🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-5436 | مرتفع | 8.1 |
The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1.…
|
— | أبريل 8, 2026 |
| CVE-2026-30815 | مرتفع | 8.0 |
An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent…
|
— | أبريل 8, 2026 |
| CVE-2026-30818 | مرتفع | 8.0 |
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent…
|
— | أبريل 8, 2026 |
| CVE-2026-30814 | مرتفع | 8.0 |
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attac…
|
— | أبريل 8, 2026 |
| CVE-2026-5726 | مرتفع | 7.8 |
ASDA-Soft Stack-based Buffer Overflow Vulnerability
|
— | أبريل 8, 2026 |
| CVE-2026-40030 | مرتفع | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument (-v flag) is …
|
— | أبريل 8, 2026 |
| CVE-2026-40029 | مرتفع | 7.8 |
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsa…
|
— | أبريل 8, 2026 |
| CVE-2026-40031 | مرتفع | 7.8 |
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking acr…
|
— | أبريل 8, 2026 |
| CVE-2026-40032 | مرتفع | 7.8 |
UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability in the placeholder subst…
|
— | أبريل 8, 2026 |
| CVE-2025-50650 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the ro…
|
— | أبريل 8, 2026 |
| CVE-2025-52222 | مرتفع | 7.5 |
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-840…
|
— | أبريل 8, 2026 |
| CVE-2025-50652 | مرتفع | 7.5 |
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint…
|
— | أبريل 8, 2026 |
| CVE-2025-50654 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in th…
|
— | أبريل 8, 2026 |
| CVE-2026-40036 | مرتفع | 7.5 |
Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parse_compressed.py that allows remote a…
|
— | أبريل 8, 2026 |
| CVE-2026-35525 | مرتفع | 7.5 |
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %},…
|
⚡ Exploit | أبريل 8, 2026 |
| CVE-2025-50653 | مرتفع | 7.5 |
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem paramet…
|
— | أبريل 8, 2026 |
| CVE-2026-3396 | مرتفع | 7.5 |
WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter…
|
— | أبريل 8, 2026 |
| CVE-2026-5802 | مرتفع | 7.3 |
A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP …
|
— | أبريل 8, 2026 |
| CVE-2026-5813 | مرتفع | 7.3 |
A weakness has been identified in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of …
|
— | أبريل 8, 2026 |
| CVE-2026-40027 | مرتفع | 7.3 |
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.p…
|
— | أبريل 8, 2026 |