按 Enter 到主內容區
:::

TWCERT/CC台灣電腦網路危機處理暨協調中心|企業資安通報協處|資安情資分享|漏洞通報|資安聯盟|資安電子報

:::

2/2至2/8 Known Exploited Vulnerabilities Catalog(KEV)週報

發布日期:
字型大小:
  • 發布單位:TWCERT/CC
  • 更新日期:2026-02-11
  • 點閱次數:75
  • 內容說明

CISA於2/2至2/8在Known Exploited Vulnerabilities Catalog(KEV)中發布6個已遭駭客利用之漏洞。

  • 影響平台

GitLab|Community and Enterprise Editions

React Native Community|CLI

Sangoma|FreePBX

SmarterTools|SmarterMail

SolarWinds|Web Help Desk

  • 處置建議

修補說明請參考以下官方連結:

GitLab|Community and Enterprise Editions

https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/

React Native Community|CLI

https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547

https://github.com/react-native-community/cli/pull/2735

Sangoma|FreePBX

https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvw

https://wiki.freepbx.org/display/FOP/2019-11-20%2BRemote%2BAdmin%2BAuthentication%2BBypass

SmarterTools|SmarterMail

https://www.smartertools.com/smartermail/release-notes/current

https://www.cve.org/CVERecord?id=CVE-2026-24423

SolarWinds|Web Help Desk

https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40551

  • CVE編號

CVE-2019-19006

CVE-2021-39935

CVE-2025-11953

CVE-2025-40551

CVE-2025-64328

CVE-2026-24423

相關連結

  1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
  2. https://nvd.nist.gov/vuln/detail/CVE-2019-19006
  3. https://nvd.nist.gov/vuln/detail/CVE-2021-39935
  4. https://nvd.nist.gov/vuln/detail/CVE-2025-11953
  5. https://nvd.nist.gov/vuln/detail/CVE-2025-40551
  6. https://nvd.nist.gov/vuln/detail/CVE-2025-64328
  7. https://nvd.nist.gov/vuln/detail/CVE-2026-24423
回頁首