Trusted Design

最近のKEV情報

KEVとは

KEV(Known Exploited Vulnerabilities)とは、CISA(Cybersecurity and Infrastructure Security Agency)が公開している、既に悪用が確認されている脆弱性のリストです。組織はこのリストを参考にして、重要なセキュリティ対策を優先的に実施することが推奨されています。

本サイトは最新のKEV情報を提供し、過去のKEVファイルとの比較やCVEの詳細情報も確認できるようにすることを目標に作成しています。

30日以内にKEVに登録されたCVE

  • CVE-2026-34197:
    Apache ActiveMQ Improper Input Validation Vulnerability
  • CVE-2009-0238:
    Microsoft Office Remote Code Execution
  • CVE-2026-32201:
    Microsoft SharePoint Server Improper Input Validation Vulnerability
  • CVE-2012-1854:
    Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
  • CVE-2025-60710:
    Microsoft Windows Link Following Vulnerability
  • CVE-2023-21529:
    Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
  • CVE-2023-36424:
    Microsoft Windows Out-of-Bounds Read Vulnerability
  • CVE-2020-9715:
    Adobe Acrobat Use-After-Free Vulnerability
  • CVE-2026-21643:
    Fortinet SQL Injection Vulnerability
  • CVE-2026-34621:
    Adobe Acrobat and Reader Prototype Pollution Vulnerability
  • CVE-2026-1340:
    Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
  • CVE-2026-35616:
    Fortinet FortiClient EMS Improper Access Control Vulnerability
  • CVE-2026-3502:
    TrueConf Client Download of Code Without Integrity Check Vulnerability
  • CVE-2026-5281:
    Google Dawn Use-After-Free Vulnerability
  • CVE-2026-3055:
    Citrix NetScaler Out-of-Bounds Read Vulnerability
  • CVE-2025-53521:
    F5 BIG-IP Unspecified Vulnerability
  • CVE-2026-33634:
    Aquasecurity Trivy Embedded Malicious Code Vulnerability
  • CVE-2026-33017:
    Langflow Code Injection Vulnerability
  • CVE-2025-32432:
    Craft CMS Code Injection Vulnerability
  • CVE-2025-54068:
    Laravel Livewire Code Injection Vulnerability
  • CVE-2025-43510:
    Apple Multiple Products Improper Locking Vulnerability
  • CVE-2025-43520:
    Apple Multiple Products Classic Buffer Overflow Vulnerability
  • CVE-2025-31277:
    Apple Multiple Products Buffer Overflow Vulnerability
  • CVE-2026-20131:
    Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
  • CVE-2025-66376:
    Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability
  • CVE-2026-20963:
    Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

リンク

KEV一覧へ
KEV履歴へ