<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9"><url><loc>https://kkm-mako.com/en/blog/articles/hermes-webui-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T22:39:48+00:00</news:publication_date><news:title>Popular AI Agent UI 'Hermes WebUI' Server-Takeover Flaw CVE-2026-58123 — No Password Needed, Plus API-Key Theft; Update Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/hermes-webui-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T22:39:31+00:00</news:publication_date><news:title>人気AIエージェントUI『Hermes WebUI』にサーバー乗っ取りの脆弱性 CVE-2026-58123、パスワードなしで制圧・API鍵窃取の2件、最新版へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/userswp-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T19:38:30+00:00</news:publication_date><news:title>WordPress Member Plugin 'UsersWP' Site-Takeover Flaw CVE-2026-13492 — 20,000 Sites Should Update to v1.2.66 Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/userswp-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T19:38:13+00:00</news:publication_date><news:title>WordPress会員プラグイン『UsersWP』にサイト乗っ取りの脆弱性 CVE-2026-13492、2万サイトはv1.2.66へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/metabase-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T18:42:16+00:00</news:publication_date><news:title>Analytics Tool 'Metabase' Server-Takeover Flaw CVE-2026-59827 Lets Ordinary Users Seize the Server — Update Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/metabase-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T18:41:58+00:00</news:publication_date><news:title>データ分析ツール『Metabase』にサーバー乗っ取りの脆弱性 CVE-2026-59827、一般アカウントから社内サーバー制圧・最新版へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/adalo-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T15:41:50+00:00</news:publication_date><news:title>No-Code App Builder 'Adalo' Flaw CVE-2026-10706 Exposes User Data Across 1M+ Apps — No Patch Yet, Avoid Storing Sensitive Data</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/adalo-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T15:41:34+00:00</news:publication_date><news:title>ノーコードアプリ作成『Adalo』で利用者情報が他人に抜かれる脆弱性 CVE-2026-10706、100万アプリ対象・修正版なく保存に注意</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/server-side-gtm-guide/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T13:14:04+00:00</news:publication_date><news:title>サーバーサイドGTMの導入価値と方法を、現役フリーランスエンジニアが解説</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/cve-digest-2026-07-09/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T07:01:34+00:00</news:publication_date><news:title>【2026年7月9日】セキュリティ脆弱性まとめ ― CoreWCF・Bitwarden・Snowflakeなど7件、一般利用者への影響は</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/cline-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T00:16:26+00:00</news:publication_date><news:title>Popular AI Coding Tool Cline Hijackable by Any Website (CVE-2026-59723): Command Execution and API Key Theft — Update to 3.0.30</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/cline-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T00:16:10+00:00</news:publication_date><news:title>500万人が使うAIコーディングツール『Cline』に乗っ取りの脆弱性、悪意あるサイトを開くだけでPC操作やAPIキー窃取の恐れ CVE-2026-59723、3.0.30へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/repomix-ssrf-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-08T17:18:59+00:00</news:publication_date><news:title>Critical SSRF in Repomix (CVE-2026-59702): The Popular AI Code-Packing Tool's Server Could Leak Cloud Keys — Update to 1.14.1</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/repomix-ssrf-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-08T17:18:43+00:00</news:publication_date><news:title>AIにコードを渡す人気ツール『Repomix』に深刻な脆弱性、公開サーバーが踏み台にされ内部情報流出の恐れ CVE-2026-59702、1.14.1へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/fortinet-fortisandbox-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-08T05:41:38+00:00</news:publication_date><news:title>Fortinet FortiSandbox Has Four No-Login Takeover Flaws (CVE-2026-39808 and More): Some Exploited — Update Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/fortinet-fortisandbox-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-08T05:41:21+00:00</news:publication_date><news:title>マルウェアを見張る防御装置Fortinet FortiSandboxに無認証で乗っ取りの脆弱性4件 CVE-2026-39808ほか、一部は悪用確認で即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/citrix-netscaler-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-08T05:34:20+00:00</news:publication_date><news:title>Citrix NetScaler Leaks Data Before Login (CVE-2026-8451): 'CitrixBleed' Is Back and Under Active Attack</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/citrix-netscaler-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-08T05:34:03+00:00</news:publication_date><news:title>社外から社内につなぐ装置Citrix NetScalerにログイン前でも情報を抜かれる脆弱性 CVE-2026-8451、『CitrixBleed』再来で悪用中</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/oracle-ebs-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-08T05:25:40+00:00</news:publication_date><news:title>Oracle E-Business Suite Can Be Hijacked Without a Password (CVE-2026-46817): Actively Exploited, Patch Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/oracle-ebs-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-08T05:25:24+00:00</news:publication_date><news:title>企業の基幹業務ソフト『Oracle EBS』にパスワード不要でサーバー乗っ取りの脆弱性 CVE-2026-46817、悪用が始まり即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/cve-digest-2026-07-07/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-08T05:15:35+00:00</news:publication_date><news:title>July 7, 2026 Security Vulnerability Roundup: Dell, Red Hat, Kubernetes Infra and More — Does It Affect You?</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/cve-digest-2026-07-07/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-08T05:15:16+00:00</news:publication_date><news:title>【2026年7月7日】セキュリティ脆弱性まとめ ― Dell・Red Hat・Kubernetes基盤など6件、一般利用者への影響は</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/cve-digest-2026-07-08/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-08T05:14:22+00:00</news:publication_date><news:title>July 8, 2026 Security Vulnerability Roundup: Plesk, ArcGIS, Self-Hosted AI Tools and More — Does It Affect You?</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/cve-digest-2026-07-08/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-08T05:14:06+00:00</news:publication_date><news:title>【2026年7月8日】セキュリティ脆弱性まとめ ― CVSS9.0以上の「重大」19件、一般利用者への影響は</news:title></news:news></url></urlset>