🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-25239 | مرتفع | 7.5 |
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulner…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-24052 | مرتفع | 7.4 |
Claude Code is an agentic coding tool. Prior to version 1.0.111, Claude Code contained insufficient URL validation in it…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1802 | مرتفع | 7.3 |
A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the f…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-0617 | مرتفع | 7.2 |
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-S…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1065 | مرتفع | 7.2 |
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and inc…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37084 | مرتفع | 7.2 |
School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitr…
|
⚡ Exploit ✅ Patch | فبراير 3, 2026 |
| CVE-2025-58382 | مرتفع | 7.2 |
A vulnerability in the secure configuration of authentication and
management services in Brocade Fabric OS before Fabri…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2025-58383 | مرتفع | 7.2 |
A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37081 | مرتفع | 7.1 |
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calend…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37105 | مرتفع | 7.1 |
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37108 | مرتفع | 7.1 |
PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product_detail.php that allows r…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1058 | مرتفع | 7.1 |
The Form Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via hidden field values in all versions…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-23515 | حرج | 9.9 |
Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulner…
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2026-25134 | مرتفع | 8.8 |
Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5…
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2022-50975 | مرتفع | 8.8 |
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2024-5386 | مرتفع | 8.8 |
In lunary-ai/lunary version 1.2.2, an account hijacking vulnerability exists due to a password reset token leak. A user …
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |
| CVE-2025-8587 | مرتفع | 8.6 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AKCE Software Tech…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-1530 | مرتفع | 8.1 |
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) atta…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-1531 | مرتفع | 8.1 |
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification…
|
✅ Patch | فبراير 2, 2026 |
| CVE-2026-25221 | مرتفع | 8.1 |
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for …
|
⚡ Exploit ✅ Patch | فبراير 2, 2026 |