🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-24352 | حرج | 9.8 |
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the sa…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-27751 | حرج | 9.8 |
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remot…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-27755 | حرج | 9.8 |
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability th…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-28268 | حرج | 9.8 |
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerabil…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-3301 | حرج | 9.8 |
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the functi…
|
⚡ Exploit ✅ Patch | فبراير 27, 2026 |
| CVE-2025-11251 | حرج | 9.8 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software I…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2025-11252 | حرج | 9.8 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology …
|
✅ Patch | فبراير 27, 2026 |
| CVE-2025-12981 | حرج | 9.8 |
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This i…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-2750 | حرج | 9.1 |
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tick…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-28370 | حرج | 9.1 |
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage…
|
⚡ Exploit ✅ Patch | فبراير 27, 2026 |
| CVE-2026-3274 | مرتفع | 8.8 |
A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issue is the function frmL7ProtForm of the f…
|
⚡ Exploit ✅ Patch | فبراير 27, 2026 |
| CVE-2026-3275 | مرتفع | 8.8 |
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addre…
|
⚡ Exploit ✅ Patch | فبراير 27, 2026 |
| CVE-2026-28426 | مرتفع | 8.7 |
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS …
|
✅ Patch | فبراير 27, 2026 |
| CVE-2025-69437 | مرتفع | 8.7 |
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass …
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-0980 | مرتفع | 8.3 |
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-26861 | مرتفع | 8.3 |
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The han…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-26862 | مرتفع | 8.3 |
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessag…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2026-2751 | مرتفع | 8.3 |
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web …
|
✅ Patch | فبراير 27, 2026 |
| CVE-2019-25489 | مرتفع | 8.2 |
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries…
|
✅ Patch | فبراير 27, 2026 |
| CVE-2019-25490 | مرتفع | 8.2 |
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries…
|
✅ Patch | فبراير 27, 2026 |