🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-3328 | مرتفع | 7.2 |
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to PHP Object Injection via deserialization of the '…
|
— | مارس 26, 2026 |
| CVE-2026-4329 | مرتفع | 7.2 |
The Blackhole for Bad Bots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent HTTP hea…
|
— | مارس 26, 2026 |
| CVE-2018-25207 | مرتفع | 7.1 |
Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated …
|
— | مارس 26, 2026 |
| CVE-2026-33645 | مرتفع | 7.1 |
Fireshare facilitates self-hosted media and link sharing. In version 1.5.1, an authenticated path traversal vulnerabilit…
|
— | مارس 26, 2026 |
| CVE-2026-23514 | مرتفع | 8.8 |
Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerabili…
|
— | مارس 25, 2026 |
| CVE-2026-20631 | مرتفع | 8.8 |
A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate…
|
— | مارس 25, 2026 |
| CVE-2026-33348 | مرتفع | 8.7 |
OpenEMR is a free and open source electronic health records and medical practice management application. Users with the …
|
⚡ Exploit ✅ Patch | مارس 25, 2026 |
| CVE-2026-20698 | مرتفع | 7.8 |
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4…
|
— | مارس 25, 2026 |
| CVE-2026-2995 | مرتفع | 7.7 |
GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.1…
|
— | مارس 25, 2026 |
| CVE-2026-33913 | مرتفع | 7.7 |
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio…
|
⚡ Exploit ✅ Patch | مارس 25, 2026 |
| CVE-2026-24750 | مرتفع | 7.6 |
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attac…
|
— | مارس 25, 2026 |
| CVE-2026-33247 | مرتفع | 7.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.1…
|
— | مارس 25, 2026 |
| CVE-2025-36258 | مرتفع | 7.1 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive informat…
|
— | مارس 25, 2026 |
| CVE-2026-33217 | مرتفع | 7.1 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.1…
|
— | مارس 25, 2026 |
| CVE-2026-30932 | مرتفع | 8.8 |
Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint (accessi…
|
⚡ Exploit ✅ Patch | مارس 24, 2026 |
| CVE-2026-33336 | مرتفع | 8.8 |
Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, t…
|
⚡ Exploit | مارس 24, 2026 |
| CVE-2026-3533 | مرتفع | 8.8 |
The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_pop…
|
— | مارس 24, 2026 |
| CVE-2026-4639 | مرتفع | 8.8 |
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated rem…
|
— | مارس 24, 2026 |
| CVE-2019-25647 | مرتفع | 8.8 |
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attac…
|
⚡ Exploit | مارس 24, 2026 |
| CVE-2025-41660 | مرتفع | 8.8 |
A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enab…
|
— | مارس 24, 2026 |