https://kkm-mako.com/en/blog/articles/ibm-db2-cve/Canariien2026-06-30T21:15:38+00:00Pre-Auth RCE in IBM Db2 (CVE-2026-10109): Patch the Core Database Nowhttps://kkm-mako.com/blog/articles/ibm-db2-cve/Canariija2026-06-30T21:15:27+00:00IBM Db2に認証前の乗っ取り脆弱性 CVE-2026-10109、基幹DBは即更新をhttps://kkm-mako.com/en/blog/articles/conductor-cve/Canariien2026-06-30T20:11:48+00:00Unauthenticated RCE in Netflix/Orkes Conductor (CVE-2026-58138): Patch to 3.30.2 Nowhttps://kkm-mako.com/blog/articles/conductor-cve/Canariija2026-06-30T20:11:36+00:00業務自動化のConductorに認証なしで乗っ取られる脆弱性 CVE-2026-58138https://kkm-mako.com/en/blog/articles/adobe-coldfusion-cve/Canariien2026-06-30T17:17:30+00:00Adobe ColdFusion: Many Takeover Flaws (CVE-2026-48276 et al.), Five Unauthenticated 10.0s — Patch Nowhttps://kkm-mako.com/blog/articles/adobe-coldfusion-cve/Canariija2026-06-30T17:17:17+00:00ColdFusionに無認証で乗っ取りの脆弱性 CVE-2026-48276、最悪10点が5件https://kkm-mako.com/en/blog/articles/llama-factory-cve/Canariien2026-06-30T14:16:14+00:00LLaMA-Factory RCE Flaw (CVE-2026-58116): An Exposed Web UI Lets Anyone Hijack the Serverhttps://kkm-mako.com/blog/articles/llama-factory-cve/Canariija2026-06-30T14:16:01+00:00LLaMA-Factoryに脆弱性 CVE-2026-58116、AI学習画面の公開で乗っ取りの恐れhttps://kkm-mako.com/en/blog/articles/rpg-maker-cve/Canariien2026-06-30T05:15:41+00:00RPG Maker MV/MZ Flaw (CVE-2026-56137): Shared Save Can Hijack Your PChttps://kkm-mako.com/blog/articles/rpg-maker-cve/Canariija2026-06-30T05:15:24+00:00RPGツクール製ゲームに脆弱性 CVE-2026-56137、配布セーブデータでパソコンを乗っ取られる恐れhttps://kkm-mako.com/en/blog/articles/aws-waf-http2-cve/Canariien2026-06-29T21:10:57+00:00AWS WAF Body-Inspection Bypass (CVE-2026-13762/13763, CVSS 9.8): Attacks Can Slip Past on CloudFront and the Load Balancerhttps://kkm-mako.com/blog/articles/aws-waf-http2-cve/Canariija2026-06-29T21:10:39+00:00AWSの防御「WAF」をすり抜ける脆弱性 CVE-2026-13762/13763、CloudFrontとロードバランサで攻撃が素通りの恐れhttps://kkm-mako.com/en/blog/articles/simplehelp-cve/Canariien2026-06-29T19:12:54+00:00Critical Auth-Bypass in SimpleHelp (CVE-2026-48558, CVSS 10): Attackers Can Take Over Every Managed PC — Now in CISA KEV, Update to 5.5.16https://kkm-mako.com/blog/articles/simplehelp-cve/Canariija2026-06-29T19:12:37+00:00遠隔操作ソフト「SimpleHelp」に認証回避の重大な脆弱性 CVE-2026-48558、管理下のPCを乗っ取られる恐れ、悪用確認で即更新をhttps://kkm-mako.com/en/blog/articles/snowflake-cli-cve/Canariien2026-06-29T17:11:38+00:00Code Injection in Snowflake CLI (CVE-2026-13749, CVSS 8.8): Building a Malicious Project Can Take Over Your Machine — Update to 3.19.0https://kkm-mako.com/blog/articles/snowflake-cli-cve/Canariija2026-06-29T17:11:21+00:00データ基盤Snowflakeのコマンドツールに乗っ取りの脆弱性 CVE-2026-13749、不正プロジェクトのビルドで危険、v3.19.0へ更新をhttps://kkm-mako.com/en/blog/articles/vscode-java-cve/Canariien2026-06-29T15:12:15+00:00Command Injection in vscode-java (CVE-2026-12856, CVSS 8.8): A Malicious Java File Can Take Over Your Machine — Update to 1.55.0https://kkm-mako.com/blog/articles/vscode-java-cve/Canariija2026-06-29T15:11:58+00:00VS CodeのJava拡張機能に乗っ取りの脆弱性 CVE-2026-12856、不正なコードを開いて操作すると危険、v1.55.0へ更新をhttps://kkm-mako.com/en/blog/articles/libzypp-cve/Canariien2026-06-29T11:14:22+00:00Path Traversal in libzypp, the openSUSE/SUSE Updater (CVE-2026-25707, CVSS up to 8.8) — Update Nowhttps://kkm-mako.com/blog/articles/libzypp-cve/Canariija2026-06-29T11:14:05+00:00SUSE Linuxの更新基盤「libzypp」に任意ファイル書き換えの脆弱性 CVE-2026-25707、修正版へ更新をhttps://kkm-mako.com/en/blog/articles/postgresql-18-upgrade-benchmark/Canariien2026-06-29T07:33:15+00:00Is PostgreSQL 18 Faster? A 20M-Row Benchmark vs 17https://kkm-mako.com/blog/articles/postgresql-18-upgrade-benchmark/Canariija2026-06-29T07:32:43+00:00PostgreSQL 18は速いのか、17から2000万件で実測【2026年版】https://kkm-mako.com/en/blog/articles/fluentd-cve/Canariien2026-06-29T03:15:13+00:00Fluentd Hit by Unauthenticated RCE (CVE-2026-44024, CVSS 9.8) Plus 5 More — Update to v1.19.3 Nowhttps://kkm-mako.com/blog/articles/fluentd-cve/Canariija2026-06-29T03:14:58+00:00ログ収集ソフト「Fluentd」に認証不要で乗っ取り可能な脆弱性 CVE-2026-44024、v1.19.3へ即更新を