<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9"><url><loc>https://kkm-mako.com/en/blog/articles/ray-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T18:11:52+00:00</news:publication_date><news:title>Ray AI Framework Flaw CVE-2026-57516: Loading a Malicious Dataset Triggers Server Takeover — Update to 2.56.0</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/ray-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T18:11:41+00:00</news:publication_date><news:title>AI分散処理基盤「Ray」に不正なデータセットの読み込みで乗っ取りの脆弱性 CVE-2026-57516、2.56.0へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/control-web-panel-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T17:11:51+00:00</news:publication_date><news:title>Unauthenticated Takeover Flaw in Control Web Panel (CVE-2026-57517): 150,000+ Instances Exposed — Update to 0.9.8.1225</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/control-web-panel-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T17:11:39+00:00</news:publication_date><news:title>サーバー管理パネル「Control Web Panel」に認証なしで乗っ取りの脆弱性 CVE-2026-57517、世界15万台超が標的、0.9.8.1225へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/fastify-middie-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T13:11:59+00:00</news:publication_date><news:title>Fastify middie flaw CVE-2026-14198 lets a crafted URL bypass auth; update to 9.3.3</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/fastify-middie-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T13:11:47+00:00</news:publication_date><news:title>Fastify向けプラグイン「middie」に認証をすり抜けられる脆弱性 CVE-2026-14198、細工したURLで保護機能を回避、9.3.3へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/latepoint-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T12:16:23+00:00</news:publication_date><news:title>LatePoint flaw CVE-2026-13228 lets staff hijack the site; update to 5.6.4</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/latepoint-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T12:16:11+00:00</news:publication_date><news:title>予約受付プラグイン「LatePoint」にサイト乗っ取りの脆弱性 CVE-2026-13228、スタッフ権限から管理者を奪える恐れ、10万サイトは5.6.4へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/bmc-control-m-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T09:17:10+00:00</news:publication_date><news:title>Critical Flaw in BMC Control-M (CVE-2026-10539): Server Takeover With No Password — Update to 9.0.21.300</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/bmc-control-m-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T09:16:58+00:00</news:publication_date><news:title>企業の基幹バッチを動かす「BMC Control-M」にパスワード不要でサーバーを乗っ取られる脆弱性 CVE-2026-10539、9.0.21.300へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/aflac-data-breach/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T08:57:49+00:00</news:publication_date><news:title>Aflac Japan Leaks Data on 4.38 Million Customers: What Policyholders Should Do, and the 'Instant Withdrawal' Myth</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/aflac-data-breach/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T08:57:38+00:00</news:publication_date><news:title>アフラック438万人の情報漏えい、契約者は何をすべきか 口座情報23万人分も、「すぐ引き出される」の誤解と本当のリスク</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/jr-mars-system-outage/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T08:34:49+00:00</news:publication_date><news:title>JR Ticket Machines and Ekinet Go Down Nationwide at Once: Why One Fault Stops All of JR — Inside the MARS System</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/jr-mars-system-outage/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T08:34:37+00:00</news:publication_date><news:title>JRの券売機・えきねっとで切符が買えない一斉障害、なぜ全国が同時に止まるのか 予約システム「マルス」の正体</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/ultravnc-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-07-01T06:15:20+00:00</news:publication_date><news:title>UltraVNC: 3 Critical Flaws (CVE-2026-7840) — Repeater Takeover With No Password, Update to 1.8.2.4</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/ultravnc-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-07-01T06:15:08+00:00</news:publication_date><news:title>遠隔操作ソフト「UltraVNC」に重大な脆弱性3件、中継サーバーがパスワードなしで乗っ取られる恐れ CVE-2026-7840ほか、最新1.8.2.4へ更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/ibm-db2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T21:15:38+00:00</news:publication_date><news:title>Pre-Auth RCE in IBM Db2 (CVE-2026-10109): Patch the Core Database Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/ibm-db2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T21:15:27+00:00</news:publication_date><news:title>IBM Db2に認証前の乗っ取り脆弱性 CVE-2026-10109、基幹DBは即更新を</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/conductor-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T20:11:48+00:00</news:publication_date><news:title>Unauthenticated RCE in Netflix/Orkes Conductor (CVE-2026-58138): Patch to 3.30.2 Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/conductor-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T20:11:36+00:00</news:publication_date><news:title>業務自動化のConductorに認証なしで乗っ取られる脆弱性 CVE-2026-58138</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/adobe-coldfusion-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T17:17:30+00:00</news:publication_date><news:title>Adobe ColdFusion: Many Takeover Flaws (CVE-2026-48276 et al.), Five Unauthenticated 10.0s — Patch Now</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/adobe-coldfusion-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T17:17:17+00:00</news:publication_date><news:title>ColdFusionに無認証で乗っ取りの脆弱性 CVE-2026-48276、最悪10点が5件</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/llama-factory-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T14:16:14+00:00</news:publication_date><news:title>LLaMA-Factory RCE Flaw (CVE-2026-58116): An Exposed Web UI Lets Anyone Hijack the Server</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/llama-factory-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T14:16:01+00:00</news:publication_date><news:title>LLaMA-Factoryに脆弱性 CVE-2026-58116、AI学習画面の公開で乗っ取りの恐れ</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/rpg-maker-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-30T05:15:41+00:00</news:publication_date><news:title>RPG Maker MV/MZ Flaw (CVE-2026-56137): Shared Save Can Hijack Your PC</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/rpg-maker-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-30T05:15:24+00:00</news:publication_date><news:title>RPGツクール製ゲームに脆弱性 CVE-2026-56137、配布セーブデータでパソコンを乗っ取られる恐れ</news:title></news:news></url><url><loc>https://kkm-mako.com/en/blog/articles/aws-waf-http2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>en</news:language></news:publication><news:publication_date>2026-06-29T21:10:57+00:00</news:publication_date><news:title>AWS WAF Body-Inspection Bypass (CVE-2026-13762/13763, CVSS 9.8): Attacks Can Slip Past on CloudFront and the Load Balancer</news:title></news:news></url><url><loc>https://kkm-mako.com/blog/articles/aws-waf-http2-cve/</loc><news:news><news:publication><news:name>Canarii</news:name><news:language>ja</news:language></news:publication><news:publication_date>2026-06-29T21:10:39+00:00</news:publication_date><news:title>AWSの防御「WAF」をすり抜ける脆弱性 CVE-2026-13762/13763、CloudFrontとロードバランサで攻撃が素通りの恐れ</news:title></news:news></url></urlset>