주요 보안 패치일정
정기 보안 업데이트, 긴급 패치, CISA KEV 조치기한과 지원 종료 일정을 구분해 확인합니다.
Apache Tomcat 제품 보안 업데이트 권고
Apache 재단은 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1]~[3] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
CVE-2026-48558 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
GitLab 제품 보안 업데이트 권고
GitLab社는 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
IBM 제품 보안 업데이트 권고
IBM社는 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1]~[5] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
Spring 제품 보안 업데이트 권고
VMware社는 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
Ubiquiti 제품 보안 업데이트 권고
Ubiquiti社는 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
CVE-2026-45659 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
Linux 제품 보안 업데이트 권고
Linux재단은 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1][2] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
Linux 제품 보안 업데이트 권고
Linux 재단은 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
Linux 제품 보안 업데이트 권고
Linux 재단은 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
2026년 6월 Microsoft 긴급 OOB 보안 업데이트
Microsoft CVRF 공식 문서의 OOB 문맥과 문서 개정일이 함께 확인된 긴급 업데이트입니다. 적용 대상과 KB는 공식 원문에서 확인해야 합니다.
CVE-2026-48282 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-48908 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-55255 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-56290 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
HiveOn 제품 보안 업데이트 권고
에이치투오시스템테크놀로지社의 HiveOn 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 영향받는 버전을 사용 중인 시스템 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
CVE-2026-48939 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-56291 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
2026년 7월 Microsoft 긴급 OOB 보안 업데이트
Microsoft CVRF 공식 문서의 OOB 문맥과 문서 개정일이 함께 확인된 긴급 업데이트입니다. 적용 대상과 KB는 공식 원문에서 확인해야 합니다.
2026년 7월 Microsoft 보안 업데이트
Microsoft가 1,207개 CVE 정보를 포함한 월간 보안 업데이트를 공개했습니다. Critical 관련 항목 76건이 확인됩니다. 실제 악용 관련 표시는 628건입니다.
MS 7월 보안 위협에 따른 정기 보안 업데이트 권고
등급 : 긴급 (Critical) 10 종 , 중요 (Important) 4 종 발표일 : 2026.07.14.(화) 업데이트 내용
CVE-2008-4128 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
SonicWall 제품 보안 업데이트 권고
SonicWall社는 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1] 영향을 받는 버전을 사용 중인 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
CVE-2026-15409 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-15410 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-56164 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-46817 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-25089 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-39808 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-58644 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
2026년 7월 Oracle CPU
Oracle Critical Patch Update 예정 일정입니다. 실제 보안 권고 발표 후 세부 제품과 CVE가 확정됩니다.
CVE-2026-56155 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2023-4346 CISA KEV 조치기한
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
일정 해석 안내
Microsoft 일정은 미국 태평양시간 공식 발표 시각을 한국시간으로 환산해 다음 날 달력에 표시합니다.
CISA KEV 날짜는 패치 발표일이 아니라 CISA가 지정한 조치 완료기한입니다.
예정 일정은 공급사 정책 변경이나 긴급 상황에 따라 변경될 수 있으므로 적용 전 공식 원문을 확인해야 합니다.
Critical·High 취약점은 공식 공급사 수정 버전과 공식 원문이 확인된 항목만 일정에 포함합니다.