🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-1280 | مرتفع | 7.5 |
The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to a missing capability ch…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-23743 | مرتفع | 7.5 |
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, permali…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-0832 | مرتفع | 7.3 |
The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-1400 | مرتفع | 7.2 |
The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads …
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-1505 | مرتفع | 7.2 |
A vulnerability was found in D-Link DIR-615 4.10. This issue affects some unknown processing of the file /set_temp_nodes…
|
⚡ Exploit ✅ Patch | يناير 28, 2026 |
| CVE-2026-1506 | مرتفع | 7.2 |
A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /adv_mac_filter.php o…
|
⚡ Exploit ✅ Patch | يناير 28, 2026 |
| CVE-2025-14610 | مرتفع | 7.2 |
The TableMaster for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, a…
|
✅ Patch | يناير 28, 2026 |
| CVE-2026-24736 | حرج | 9.1 |
Squidex is an open source headless content management system and content management hub. Versions of the application up …
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2026-24858 | حرج | 9.0 |
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability — Fortinet FortiAnalyz…
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2026-24345 | مرتفع | 8.8 |
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization che…
|
✅ Patch | يناير 27, 2026 |
| CVE-2020-36938 | مرتفع | 8.8 |
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system …
|
✅ Patch | يناير 27, 2026 |
| CVE-2020-36942 | مرتفع | 8.8 |
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files throug…
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2025-41726 | مرتفع | 8.8 |
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the…
|
✅ Patch | يناير 27, 2026 |
| CVE-2026-24486 | مرتفع | 8.6 |
Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exi…
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2026-24882 | مرتفع | 8.4 |
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for …
|
⚡ Exploit ✅ Patch | يناير 27, 2026 |
| CVE-2020-36951 | مرتفع | 8.2 |
Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers…
|
✅ Patch | يناير 27, 2026 |
| CVE-2021-47902 | مرتفع | 8.2 |
Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate dat…
|
✅ Patch | يناير 27, 2026 |
| CVE-2020-36980 | مرتفع | 7.8 |
SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allow…
|
✅ Patch | يناير 27, 2026 |
| CVE-2020-36981 | مرتفع | 7.8 |
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users…
|
✅ Patch | يناير 27, 2026 |
| CVE-2020-36982 | مرتفع | 7.8 |
Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that …
|
✅ Patch | يناير 27, 2026 |