🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-24010 | مرتفع | 8.0 |
Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versi…
|
⚡ Exploit ✅ Patch | يناير 22, 2026 |
| CVE-2026-24129 | مرتفع | 8.0 |
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versi…
|
⚡ Exploit ✅ Patch | يناير 22, 2026 |
| CVE-2026-1260 | مرتفع | 7.8 |
Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created…
|
✅ Patch | يناير 22, 2026 |
| CVE-2025-10024 | مرتفع | 7.5 |
Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Educatio…
|
✅ Patch | يناير 22, 2026 |
| CVE-2025-10855 | مرتفع | 7.5 |
Authorization Bypass Through User-Controlled Key vulnerability in Solvera Software Services Trade Inc. Teknoera allows E…
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-1330 | مرتفع | 7.5 |
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote at…
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-21520 | مرتفع | 7.5 |
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view s…
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-21521 | مرتفع | 7.4 |
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose inf…
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-21524 | مرتفع | 7.4 |
Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to dis…
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-23988 | مرتفع | 7.3 |
Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condit…
|
⚡ Exploit ✅ Patch | يناير 22, 2026 |
| CVE-2025-67684 | مرتفع | 7.2 |
Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart …
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-0533 | مرتفع | 7.1 |
A maliciously crafted HTML payload in a design name, when displayed during the delete confirmation dialog and clicked by…
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-0534 | مرتفع | 7.1 |
A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger a Stored Cross-site …
|
✅ Patch | يناير 22, 2026 |
| CVE-2026-0535 | مرتفع | 7.1 |
A maliciously crafted HTML payload, stored in a component’s description and clicked by a user, can trigger a Stored Cros…
|
✅ Patch | يناير 22, 2026 |
| CVE-2021-47770 | مرتفع | 8.8 |
OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to…
|
✅ Patch | يناير 21, 2026 |
| CVE-2021-47852 | مرتفع | 8.8 |
Rockstar Games Launcher 1.0.37.349 contains a privilege escalation vulnerability that allows authenticated users to modi…
|
✅ Patch | يناير 21, 2026 |
| CVE-2021-47871 | مرتفع | 8.8 |
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write f…
|
✅ Patch | يناير 21, 2026 |
| CVE-2026-0834 | مرتفع | 8.8 |
Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 (TDDP module) allows unauthenticated adjacent attack…
|
✅ Patch | يناير 21, 2026 |
| CVE-2026-22822 | مرتفع | 8.8 |
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernete…
|
✅ Patch | يناير 21, 2026 |
| CVE-2026-23526 | مرتفع | 8.8 |
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.0.0 through 2.54.0…
|
✅ Patch | يناير 21, 2026 |