🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-21345 | مرتفع | 7.8 |
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a craft…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-21323 | مرتفع | 7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-0651 | مرتفع | 7.8 |
On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, al…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-21344 | مرتفع | 7.8 |
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a craft…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-21321 | مرتفع | 7.8 |
After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could resul…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-21320 | مرتفع | 7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary co…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-25506 | مرتفع | 7.7 |
MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can …
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-23689 | مرتفع | 7.7 |
Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular us…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-24322 | مرتفع | 7.7 |
SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks f…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2025-40587 | مرتفع | 7.6 |
A vulnerability has been identified in Polarion V2404 (All versions < V2404.5), Polarion V2410 (All versions < V2410.2).…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-25728 | مرتفع | 7.5 |
ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) ra…
|
⚡ Exploit ✅ Patch | فبراير 10, 2026 |
| CVE-2026-21218 | مرتفع | 7.5 |
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-2093 | مرتفع | 7.5 |
Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject ar…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-2268 | مرتفع | 7.5 |
The Ninja Forms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and includin…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-0485 | مرتفع | 7.5 |
SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause t…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-0490 | مرتفع | 7.5 |
SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted en…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-0508 | مرتفع | 7.3 |
The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert m…
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-2260 | مرتفع | 7.2 |
A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin.…
|
⚡ Exploit ✅ Patch | فبراير 10, 2026 |
| CVE-2026-1866 | مرتفع | 7.2 |
The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via double HTML-entity encoding in …
|
✅ Patch | فبراير 10, 2026 |
| CVE-2026-0845 | مرتفع | 7.2 |
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is…
|
✅ Patch | فبراير 10, 2026 |