🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-35620 | متوسط | 5.4 |
OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handle…
|
— | أبريل 10, 2026 |
| CVE-2026-35661 | متوسط | 5.3 |
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows…
|
— | أبريل 10, 2026 |
| CVE-2026-35664 | متوسط | 5.3 |
OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired …
|
— | أبريل 10, 2026 |
| CVE-2026-4664 | متوسط | 5.3 |
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to, …
|
— | أبريل 10, 2026 |
| CVE-2026-35665 | متوسط | 5.3 |
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request…
|
— | أبريل 10, 2026 |
| CVE-2026-35654 | متوسط | 5.3 |
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows…
|
— | أبريل 10, 2026 |
| CVE-2026-5998 | متوسط | 5.3 |
A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file…
|
— | أبريل 10, 2026 |
| CVE-2026-35647 | متوسط | 5.3 |
OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks an…
|
— | أبريل 10, 2026 |
| CVE-2026-5830 | مرتفع | 8.8 |
A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysTo…
|
— | أبريل 9, 2026 |
| CVE-2026-5980 | مرتفع | 8.8 |
A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /g…
|
— | أبريل 9, 2026 |
| CVE-2026-5815 | مرتفع | 8.8 |
A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgi_main of the file /cgi-…
|
— | أبريل 9, 2026 |
| CVE-2026-33785 | مرتفع | 8.8 |
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated…
|
— | أبريل 9, 2026 |
| CVE-2026-35638 | مرتفع | 8.8 |
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated se…
|
— | أبريل 9, 2026 |
| CVE-2026-5984 | مرتفع | 8.8 |
A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formS…
|
— | أبريل 9, 2026 |
| CVE-2026-5979 | مرتفع | 8.8 |
A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ …
|
— | أبريل 9, 2026 |
| CVE-2026-4326 | مرتفع | 8.8 |
The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in all versions up to and in…
|
— | أبريل 9, 2026 |
| CVE-2026-35639 | مرتفع | 8.8 |
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an…
|
— | أبريل 9, 2026 |
| CVE-2026-5983 | مرتفع | 8.8 |
A vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDDNS of the file /gofo…
|
— | أبريل 9, 2026 |
| CVE-2026-5981 | مرتفع | 8.8 |
A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform…
|
— | أبريل 9, 2026 |
| CVE-2026-5988 | مرتفع | 8.8 |
A vulnerability was detected in Tenda F451 1.0.0.7. This impacts the function formWrlsafeset of the file /goform/AdvSetW…
|
— | أبريل 9, 2026 |