🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2025-64425 | مرتفع | 8.1 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-59158 | مرتفع | 8.0 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions pri…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-64421 | مرتفع | 8.0 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-68428 | مرتفع | 7.5 |
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loa…
|
✅ Patch | يناير 5, 2026 |
| CVE-2025-68547 | مرتفع | 7.5 |
Missing Authorization vulnerability in WPweb Follow My Blog Post allows Exploiting Incorrectly Configured Access Control…
|
✅ Patch | يناير 5, 2026 |
| CVE-2026-0621 | مرتفع | 7.5 |
Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-15456 | مرتفع | 7.3 |
A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2026-0589 | مرتفع | 7.3 |
A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-68455 | مرتفع | 7.2 |
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 ar…
|
⚡ Exploit ✅ Patch | يناير 5, 2026 |
| CVE-2025-3646 | مرتفع | 7.3 |
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unau…
|
✅ Patch | يناير 4, 2026 |
| CVE-2025-64124 | مرتفع | 8.8 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Ene…
|
✅ Patch | يناير 3, 2026 |
| CVE-2025-15428 | مرتفع | 8.8 |
A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemo…
|
⚡ Exploit ✅ Patch | يناير 2, 2026 |
| CVE-2025-15429 | مرتفع | 8.8 |
A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function s…
|
⚡ Exploit ✅ Patch | يناير 2, 2026 |
| CVE-2025-64120 | مرتفع | 8.8 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Ene…
|
✅ Patch | يناير 2, 2026 |
| CVE-2026-21449 | مرتفع | 8.8 |
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template in…
|
⚡ Exploit ✅ Patch | يناير 2, 2026 |
| CVE-2025-69414 | مرتفع | 8.5 |
Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent access token via a /myplex/account call wit…
|
⚡ Exploit ✅ Patch | يناير 2, 2026 |
| CVE-2026-21451 | مرتفع | 8.4 |
Bagisto is an open source laravel eCommerce platform. A stored Cross-Site Scripting (XSS) vulnerability exists in Bagist…
|
⚡ Exploit ✅ Patch | يناير 2, 2026 |
| CVE-2025-52863 | مرتفع | 8.1 |
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker…
|
✅ Patch | يناير 2, 2026 |
| CVE-2025-52864 | مرتفع | 8.1 |
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker…
|
✅ Patch | يناير 2, 2026 |
| CVE-2025-52872 | مرتفع | 8.1 |
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker…
|
✅ Patch | يناير 2, 2026 |