🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-28218 | متوسط | 5.4 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, fail-open access c…
|
— | فبراير 26, 2026 |
| CVE-2025-56605 | متوسط | 5.4 |
A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event M…
|
— | فبراير 26, 2026 |
| CVE-2025-64999 | متوسط | 5.4 |
Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker…
|
— | فبراير 26, 2026 |
| CVE-2026-2356 | متوسط | 5.3 |
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vuln…
|
— | فبراير 26, 2026 |
| CVE-2026-24004 | متوسط | 5.3 |
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub…
|
— | فبراير 26, 2026 |
| CVE-2026-27021 | متوسط | 5.3 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the voters endpoin…
|
— | فبراير 26, 2026 |
| CVE-2026-28132 | متوسط | 5.3 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Ph…
|
— | فبراير 26, 2026 |
| CVE-2026-26228 | متوسط | 4.9 |
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server rout…
|
— | فبراير 26, 2026 |
| CVE-2026-26936 | متوسط | 4.9 |
Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in Kibana can lead Denial …
|
— | فبراير 26, 2026 |
| CVE-2026-27162 | متوسط | 4.9 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `posts_nearby` was…
|
— | فبراير 26, 2026 |
| CVE-2026-27963 | متوسط | 4.8 |
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) vulnerability exists i…
|
⚡ Exploit ✅ Patch | فبراير 26, 2026 |
| CVE-2026-27974 | متوسط | 4.8 |
Audiobookshelf is a self-hosted audiobook and podcast server. A cross-site scripting (XSS) vulnerability exists in versi…
|
— | فبراير 26, 2026 |
| CVE-2026-26973 | متوسط | 4.3 |
Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR (Insec…
|
— | فبراير 26, 2026 |
| CVE-2026-27457 | متوسط | 4.3 |
Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's `AddonViewSet` (`weblate/api/views.py`…
|
✅ Patch | فبراير 26, 2026 |
| CVE-2026-27835 | متوسط | 4.3 |
wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, `RepetitionsConfigViewSet`…
|
⚡ Exploit ✅ Patch | فبراير 26, 2026 |
| CVE-2026-27839 | متوسط | 4.3 |
wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, three `nutritional_values`…
|
⚡ Exploit ✅ Patch | فبراير 26, 2026 |
| CVE-2026-28219 | متوسط | 4.3 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an improper author…
|
— | فبراير 26, 2026 |
| CVE-2026-28295 | متوسط | 4.3 |
A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrar…
|
— | فبراير 26, 2026 |
| CVE-2026-28296 | متوسط | 4.3 |
A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplyi…
|
— | فبراير 26, 2026 |
| CVE-2026-27150 | منخفض | 3.8 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, missing `validate_…
|
— | فبراير 26, 2026 |