🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-32748 | مرتفع | 7.5 |
Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetim…
|
✅ Patch | مارس 26, 2026 |
| CVE-2026-27828 | مرتفع | 7.5 |
EVerest is an EV charging software stack. Prior to version 2026.02.0, ISO15118_chargerImpl::handle_session_setup uses v2…
|
— | مارس 26, 2026 |
| CVE-2026-27664 | مرتفع | 7.5 |
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), SICORE Base syst…
|
— | مارس 26, 2026 |
| CVE-2026-26008 | مرتفع | 7.5 |
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access (std::vector) that le…
|
— | مارس 26, 2026 |
| CVE-2026-4841 | مرتفع | 7.3 |
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the fil…
|
— | مارس 26, 2026 |
| CVE-2025-55263 | مرتفع | 7.3 |
HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or i…
|
— | مارس 26, 2026 |
| CVE-2026-4860 | مرتفع | 7.3 |
A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. This affects the function GenericFastJsonR…
|
— | مارس 26, 2026 |
| CVE-2026-4850 | مرتفع | 7.3 |
A security flaw has been discovered in code-projects Simple Laundry System 1.0. Affected is an unknown function of the f…
|
— | مارس 26, 2026 |
| CVE-2026-4839 | مرتفع | 7.3 |
A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file …
|
— | مارس 26, 2026 |
| CVE-2026-2231 | مرتفع | 7.2 |
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all vers…
|
— | مارس 26, 2026 |
| CVE-2026-4329 | مرتفع | 7.2 |
The Blackhole for Bad Bots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent HTTP hea…
|
— | مارس 26, 2026 |
| CVE-2026-3328 | مرتفع | 7.2 |
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to PHP Object Injection via deserialization of the '…
|
— | مارس 26, 2026 |
| CVE-2018-25207 | مرتفع | 7.1 |
Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated …
|
— | مارس 26, 2026 |
| CVE-2026-33645 | مرتفع | 7.1 |
Fireshare facilitates self-hosted media and link sharing. In version 1.5.1, an authenticated path traversal vulnerabilit…
|
— | مارس 26, 2026 |
| CVE-2026-3121 | متوسط | 6.5 |
A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where thi…
|
— | مارس 26, 2026 |
| CVE-2026-27663 | متوسط | 6.5 |
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), RTUM85 RTU Base …
|
— | مارس 26, 2026 |
| CVE-2026-4389 | متوسط | 6.4 |
The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting v…
|
— | مارس 26, 2026 |
| CVE-2026-4278 | متوسط | 6.4 |
The Simple Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sdc_menu' shortco…
|
— | مارس 26, 2026 |
| CVE-2026-4075 | متوسط | 6.4 |
The BWL Advanced FAQ Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'baf_sbox' s…
|
— | مارس 26, 2026 |
| CVE-2026-4876 | متوسط | 6.3 |
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown fun…
|
— | مارس 26, 2026 |