🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-27824 | متوسط | 5.3 |
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.…
|
⚡ Exploit | فبراير 27, 2026 |
| CVE-2026-28407 | متوسط | 5.3 |
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior …
|
✅ Patch | فبراير 27, 2026 |
| CVE-2025-9572 | متوسط | 5.0 |
n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permi…
|
— | فبراير 27, 2026 |
| CVE-2026-22716 | متوسط | 5.0 |
Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administr…
|
— | فبراير 27, 2026 |
| CVE-2026-28270 | متوسط | 4.9 |
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows upl…
|
— | فبراير 27, 2026 |
| CVE-2026-0871 | متوسط | 4.9 |
A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can vi…
|
— | فبراير 27, 2026 |
| CVE-2026-2831 | متوسط | 4.9 |
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, an…
|
— | فبراير 27, 2026 |
| CVE-2026-3302 | متوسط | 4.3 |
A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown f…
|
⚡ Exploit | فبراير 27, 2026 |
| CVE-2026-20797 | متوسط | 4.3 |
A stack based buffer overflow exists in an API route of XWEB Pro version
1.12.1 and prior, enabling unauthenticated att…
|
— | فبراير 27, 2026 |
| CVE-2026-27758 | متوسط | 4.3 |
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a cross-site request forgery vulnerability in its man…
|
— | فبراير 27, 2026 |
| CVE-2026-22877 | منخفض | 3.7 |
An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling unauthenticated attackers to…
|
— | فبراير 27, 2026 |
| CVE-2026-3282 | منخفض | 3.3 |
A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_build of the file li…
|
— | فبراير 27, 2026 |
| CVE-2026-3283 | منخفض | 3.3 |
A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file li…
|
— | فبراير 27, 2026 |
| CVE-2026-3293 | منخفض | 3.3 |
A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner …
|
— | فبراير 27, 2026 |
| CVE-2026-3284 | منخفض | 3.3 |
A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conver…
|
— | فبراير 27, 2026 |
| CVE-2026-3285 | منخفض | 3.3 |
A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scan_string of the …
|
— | فبراير 27, 2026 |
| CVE-2025-12150 | منخفض | 3.1 |
A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the conf…
|
— | فبراير 27, 2026 |
| CVE-2026-22717 | منخفض | 2.7 |
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administra…
|
— | فبراير 27, 2026 |
| CVE-2026-2293 | متوسط | — |
A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fas…
|
— | فبراير 27, 2026 |
| CVE-2026-2880 | متوسط | — |
A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-sc…
|
— | فبراير 27, 2026 |