

本日の新規追加なし

GitHub Security Advisories — 本日公開 (17 件)
GHSA-gmv6-fcfc-3372 HIGH
A vulnerability was identified in the Feast Feature Server's `/ws/chat` endpoint that allows...
GHSA-5xcf-8m2w-ph6f HIGH
A flaw was found in Keycloak. When the JSON Web Token (JWT) authorization grant preview feature...
GHSA-p3x5-f8vr-q28x HIGH
A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP...
GHSA-6mwr-p34x-55cv HIGH
A flaw was found in QEMU. This vulnerability allows a local attacker within a guest virtual...
GHSA-f4xv-85hg-mw5r MEDIUM
A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to...
GHSA-5v3j-c5fm-2mm6 MEDIUM
A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function...
GHSA-45hp-h3fx-8mr2 HIGH
PlaywrightCapture stored capture-specific configuration and runtime data as mutable class-level...
GHSA-h7fr-r783-5g99 UNKNOWN
Dulwich through 1.1.0 was found to be missing SSH host key verification in contrib...
GHSA-jcqv-rj94-jmx3 UNKNOWN
A heap overflow in the evalcommand() function (shell/ash.c) of Busybox v1.38.0 allows attackers...
GHSA-2gm5-wc63-c2pc UNKNOWN
An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the...
JVN / JPCERT·CC — 最新情報

本日の新着なし

Security News