🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-26078 | مرتفع | 7.5 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, when the `patreon_…
|
✅ Patch | فبراير 26, 2026 |
| CVE-2026-26265 | مرتفع | 7.5 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerabil…
|
✅ Patch | فبراير 26, 2026 |
| CVE-2026-27449 | مرتفع | 7.5 |
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versi…
|
✅ Patch | فبراير 26, 2026 |
| CVE-2026-27141 | مرتفع | 7.5 |
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
|
✅ Patch | فبراير 26, 2026 |
| CVE-2026-3261 | مرتفع | 7.3 |
A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settin…
|
⚡ Exploit ✅ Patch | فبراير 26, 2026 |
| CVE-2026-28138 | مرتفع | 7.2 |
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects…
|
✅ Patch | فبراير 26, 2026 |
| CVE-2026-25741 | مرتفع | 7.1 |
Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpo…
|
✅ Patch | فبراير 26, 2026 |
| CVE-2026-27638 | مرتفع | 7.1 |
Actual is a local-first personal finance tool. Prior to version 26.2.1, in multi-user mode (OpenID), the sync API endpoi…
|
⚡ Exploit ✅ Patch | فبراير 26, 2026 |
| CVE-2026-28207 | متوسط | 6.6 |
Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command inj…
|
⚡ Exploit | فبراير 26, 2026 |
| CVE-2026-28131 | متوسط | 6.5 |
Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon Elements addon-elements-for-e…
|
— | فبراير 26, 2026 |
| CVE-2026-26077 | متوسط | 6.5 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook en…
|
— | فبراير 26, 2026 |
| CVE-2026-25963 | متوسط | 6.5 |
Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet’s ce…
|
— | فبراير 26, 2026 |
| CVE-2026-26934 | متوسط | 6.5 |
Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-on…
|
— | فبراير 26, 2026 |
| CVE-2026-27149 | متوسط | 6.5 |
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, SQL injection in P…
|
— | فبراير 26, 2026 |
| CVE-2026-26935 | متوسط | 6.5 |
Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can lead Denial of Servi…
|
— | فبراير 26, 2026 |
| CVE-2026-26937 | متوسط | 6.5 |
Uncontrolled Resource Consumption (CWE-400) in the Timelion component in Kibana can lead Denial of Service via Input Dat…
|
— | فبراير 26, 2026 |
| CVE-2026-28083 | متوسط | 6.5 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UX-themes Flatsome…
|
— | فبراير 26, 2026 |
| CVE-2026-27465 | متوسط | 6.5 |
Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s configuration A…
|
— | فبراير 26, 2026 |
| CVE-2026-3262 | متوسط | 6.3 |
A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected is…
|
⚡ Exploit | فبراير 26, 2026 |
| CVE-2026-3263 | متوسط | 6.3 |
A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this…
|
⚡ Exploit | فبراير 26, 2026 |