<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9"><url><loc>https://kkm-mako.com/en/blog/articles/intellij-idea-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-10T15:37:13+00:00</news:publication_date><news:title>IntelliJ IDEA RCE flaw CVE-2026-59792: opening a crafted project runs code</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/intellij-idea-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-10T15:37:00+00:00</news:publication_date><news:title>人気の開発ソフト『IntelliJ IDEA』に乗っ取りの脆弱性 CVE-2026-59792、不正なプロジェクトを開くと危険、最新版へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/cve-digest-2026-07-10/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-10T10:39:11+00:00</news:publication_date><news:title>【2026年7月10日】セキュリティ脆弱性まとめ ― WordPress拡張で乗っ取り相次ぐ、一般利用者への影響は</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/superforms-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-10T04:36:11+00:00</news:publication_date><news:title>WordPress Form Plugin 'Super Forms' Site-Takeover Flaw CVE-2026-14894 — Exploitable With No Login, Update Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/superforms-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-10T04:35:54+00:00</news:publication_date><news:title>WordPressフォーム作成プラグイン『Super Forms』にサイト乗っ取りの脆弱性 CVE-2026-14894、ログイン不要で悪用可・最新版へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/hermes-webui-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T22:39:48+00:00</news:publication_date><news:title>Popular AI Agent UI 'Hermes WebUI' Server-Takeover Flaw CVE-2026-58123 — No Password Needed, Plus API-Key Theft; Update Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/hermes-webui-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T22:39:31+00:00</news:publication_date><news:title>人気AIエージェントUI『Hermes WebUI』にサーバー乗っ取りの脆弱性 CVE-2026-58123、パスワードなしで制圧・API鍵窃取の2件、最新版へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/userswp-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T19:38:30+00:00</news:publication_date><news:title>WordPress Member Plugin 'UsersWP' Site-Takeover Flaw CVE-2026-13492 — 20,000 Sites Should Update to v1.2.66 Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/userswp-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T19:38:13+00:00</news:publication_date><news:title>WordPress会員プラグイン『UsersWP』にサイト乗っ取りの脆弱性 CVE-2026-13492、2万サイトはv1.2.66へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/metabase-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T18:42:16+00:00</news:publication_date><news:title>Analytics Tool 'Metabase' Server-Takeover Flaw CVE-2026-59827 Lets Ordinary Users Seize the Server — Update Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/metabase-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T18:41:58+00:00</news:publication_date><news:title>データ分析ツール『Metabase』にサーバー乗っ取りの脆弱性 CVE-2026-59827、一般アカウントから社内サーバー制圧・最新版へ即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/adalo-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T15:41:50+00:00</news:publication_date><news:title>No-Code App Builder 'Adalo' Flaw CVE-2026-10706 Exposes User Data Across 1M+ Apps — No Patch Yet, Avoid Storing Sensitive Data</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/adalo-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T15:41:34+00:00</news:publication_date><news:title>ノーコードアプリ作成『Adalo』で利用者情報が他人に抜かれる脆弱性 CVE-2026-10706、100万アプリ対象・修正版なく保存に注意</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/server-side-gtm-guide/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T13:14:04+00:00</news:publication_date><news:title>サーバーサイドGTMの導入価値と方法を、現役フリーランスエンジニアが解説</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/cve-digest-2026-07-09/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T07:01:34+00:00</news:publication_date><news:title>【2026年7月9日】セキュリティ脆弱性まとめ ― CoreWCF・Bitwarden・Snowflakeなど7件、一般利用者への影響は</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/cline-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-09T00:16:26+00:00</news:publication_date><news:title>Popular AI Coding Tool Cline Hijackable by Any Website (CVE-2026-59723): Command Execution and API Key Theft — Update to 3.0.30</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/cline-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-09T00:16:10+00:00</news:publication_date><news:title>500万人が使うAIコーディングツール『Cline』に乗っ取りの脆弱性、悪意あるサイトを開くだけでPC操作やAPIキー窃取の恐れ CVE-2026-59723、3.0.30へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/repomix-ssrf-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-08T17:18:59+00:00</news:publication_date><news:title>Critical SSRF in Repomix (CVE-2026-59702): The Popular AI Code-Packing Tool's Server Could Leak Cloud Keys — Update to 1.14.1</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/repomix-ssrf-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-08T17:18:43+00:00</news:publication_date><news:title>AIにコードを渡す人気ツール『Repomix』に深刻な脆弱性、公開サーバーが踏み台にされ内部情報流出の恐れ CVE-2026-59702、1.14.1へ更新を</news:title></news:news></url></urlset>