🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-25650 | مرتفع | 7.5 |
MCP Salesforce Connector is a Model Context Protocol (MCP) server implementation for Salesforce integration. Prior to 0.…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-25724 | مرتفع | 7.5 |
Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configu…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-25751 | مرتفع | 7.5 |
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An information disclosure vulnerability in FUX…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2026-25758 | مرتفع | 7.5 |
Spree is an open source e-commerce solution built with Ruby on Rails. A critical IDOR vulnerability exists in Spree Comm…
|
⚡ Exploit ✅ Patch | فبراير 6, 2026 |
| CVE-2026-2103 | مرتفع | 7.1 |
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, da…
|
⚡ Exploit ✅ Patch | فبراير 6, 2026 |
| CVE-2019-25299 | مرتفع | 7.1 |
RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers t…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25300 | مرتفع | 7.1 |
thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries th…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2019-25303 | مرتفع | 7.1 |
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate databas…
|
✅ Patch | فبراير 6, 2026 |
| CVE-2025-11953 | حرج | 9.0 |
React Native Community CLI OS Command Injection Vulnerability — React Native Community CLI contains an OS command inject…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2026-24423 | حرج | 9.0 |
SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability — SmarterTools SmarterMail contains …
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2020-37117 | مرتفع | 8.8 |
jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated adm…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2025-15557 | مرتفع | 8.8 |
An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on …
|
✅ Patch | فبراير 5, 2026 |
| CVE-2025-13379 | مرتفع | 8.6 |
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQ…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37139 | مرتفع | 8.4 |
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the applica…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37142 | مرتفع | 8.4 |
10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that all…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37151 | مرتفع | 8.2 |
phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmc_username parameter th…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2025-13192 | مرتفع | 8.2 |
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPr…
|
✅ Patch | فبراير 5, 2026 |
| CVE-2026-21532 | مرتفع | 8.2 |
Azure Function Information Disclosure Vulnerability
|
✅ Patch | فبراير 5, 2026 |
| CVE-2020-37149 | مرتفع | 8.1 |
Edimax EW-7438RPn-v3 Mini 1.27 is vulnerable to cross-site request forgery (CSRF) that can lead to command execution. An…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |
| CVE-2019-25267 | مرتفع | 7.8 |
Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute…
|
⚡ Exploit ✅ Patch | فبراير 5, 2026 |