🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2018-25224 | مرتفع | 8.4 |
PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arb…
|
⚡ Exploit | مارس 28, 2026 |
| CVE-2018-25225 | مرتفع | 8.4 |
SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arb…
|
— | مارس 28, 2026 |
| CVE-2026-4987 | مرتفع | 7.5 |
The SureForms – Contact Form, Payment Form & Other Custom Form Builder plugin for WordPress is vulnerable to Payment Amo…
|
— | مارس 28, 2026 |
| CVE-2026-5016 | مرتفع | 7.3 |
A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the …
|
— | مارس 28, 2026 |
| CVE-2026-5000 | مرتفع | 7.3 |
A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the f…
|
— | مارس 28, 2026 |
| CVE-2026-5002 | مرتفع | 7.3 |
A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted el…
|
— | مارس 28, 2026 |
| CVE-2026-4996 | مرتفع | 7.3 |
A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function delete_questi…
|
— | مارس 28, 2026 |
| CVE-2026-4998 | مرتفع | 7.3 |
A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor…
|
— | مارس 28, 2026 |
| CVE-2026-5001 | مرتفع | 7.3 |
A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is …
|
— | مارس 28, 2026 |
| CVE-2026-1679 | مرتفع | 7.3 |
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; ove…
|
⚡ Exploit ✅ Patch | مارس 28, 2026 |
| CVE-2025-12886 | مرتفع | 7.2 |
The Oxygen Theme theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, …
|
— | مارس 28, 2026 |
| CVE-2026-4974 | مرتفع | 8.8 |
A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /gofor…
|
⚡ Exploit | مارس 27, 2026 |
| CVE-2026-4904 | مرتفع | 8.8 |
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/…
|
⚡ Exploit | مارس 27, 2026 |
| CVE-2026-29180 | مرتفع | 8.8 |
Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host …
|
— | مارس 27, 2026 |
| CVE-2026-33735 | مرتفع | 8.8 |
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.69, an authorization bypas…
|
⚡ Exploit ✅ Patch | مارس 27, 2026 |
| CVE-2026-26060 | مرتفع | 8.8 |
Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic c…
|
— | مارس 27, 2026 |
| CVE-2026-4975 | مرتفع | 8.8 |
A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcf…
|
⚡ Exploit | مارس 27, 2026 |
| CVE-2026-4905 | مرتفع | 8.8 |
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsO…
|
⚡ Exploit | مارس 27, 2026 |
| CVE-2026-4906 | مرتفع | 8.8 |
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /gof…
|
⚡ Exploit | مارس 27, 2026 |
| CVE-2026-25099 | مرتفع | 8.8 |
Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension wi…
|
— | مارس 27, 2026 |