🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-28219 | متوسط | 4.3 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an improper author…
|
— | فبراير 26, 2026 |
| CVE-2026-28295 | متوسط | 4.3 |
A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrar…
|
— | فبراير 26, 2026 |
| CVE-2026-28296 | متوسط | 4.3 |
A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplyi…
|
— | فبراير 26, 2026 |
| CVE-2026-27150 | منخفض | 3.8 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, missing `validate_…
|
— | فبراير 26, 2026 |
| CVE-2026-27152 | منخفض | 3.8 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, DM communication-p…
|
— | فبراير 26, 2026 |
| CVE-2026-23747 | منخفض | 3.7 |
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in P…
|
— | فبراير 26, 2026 |
| CVE-2026-23748 | منخفض | 3.7 |
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB …
|
— | فبراير 26, 2026 |
| CVE-2026-26227 | منخفض | 3.7 |
VideoLAN VLC for Android prior to version 3.7.0 contains an authentication bypass in the Remote Access Server feature du…
|
— | فبراير 26, 2026 |
| CVE-2026-27838 | منخفض | 3.1 |
wger is a free, open-source workout and fitness manager. Five routine detail action endpoints check a cache before calli…
|
⚡ Exploit ✅ Patch | فبراير 26, 2026 |
| CVE-2026-23749 | منخفض | 2.9 |
Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to impr…
|
— | فبراير 26, 2026 |
| CVE-2026-26979 | منخفض | 2.7 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users are able…
|
— | فبراير 26, 2026 |
| CVE-2026-27151 | منخفض | 2.7 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the `move_posts` a…
|
— | فبراير 26, 2026 |
| CVE-2026-27153 | منخفض | 2.7 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, moderators could e…
|
— | فبراير 26, 2026 |
| CVE-2026-28227 | منخفض | 2.7 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users can publ…
|
— | فبراير 26, 2026 |
| CVE-2026-1198 | متوسط | — |
SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input valid…
|
— | فبراير 26, 2026 |
| CVE-2026-1241 | متوسط | — |
The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web manage…
|
— | فبراير 26, 2026 |
| CVE-2026-1692 | متوسط | — |
A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebSc…
|
— | فبراير 26, 2026 |
| CVE-2026-1693 | متوسط | — |
The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVu…
|
— | فبراير 26, 2026 |
| CVE-2026-1694 | متوسط | — |
HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of t…
|
— | فبراير 26, 2026 |
| CVE-2026-1695 | متوسط | — |
An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of P…
|
— | فبراير 26, 2026 |