🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-39860 | حرج | 9.0 |
Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary ove…
|
✅ Patch | أبريل 8, 2026 |
| CVE-2026-3357 | مرتفع | 8.8 |
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the sys…
|
— | أبريل 8, 2026 |
| CVE-2026-3243 | مرتفع | 8.8 |
The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path…
|
— | أبريل 8, 2026 |
| CVE-2026-3499 | مرتفع | 8.8 |
The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to C…
|
— | أبريل 8, 2026 |
| CVE-2026-1342 | مرتفع | 8.5 |
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 …
|
— | أبريل 8, 2026 |
| CVE-2026-4788 | مرتفع | 8.4 |
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a loc…
|
— | أبريل 8, 2026 |
| CVE-2026-5436 | مرتفع | 8.1 |
The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1.…
|
— | أبريل 8, 2026 |
| CVE-2026-30815 | مرتفع | 8.0 |
An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent…
|
— | أبريل 8, 2026 |
| CVE-2026-30814 | مرتفع | 8.0 |
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attac…
|
— | أبريل 8, 2026 |
| CVE-2026-30818 | مرتفع | 8.0 |
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent…
|
— | أبريل 8, 2026 |
| CVE-2026-40031 | مرتفع | 7.8 |
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking acr…
|
— | أبريل 8, 2026 |
| CVE-2026-40030 | مرتفع | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is …
|
— | أبريل 8, 2026 |
| CVE-2026-40029 | مرتفع | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsa…
|
— | أبريل 8, 2026 |
| CVE-2026-40032 | مرتفع | 7.8 |
UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability in the placeholder subst…
|
— | أبريل 8, 2026 |
| CVE-2026-5726 | مرتفع | 7.8 |
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
— | أبريل 8, 2026 |
| CVE-2025-50652 | مرتفع | 7.5 |
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint…
|
— | أبريل 8, 2026 |
| CVE-2025-50654 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in th…
|
— | أبريل 8, 2026 |
| CVE-2025-52222 | مرتفع | 7.5 |
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-840…
|
— | أبريل 8, 2026 |
| CVE-2025-50650 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the ro…
|
— | أبريل 8, 2026 |
| CVE-2025-50653 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem paramet…
|
— | أبريل 8, 2026 |