🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-25176 | مرتفع | 7.8 |
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privil…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25189 | مرتفع | 7.8 |
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-23673 | مرتفع | 7.8 |
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-25187 | مرتفع | 7.8 |
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate priv…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-27689 | مرتفع | 7.7 |
Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular us…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-30929 | مرتفع | 7.7 |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-1…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-28431 | مرتفع | 7.5 |
Misskey is an open source, federated social media platform. All Misskey servers running versions 8.45.0 and later, but p…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-26308 | مرتفع | 7.5 |
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC (Rol…
|
⚡ Exploit ✅ Patch | مارس 10, 2026 |
| CVE-2026-25181 | مرتفع | 7.5 |
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-2339 | مرتفع | 7.5 |
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Li…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-28432 | مرتفع | 7.5 |
Misskey is an open source, federated social media platform. All Misskey servers prior to 2026.3.1 contain a vulnerabilit…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-30925 | مرتفع | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-a…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-23664 | مرتفع | 7.5 |
Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacke…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-30939 | مرتفع | 7.5 |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.13 …
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-23674 | مرتفع | 7.5 |
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security fea…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-26127 | مرتفع | 7.5 |
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-26121 | مرتفع | 7.5 |
Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a netw…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-3585 | مرتفع | 7.5 |
The The Events Calendar plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.15.…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-23661 | مرتفع | 7.5 |
Cleartext transmission of sensitive information in Azure IoT Explorer allows an unauthorized attacker to disclose inform…
|
✅ Patch | مارس 10, 2026 |
| CVE-2026-26130 | مرتفع | 7.5 |
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service ove…
|
✅ Patch | مارس 10, 2026 |