https://kkm-mako.com/blog/articles/cacti-cve/Canariija2026-06-24T22:51:53+00:00ネットワーク監視ツールCactiに認証なしでデータベースを抜かれる脆弱性、CVE-2026-39893、v1.2.31へ更新をhttps://kkm-mako.com/en/blog/articles/rocketchat-cve/Canariien2026-06-24T21:51:34+00:00Three Unauthenticated Takeover Flaws in Team Chat Rocket.Chat (CVE-2026-45688 and More) — Update Nowhttps://kkm-mako.com/blog/articles/rocketchat-cve/Canariija2026-06-24T21:51:17+00:00社内チャット基盤Rocket.Chatに認証なしで乗っ取りの脆弱性3件、CVE-2026-45688ほか最新版へ更新をhttps://kkm-mako.com/en/blog/articles/gogs-cve/Canariien2026-06-24T21:50:21+00:00Six Flaws in Self-Hosted Git Service Gogs, Unauthenticated Takeover (CVE-2026-52813 and More) — Update to v0.14.3https://kkm-mako.com/blog/articles/gogs-cve/Canariija2026-06-24T21:50:04+00:00セルフホスト型Git『Gogs』に脆弱性6件、認証なしで乗っ取り可能、CVE-2026-52813ほかv0.14.3へ更新をhttps://kkm-mako.com/en/blog/articles/mastodon-cve/Canariien2026-06-24T20:46:39+00:00SSRF Flaw in Mastodon Lets the Server Be Abused to Reach Cloud Secrets (CVE-2026-47389) — Update Nowhttps://kkm-mako.com/blog/articles/mastodon-cve/Canariija2026-06-24T20:46:22+00:00分散型SNS Mastodonにサーバーを踏み台にされる脆弱性、クラウドの鍵が盗まれる恐れ、CVE-2026-47389、修正版へ更新をhttps://kkm-mako.com/en/blog/articles/jellyfin-cve/Canariien2026-06-24T19:54:21+00:00Two File-Write Flaws in Self-Hosted Media Server Jellyfin (CVE-2026-48793 and More) — Update to v10.11.10https://kkm-mako.com/blog/articles/jellyfin-cve/Canariija2026-06-24T19:54:04+00:00自宅メディアサーバーJellyfinに脆弱性2件、ファイル書き換えの恐れ、CVE-2026-48793ほかv10.11.10へ更新をhttps://kkm-mako.com/en/blog/articles/ghost-cve/Canariien2026-06-24T19:53:10+00:00Cache-Poisoning Takeover Flaw in Publishing Platform Ghost (CVE-2026-53943) — Update to v6.37.0https://kkm-mako.com/blog/articles/ghost-cve/Canariija2026-06-24T19:52:51+00:00ブログ作成ツールGhostにキャッシュ汚染で乗っ取りの脆弱性、CVE-2026-53943、v6.37.0へ更新をhttps://kkm-mako.com/en/blog/articles/rclone-cve/Canariien2026-06-24T19:51:54+00:00Unauthenticated Remote Takeover Flaw in Cloud Sync Tool Rclone (CVE-2026-49980) — Update to v1.74.3https://kkm-mako.com/blog/articles/rclone-cve/Canariija2026-06-24T19:51:38+00:00クラウド保存ツールRcloneに認証なしで遠隔操作される脆弱性、CVE-2026-49980、v1.74.3へ更新をhttps://kkm-mako.com/en/blog/articles/warp-cve/Canariien2026-06-24T18:47:41+00:00Four Flaws in AI Agent Terminal Warp (CVE-2026-48704 and More) — Update to the Latest Buildhttps://kkm-mako.com/blog/articles/warp-cve/Canariija2026-06-24T18:47:24+00:00AIエージェント搭載ターミナルWarpに脆弱性4件、開いただけでコマンド実行の恐れ、CVE-2026-48704ほか最新版へ更新をhttps://kkm-mako.com/en/blog/articles/feast-cve/Canariien2026-06-24T16:48:15+00:00Unauthenticated Server Takeover Flaw in ML Feature Store Feast (CVE-2026-56121) — Update to v0.63.0https://kkm-mako.com/blog/articles/feast-cve/Canariija2026-06-24T16:47:57+00:00AIの学習データ基盤Feastに認証なしでサーバー乗っ取りの脆弱性、CVE-2026-56121、v0.63.0へ更新をhttps://kkm-mako.com/en/blog/articles/capgo-cve/Canariien2026-06-24T14:51:10+00:00Many Flaws in Capacitor Live-Update Service Capgo (CVE-2026-56237 and More) — Update to v12.128.2 Nowhttps://kkm-mako.com/blog/articles/capgo-cve/Canariija2026-06-24T14:50:54+00:00スマホアプリ即時更新サービスCapgoに脆弱性多数、アカウント乗っ取りの恐れ、CVE-2026-56237、v12.128.2へ更新をhttps://kkm-mako.com/en/blog/articles/ultimate-member-cve/Canariien2026-06-24T09:13:54+00:00Admin Takeover Flaw in WordPress 'Ultimate Member' (CVE-2026-7761) — Update to v2.12.0 Nowhttps://kkm-mako.com/blog/articles/ultimate-member-cve/Canariija2026-06-24T09:13:36+00:00WordPress『Ultimate Member』に管理者乗っ取りの脆弱性、CVE-2026-7761、最新版2.12.0へ更新をhttps://kkm-mako.com/en/blog/articles/geovision-gvio-box-cve/Canariien2026-06-24T06:17:46+00:008 Takeover Flaws in GeoVision GV-I/O Box 4E (CVE-2026-12485 and more) — Update to v2.12 Nowhttps://kkm-mako.com/blog/articles/geovision-gvio-box-cve/Canariija2026-06-24T06:17:28+00:00GeoVision防犯機器に乗っ取りの脆弱性8件、CVE-2026-12485ほか、修正版v2.12へ更新をhttps://kkm-mako.com/en/blog/articles/style-dictionary-cve/Canariien2026-06-24T02:46:27+00:00Style Dictionary flaw CVE-2026-54639: a crafted token can poison your build — update to 5.4.4https://kkm-mako.com/blog/articles/style-dictionary-cve/Canariija2026-06-24T02:46:08+00:00Style Dictionaryにビルド汚染の脆弱性 CVE-2026-54639、5.4.4へ更新をhttps://kkm-mako.com/en/blog/articles/moneyforward-security-incidents/Canariien2026-06-24T01:18:26+00:00Money Forward: ~62,901 records may have leaked — personal data left on GitHubhttps://kkm-mako.com/blog/articles/moneyforward-security-incidents/Canariija2026-06-24T01:18:08+00:00マネーフォワード6.3万人分の情報流出、原因はGitHubに置いた個人情報https://kkm-mako.com/en/blog/articles/sakana-ai-fugu-explained/Canariien2026-06-23T13:27:13+00:00What Is Sakana AI's "Fugu"? The Japanese AI That Bundles Other AIshttps://kkm-mako.com/blog/articles/sakana-ai-fugu-explained/Canariija2026-06-23T13:26:55+00:00Sakana AIの新AI「Fugu」とは、複数のAIを束ねる日本の実力https://kkm-mako.com/en/blog/articles/manageengine-ad360-sso-account-takeover-cve/Canariien2026-06-23T10:15:24+00:00ManageEngine AD360 Account Takeover (CVE-2026-11374): Update Nowhttps://kkm-mako.com/blog/articles/manageengine-ad360-sso-account-takeover-cve/Canariija2026-06-23T10:15:06+00:00企業のID管理ManageEngineに乗っ取りの欠陥 CVE-2026-11374、更新をhttps://kkm-mako.com/en/blog/articles/kddi-isp-mail-breach/Canariien2026-06-23T08:24:33+00:00KDDI: 14.22M Emails & Passwords Possibly Leaked at @nifty, BIGLOBEhttps://kkm-mako.com/blog/articles/kddi-isp-mail-breach/Canariija2026-06-23T08:24:16+00:00KDDIのメール1422万件漏えいか、@niftyやBIGLOBEも パスワード変更をhttps://kkm-mako.com/en/blog/articles/expr-eval-code-injection-cve/Canariien2026-06-23T06:19:57+00:00expr-eval Code Injection via toJSFunction (CVE-2026-12866, CVSS 9.8): Never Pass Untrusted Input, Move to expr-eval-forkhttps://kkm-mako.com/blog/articles/expr-eval-code-injection-cve/Canariija2026-06-23T06:19:39+00:00計算用JS部品expr-evalにコード実行の欠陥 CVE-2026-12866、入力に注意https://kkm-mako.com/en/blog/articles/faststone-image-viewer-cve/Canariien2026-06-23T02:20:16+00:00Unpatched Code-Execution Flaws in FastStone Image Viewer: CVE-2026-30040 / 30041 — No Fix Yethttps://kkm-mako.com/blog/articles/faststone-image-viewer-cve/Canariija2026-06-23T02:19:59+00:00画像ソフトFastStoneに未修正の脆弱性 CVE-2026-30040、開く前に注意https://kkm-mako.com/en/blog/articles/windows-bitlocker-winre-cve/Canariien2026-06-23T02:18:59+00:00Windows BitLocker Bypassed in Minutes via WinRE: CVE-2026-45585 (YellowKey) — Apply the June Updatehttps://kkm-mako.com/blog/articles/windows-bitlocker-winre-cve/Canariija2026-06-23T02:18:42+00:00WindowsのBitLocker暗号化を突破できる欠陥 CVE-2026-45585、更新をhttps://kkm-mako.com/en/blog/articles/vllm-cve/Canariien2026-06-23T00:18:57+00:00Two vLLM Flaws: API-Key Bypass (CVE-2026-48746, CVSS 9.1) & Dependency Confusion (CVE-2026-54232) — Update to 0.22.1https://kkm-mako.com/blog/articles/vllm-cve/Canariija2026-06-23T00:18:37+00:00AI基盤vLLMにAPIキー回避の欠陥 CVE-2026-48746ほか、0.22.1へ更新をhttps://kkm-mako.com/en/blog/articles/crawl4ai-cve-2026-56266/Canariien2026-06-22T23:15:19+00:00Unauthenticated SSRF in Crawl4AI: CVE-2026-56266 (CVSS 8.6/9.2) — Update to 0.8.7https://kkm-mako.com/blog/articles/crawl4ai-cve-2026-56266/Canariija2026-06-22T23:14:59+00:00AIクローラーCrawl4AIに認証不要の重大欠陥 CVE-2026-56266、0.8.7へ