<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9"><url><loc>https://kkm-mako.com/en/blog/articles/bmc-control-m-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T09:17:10+00:00</news:publication_date><news:title>Critical Flaw in BMC Control-M (CVE-2026-10539): Server Takeover With No Password — Update to 9.0.21.300</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/bmc-control-m-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T09:16:58+00:00</news:publication_date><news:title>企業の基幹バッチを動かす「BMC Control-M」にパスワード不要でサーバーを乗っ取られる脆弱性 CVE-2026-10539、9.0.21.300へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/aflac-data-breach/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T08:57:49+00:00</news:publication_date><news:title>Aflac Japan Leaks Data on 4.38 Million Customers: What Policyholders Should Do, and the 'Instant Withdrawal' Myth</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/aflac-data-breach/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T08:57:38+00:00</news:publication_date><news:title>アフラック438万人の情報漏えい、契約者は何をすべきか 口座情報23万人分も、「すぐ引き出される」の誤解と本当のリスク</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/jr-mars-system-outage/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T08:34:49+00:00</news:publication_date><news:title>JR Ticket Machines and Ekinet Go Down Nationwide at Once: Why One Fault Stops All of JR — Inside the MARS System</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/jr-mars-system-outage/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T08:34:37+00:00</news:publication_date><news:title>JRの券売機・えきねっとで切符が買えない一斉障害、なぜ全国が同時に止まるのか 予約システム「マルス」の正体</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/ultravnc-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T06:15:20+00:00</news:publication_date><news:title>UltraVNC: 3 Critical Flaws (CVE-2026-7840) — Repeater Takeover With No Password, Update to 1.8.2.4</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/ultravnc-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T06:15:08+00:00</news:publication_date><news:title>遠隔操作ソフト「UltraVNC」に重大な脆弱性3件、中継サーバーがパスワードなしで乗っ取られる恐れ CVE-2026-7840ほか、最新1.8.2.4へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/ibm-db2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T21:15:38+00:00</news:publication_date><news:title>Pre-Auth RCE in IBM Db2 (CVE-2026-10109): Patch the Core Database Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/ibm-db2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T21:15:27+00:00</news:publication_date><news:title>IBM Db2に認証前の乗っ取り脆弱性 CVE-2026-10109、基幹DBは即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/conductor-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T20:11:48+00:00</news:publication_date><news:title>Unauthenticated RCE in Netflix/Orkes Conductor (CVE-2026-58138): Patch to 3.30.2 Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/conductor-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T20:11:36+00:00</news:publication_date><news:title>業務自動化のConductorに認証なしで乗っ取られる脆弱性 CVE-2026-58138</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/adobe-coldfusion-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T17:17:30+00:00</news:publication_date><news:title>Adobe ColdFusion: Many Takeover Flaws (CVE-2026-48276 et al.), Five Unauthenticated 10.0s — Patch Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/adobe-coldfusion-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T17:17:17+00:00</news:publication_date><news:title>ColdFusionに無認証で乗っ取りの脆弱性 CVE-2026-48276、最悪10点が5件</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/llama-factory-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T14:16:14+00:00</news:publication_date><news:title>LLaMA-Factory RCE Flaw (CVE-2026-58116): An Exposed Web UI Lets Anyone Hijack the Server</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/llama-factory-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T14:16:01+00:00</news:publication_date><news:title>LLaMA-Factoryに脆弱性 CVE-2026-58116、AI学習画面の公開で乗っ取りの恐れ</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/rpg-maker-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T05:15:41+00:00</news:publication_date><news:title>RPG Maker MV/MZ Flaw (CVE-2026-56137): Shared Save Can Hijack Your PC</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/rpg-maker-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T05:15:24+00:00</news:publication_date><news:title>RPGツクール製ゲームに脆弱性 CVE-2026-56137、配布セーブデータでパソコンを乗っ取られる恐れ</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/aws-waf-http2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-29T21:10:57+00:00</news:publication_date><news:title>AWS WAF Body-Inspection Bypass (CVE-2026-13762/13763, CVSS 9.8): Attacks Can Slip Past on CloudFront and the Load Balancer</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/aws-waf-http2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-29T21:10:39+00:00</news:publication_date><news:title>AWSの防御「WAF」をすり抜ける脆弱性 CVE-2026-13762/13763、CloudFrontとロードバランサで攻撃が素通りの恐れ</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/simplehelp-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-29T19:12:54+00:00</news:publication_date><news:title>Critical Auth-Bypass in SimpleHelp (CVE-2026-48558, CVSS 10): Attackers Can Take Over Every Managed PC — Now in CISA KEV, Update to 5.5.16</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/simplehelp-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-29T19:12:37+00:00</news:publication_date><news:title>遠隔操作ソフト「SimpleHelp」に認証回避の重大な脆弱性 CVE-2026-48558、管理下のPCを乗っ取られる恐れ、悪用確認で即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/snowflake-cli-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-29T17:11:38+00:00</news:publication_date><news:title>Code Injection in Snowflake CLI (CVE-2026-13749, CVSS 8.8): Building a Malicious Project Can Take Over Your Machine — Update to 3.19.0</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/snowflake-cli-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-29T17:11:21+00:00</news:publication_date><news:title>データ基盤Snowflakeのコマンドツールに乗っ取りの脆弱性 CVE-2026-13749、不正プロジェクトのビルドで危険、v3.19.0へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/vscode-java-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-29T15:12:15+00:00</news:publication_date><news:title>Command Injection in vscode-java (CVE-2026-12856, CVSS 8.8): A Malicious Java File Can Take Over Your Machine — Update to 1.55.0</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/vscode-java-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-29T15:11:58+00:00</news:publication_date><news:title>VS CodeのJava拡張機能に乗っ取りの脆弱性 CVE-2026-12856、不正なコードを開いて操作すると危険、v1.55.0へ更新を</news:title></news:news></url></urlset>