🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-28297 | متوسط | 6.1 |
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when…
|
— | مارس 26, 2026 |
| CVE-2026-4887 | متوسط | 6.1 |
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A re…
|
— | مارس 26, 2026 |
| CVE-2025-41026 | متوسط | 6.1 |
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaS…
|
— | مارس 26, 2026 |
| CVE-2025-41027 | متوسط | 6.1 |
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaS…
|
— | مارس 26, 2026 |
| CVE-2025-55266 | متوسط | 5.9 |
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carr…
|
— | مارس 26, 2026 |
| CVE-2026-28298 | متوسط | 5.9 |
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when…
|
— | مارس 26, 2026 |
| CVE-2026-4830 | متوسط | 5.6 |
A vulnerability was identified in kalcaddle kodbox 1.64. This issue affects the function Add of the file app/controller/…
|
— | مارس 26, 2026 |
| CVE-2018-25215 | متوسط | 5.5 |
Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cau…
|
— | مارس 26, 2026 |
| CVE-2019-25649 | متوسط | 5.5 |
River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allow…
|
— | مارس 26, 2026 |
| CVE-2026-4897 | متوسط | 5.5 |
A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to th…
|
— | مارس 26, 2026 |
| CVE-2026-4335 | متوسط | 5.4 |
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment post…
|
— | مارس 26, 2026 |
| CVE-2026-33915 | متوسط | 5.4 |
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio…
|
✅ Patch | مارس 26, 2026 |
| CVE-2026-4900 | متوسط | 5.3 |
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the fil…
|
— | مارس 26, 2026 |
| CVE-2026-4281 | متوسط | 5.3 |
The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up t…
|
— | مارس 26, 2026 |
| CVE-2026-33017 | حرج | 9.8 |
Langflow Langflow — CVE-2026-33017
Langflow contains a code injection vulnerability that could allow building public flo…
|
— | مارس 25, 2026 |
| CVE-2026-20631 | مرتفع | 8.8 |
A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate…
|
— | مارس 25, 2026 |
| CVE-2026-23514 | مرتفع | 8.8 |
Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerabili…
|
— | مارس 25, 2026 |
| CVE-2026-33348 | مرتفع | 8.7 |
OpenEMR is a free and open source electronic health records and medical practice management application. Users with the …
|
⚡ Exploit ✅ Patch | مارس 25, 2026 |
| CVE-2026-20698 | مرتفع | 7.8 |
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4…
|
— | مارس 25, 2026 |
| CVE-2026-33913 | مرتفع | 7.7 |
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio…
|
⚡ Exploit ✅ Patch | مارس 25, 2026 |