🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-25537 | مرتفع | 7.5 |
jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, spe…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-25541 | مرتفع | 7.5 |
Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer o…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-25575 | مرتفع | 7.5 |
NavigaTUM is a website and API to search for rooms, buildings and other places. Prior to commit 86f34c7, there is a path…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2025-15555 | مرتفع | 7.3 |
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_…
|
⚡ Exploit ✅ Patch | فبراير 4, 2026 |
| CVE-2026-21893 | مرتفع | 7.2 |
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerab…
|
✅ Patch | فبراير 4, 2026 |
| CVE-2020-37073 | مرتفع | 8.8 |
Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with a…
|
⚡ Exploit ✅ Patch | فبراير 3, 2026 |
| CVE-2020-37078 | مرتفع | 8.8 |
i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated att…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37113 | مرتفع | 8.8 |
GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when uploading files. By renamin…
|
⚡ Exploit ✅ Patch | فبراير 3, 2026 |
| CVE-2020-37116 | مرتفع | 8.8 |
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the…
|
⚡ Exploit ✅ Patch | فبراير 3, 2026 |
| CVE-2026-1730 | مرتفع | 8.8 |
The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation i…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-24887 | مرتفع | 8.8 |
Claude Code is an agentic coding tool. Prior to version 2.0.72, due to an error in command parsing, it was possible to b…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2025-6397 | مرتفع | 8.6 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ankara Host…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2019-25260 | مرتفع | 8.2 |
OXID eShop versions 6.x prior to 6.3.4 contains a SQL injection vulnerability in the 'sorting' parameter that allows att…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2020-37076 | مرتفع | 8.2 |
Victor CMS version 1.0 contains a SQL injection vulnerability in the 'post' parameter on post.php that allows remote att…
|
⚡ Exploit ✅ Patch | فبراير 3, 2026 |
| CVE-2020-37083 | مرتفع | 8.2 |
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipula…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2025-62501 | مرتفع | 8.1 |
SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain de…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1375 | مرتفع | 8.1 |
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Refere…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2026-1803 | مرتفع | 8.1 |
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear …
|
✅ Patch | فبراير 3, 2026 |
| CVE-2025-58077 | مرتفع | 8.0 |
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a…
|
✅ Patch | فبراير 3, 2026 |
| CVE-2025-58455 | مرتفع | 8.0 |
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a…
|
✅ Patch | فبراير 3, 2026 |