🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-5144 | مرتفع | 8.8 |
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including…
|
— | أبريل 11, 2026 |
| CVE-2026-6105 | مرتفع | 7.3 |
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the fi…
|
— | أبريل 11, 2026 |
| CVE-2026-5217 | مرتفع | 7.2 |
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vuln…
|
— | أبريل 11, 2026 |
| CVE-2026-5809 | مرتفع | 7.1 |
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. Th…
|
— | أبريل 11, 2026 |
| CVE-2026-5989 | مرتفع | 8.8 |
A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteStatic of the file /goform/RouteStatic. E…
|
— | أبريل 10, 2026 |
| CVE-2026-6015 | مرتفع | 8.8 |
A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/Qui…
|
— | أبريل 10, 2026 |
| CVE-2026-5991 | مرتفع | 8.8 |
A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /gof…
|
— | أبريل 10, 2026 |
| CVE-2026-6014 | مرتفع | 8.8 |
A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formA…
|
— | أبريل 10, 2026 |
| CVE-2026-35669 | مرتفع | 8.8 |
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that…
|
✅ Patch | أبريل 10, 2026 |
| CVE-2026-35643 | مرتفع | 8.8 |
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject…
|
✅ Patch | أبريل 10, 2026 |
| CVE-2026-5992 | مرتفع | 8.8 |
A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2…
|
— | أبريل 10, 2026 |
| CVE-2026-5990 | مرتفع | 8.8 |
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter…
|
— | أبريل 10, 2026 |
| CVE-2026-6016 | مرتفع | 8.8 |
A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/W…
|
— | أبريل 10, 2026 |
| CVE-2026-35663 | مرتفع | 8.8 |
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request bro…
|
✅ Patch | أبريل 10, 2026 |
| CVE-2026-6012 | مرتفع | 8.8 |
A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file…
|
— | أبريل 10, 2026 |
| CVE-2026-35666 | مرتفع | 8.8 |
OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/b…
|
✅ Patch | أبريل 10, 2026 |
| CVE-2026-6013 | مرتفع | 8.8 |
A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /g…
|
— | أبريل 10, 2026 |
| CVE-2026-35653 | مرتفع | 8.1 |
OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that all…
|
⚡ Exploit ✅ Patch | أبريل 10, 2026 |
| CVE-2026-4351 | مرتفع | 8.1 |
The Perfmatters plugin for WordPress is vulnerable to arbitrary file overwrite via path traversal in all versions up to,…
|
— | أبريل 10, 2026 |
| CVE-2026-35660 | مرتفع | 8.1 |
OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint tha…
|
✅ Patch | أبريل 10, 2026 |