CVE-2025-15556 – IoT OT Security News

CISA KEV 警告 26/02/12：SolarWinds WHD／Notepad++／Microsoft Config Man／Apple の脆弱性を登録

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

2026/02/13 SecurityAffairs — 米国の Cybersecurity and Infrastructure Security Agency (CISA) は、SolarWinds Web Help Desk／Notepad++／Microsoft Configuration Manager／Apple デバイスに関する脆弱性を、Known Exploited Vulnerabilities (KEV) カタログに追加した。追加された脆弱性は、以下の通りである。

CVE-2024-43468 (CVSS：9.8)：Microsoft Config Manager の SQLi 欠陥
CVE-2025-15556 (CVSS：7.7)：Notepad++ のアップデート整合性欠如
CVE-2025-40536 (CVSS：8.1)：SolarWinds WHD のセキュリティ制御バイパス
CVE-2026-20700 (CVSS：7.8)：Apple のバッファ・オーバーフロー

API (238)
APT (523)
Asia (398)
AuthN AuthZ (793)
BruteForce (67)
BugBounty (76)
CyberAttack (3,272)
DarkWeb (228)
DataBreach (550)
DataLeak (194)
DDoS (164)
DoubleExtortion (15)
Exploit (1,432)
Literacy (2,357)
LOLbin (57)
MageCartAttack (14)
Malware (1,444)
MCP (16)
MisConfiguration (61)
NHI (8)
Outage (106)
ParadigmShift (181)
Privacy (243)
Protection (649)
RaaS (122)
Ransomware (730)
RAT (778)
Repository (337)
Research (1,210)
Resilience (133)
Scammer (614)
SecTools (230)
SocialEngineering (49)
SupplyChain (419)
TTP (1,001)
Uncategorized (12)
Vulnerability (4,739)
WateringHoleAttack (4)
Zero Trust (382)
_AI/ML (363)
_CDN (4)
_Cloud (367)
_Container (73)
_CryptCcurrency (40)
_Defence (162)
_Education (8)
_Finance (161)
_Government (1,065)
_HealthCare (47)
_Human (51)
_ICS (85)
_IDS/IPS (182)
_Industry (221)
_Infrastructure (129)
_Mobile (162)
_OpenSource (1,394)
_PLC (39)
_Regulation (158)
_Retail (78)
_RTOS (6)
_Space (26)
_Statistics (417)
_Storage (70)
_Telecom (77)
_Transportation (56)