121
ثغرة
2
تهديد
0
خبر
33
حرجة
17
CISA KEV
🛡 الثغرات الأمنية (CVE)
تمثل الثغرة الأمنية CVE-2025-64090 خطراً حرجاً على أنظمة Zenitel TCIS-3 المستخدمة في الاتصالات الصناعية والأمنية. تسمح هذه الثغرة للمهاجمين الذين يمتلكون صلاحيات مصادقة بتنفيذ أوامر نظام التشغيل عبر استغلال حقل اسم المضيف في الجهاز، مما يمكنهم من السيطرة الكاملة على النظام. تصنف …
تمثل هذه الثغرة الأمنية خطراً حرجاً على منصات التجارة الإلكترونية متعددة المستأجرين حيث تسمح للمهاجمين غير المصادقين بالوصول المباشر إلى ملف التكوين البيئي .env عبر المسار /script/.env دون أي قيود أمنية. يحتوي هذا الملف على معلومات بالغة الحساسية تشمل مفتاح تشفير تطبيق Laravel (A…
تمثل هذه الثغرة الأمنية خطراً حرجاً على المؤسسات السعودية التي تستخدم منصة إيروغو لمشاركة الملفات داخلياً. تنشأ الثغرة من عدم كفاية التحقق من صحة المسارات التي يوفرها المستخدم عند إنشاء المشاركات، مما يسمح بهجمات اجتياز المسارات. يستطيع المهاجم ذو الصلاحيات المنخفضة تحديد مسار قا…
تمثل ثغرة CVE-2025-59157 خطراً أمنياً حرجاً في منصة Coolify التي تستخدم لإدارة الخوادم والتطبيقات وقواعد البيانات بشكل ذاتي. تنشأ الثغرة من عدم التحقق الصحيح من المدخلات في حقل مستودع Git عند إنشاء مشروع جديد، مما يسمح بحقن أوامر صدفية خبيثة يتم تنفيذها مباشرة على الخادم المضيف. …
يعد نظام Coolify أداة مفتوحة المصدر لإدارة الخوادم والتطبيقات وقواعد البيانات، وقد تم اكتشاف ثغرة أمنية حرجة في جميع الإصدارات حتى v4.0.0-beta.434 تتعلق بالتخزين غير الآمن لبيانات الاعتماد الحساسة (CWE-522). تسمح هذه الثغرة للمستخدمين ذوي الصلاحيات المحدودة بعرض والوصول إلى المفت…
تؤثر هذه الثغرة الأمنية الحرجة على مكون واجهة برمجة عمليات الملفات في Crafty Controller، وهو نظام إدارة خوادم الألعاب. يستغل المهاجمون المصادق عليهم نقاط ضعف في تحييد المدخلات للتلاعب بمسارات الملفات باستخدام تقنيات اجتياز المسار مثل استخدام النقاط المزدوجة والشرطات المائلة. يمكن…
تمثل ثغرة CVE-2026-22688 خطراً أمنياً بالغ الحدة على المؤسسات التي تستخدم إطار عمل WeKnora من تينسنت لمعالجة المستندات والاسترجاع الدلالي المعتمد على النماذج اللغوية الكبيرة. تنشأ الثغرة من عدم التحقق الكافي من المدخلات في معاملات stdio_config.command وstdio_config.args ضمن إعداد…
تمثل هذه الثغرة الأمنية خطراً حرجاً على أنظمة الملاحة البحرية التي تستخدم خادم Signal K، وهو تطبيق خادم يعمل على مركز مركزي في السفن والقوارب. تسمح الثغرة للمهاجمين بتنفيذ أوامر تعسفية على مستوى نظام التشغيل من خلال استغلال معالجة غير آمنة لقيم التاريخ والوقت المرسلة عبر بروتوكول…
تم اكتشاف ثغرة أمنية حرجة في برنامج HotCRP وهو نظام إدارة مراجعات المؤتمرات العلمية والأكاديمية. الثغرة تنشأ من عدم التحقق الكافي من المدخلات في آلية توليد أكواد الصيغ الرياضية التي تم تقديمها في أبريل 2024 ضمن الإصدار 3.1. يستطيع المهاجم الذي يمتلك حساب مستخدم عادي في النظام است…
تمثل هذه الثغرة الأمنية خطراً حرجاً على البنية التحتية السحابية حيث تسمح لمهاجم مصادق عليه بتجاوز آليات التحكم في الوصول المعمول بها في مدير موارد أزور. يمكن للمهاجم استغلال الثغرة عن بعد عبر الشبكة دون الحاجة لتفاعل المستخدم، مما يمكنه من الحصول على صلاحيات إدارية كاملة على المو…
تمثل هذه الثغرة الأمنية خطراً حرجاً على المؤسسات التي تستخدم نظام CI4MS لإدارة المحتوى، حيث تسمح للمهاجمين المصادق عليهم باستغلال آلية تحرير الملفات المدمجة في النظام. يستغل المهاجم نقاط النهاية البرمجية المخصصة لإنشاء وحفظ الملفات لرفع ملفات PHP خبيثة تحتوي على تعليمات برمجية ضا…
تمثل هذه الثغرة الأمنية الحرجة في وحدة Centreon Open Tickets خطراً كبيراً على المؤسسات التي تعتمد على منصة Centreon لمراقبة البنية التحتية لتقنية المعلومات وإدارة التذاكر والحوادث. نظراً لدرجة الخطورة العالية البالغة 9.9، فإن هذه الثغرة قد تسمح للمهاجمين بالوصول غير المصرح به إلى…
تمثل هذه الثغرة الأمنية خطراً حرجاً على المؤسسات التي تستخدم منصة OneUptime لمراقبة وإدارة الخدمات الإلكترونية. تنشأ المشكلة من الاستخدام غير الآمن لوحدة node:vm في Node.js والتي تم توثيقها صراحةً على أنها ليست آلية أمنية، إلا أن المنصة استخدمتها لتنفيذ أكواد جافا سكريبت المخصصة …
تمثل هذه الثغرة الأمنية خللاً حرجاً في آلية التحقق من صحة الأوامر في مكتبة OpenClaw للغة Node.js، حيث تسمح للمهاجمين بتجاوز قيود القائمة البيضاء المصممة لمنع تنفيذ الأوامر الخطرة. يستغل المهاجمون خاصية اختصار الخيارات الطويلة في أدوات GNU، حيث يمكن استخدام --compress-prog كاختصار…
تعتبر CVE-2025-53521 ثغرة حرجة في مكون APM (Access Policy Manager) من F5 BIG-IP تتعلق بتجاوز المخزن المؤقت على مستوى المكدس. تسمح هذه الثغرة لمهاجم بدون مصادقة بتنفيذ أوامر عشوائية على النظام المتأثر. الثغرة مدرجة في قائمة CISA للثغرات المستغلة بنشاط (KEV) مما يشير إلى وجود استغل…
تؤثر هذه الثغرة على Citrix NetScaler ADC (المعروف سابقاً باسم Citrix ADC) و NetScaler Gateway و NetScaler ADC FIPS و NDcPP عند تكوينها كمزود هوية SAML. تسمح الثغرة بقراءة البيانات خارج حدود الذاكرة المخصصة مما قد يؤدي إلى الكشف عن معلومات حساسة. الثغرة مدرجة في قائمة الثغرات المع…
تحتوي نسخ SiYuan السابقة للإصدار 3.6.2 على ثغرة في التحكم بالوصول حيث يمكن للمهاجمين استرجاع معرفات المستندات عبر واجهة /api/file/readDir ثم استخدام واجهة /api/block/getChildBlocks للوصول إلى محتوى جميع المستندات. الثغرة تسمح بالوصول غير المصرح به إلى المعلومات الحساسة المخزنة في…
تعاني منصة إدارة المعرفة الشخصية SiYuan من ثغرة اجتياز مسار حرجة في واجهة برمجية /api/file/readDir قبل الإصدار 3.6.2. تسمح هذه الثغرة للمهاجمين بالوصول غير المصرح به إلى هياكل الملفات والمجلدات داخل دفاتر الملاحظات. يمكن استخدام هذا الثغرة لاستخراج معلومات حساسة عن تنظيم المستندا…
تحتوي نسخة عميل TrueConf على ثغرة في آلية التحقق من سلامة التحديثات، مما يسمح للمهاجمين بالتأثير على مسار توصيل التحديثات واستبدال الحمولات الأصلية بنسخ معدلة. عند تنفيذ أو تثبيت الحمولة المعدلة من قبل برنامج التحديث، قد يؤدي ذلك إلى تنفيذ كود عشوائي في سياق عملية التحديث أو حساب…
تحتوي Google Dawn على ثغرة استخدام بعد التحرير (use-after-free) التي قد تسمح لمهاجم بعيد قام باختراق عملية العرض بتنفيذ كود عشوائي عبر صفحة HTML معدة خصيصاً. قد تؤثر هذه الثغرة على منتجات متعددة قائمة على Chromium بما في ذلك، على سبيل المثال لا الحصر، Google Chrome و Microsoft Ed…
CVE-2015-6175
Microsoft Windows Kernel Privilege Escalation Vulnerability — The kernel in Microsoft Windows contains a vulnerability t
11:01 KSA
Microsoft Windows Kernel Privilege Escalation Vulnerability — The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.
CVE-2015-7450
IBM WebSphere Application Server and Server Hypervisor Edition Code Injection. — Serialized-object interfaces in certain
11:01 KSA
IBM WebSphere Application Server and Server Hypervisor Edition Code Injection. — Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands
CVE-2015-7645
Adobe Flash Player Arbitrary Code Execution Vulnerability — Adobe Flash Player allows remote attackers to execute arbitr
11:01 KSA
Adobe Flash Player Arbitrary Code Execution Vulnerability — Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.
CVE-2015-7755
Juniper ScreenOS Improper Authentication Vulnerability — Juniper ScreenOS contains an improper authentication vulnerabil
11:01 KSA
Juniper ScreenOS Improper Authentication Vulnerability — Juniper ScreenOS contains an improper authentication vulnerability that could allow unauthorized remote administrative access to the device.
CVE-2015-8651
Adobe Flash Player Integer Overflow Vulnerability — Integer overflow in Adobe Flash Player allows attackers to execute c
11:01 KSA
Adobe Flash Player Integer Overflow Vulnerability — Integer overflow in Adobe Flash Player allows attackers to execute code.
CVE-2016-0034
Microsoft Silverlight Runtime Remote Code Execution Vulnerability — Microsoft Silverlight mishandles negative offsets du
11:01 KSA
Microsoft Silverlight Runtime Remote Code Execution Vulnerability — Microsoft Silverlight mishandles negative offsets during decoding, which allows attackers to execute remote code or cause a denial-of-service (DoS).
CVE-2016-0040
Microsoft Windows Kernel Privilege Escalation Vulnerability — The kernel in Microsoft Windows allows local users to gain
11:01 KSA
Microsoft Windows Kernel Privilege Escalation Vulnerability — The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.
CVE-2016-0099
Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability — A privilege escalation vulnerability exis
11:01 KSA
Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability — A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this v…
CVE-2016-0151
Microsoft Windows CSRSS Security Feature Bypass Vulnerability — The Client-Server Run-time Subsystem (CSRSS) in Microsof
11:01 KSA
Microsoft Windows CSRSS Security Feature Bypass Vulnerability — The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.
CVE-2016-0162
Microsoft Internet Explorer Information Disclosure Vulnerability — An information disclosure vulnerability exists when I
11:01 KSA
Microsoft Internet Explorer Information Disclosure Vulnerability — An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.
CVE-2016-0165
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability that allows
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
CVE-2016-0167
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability that allows
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
CVE-2016-0185
Microsoft Windows Media Center Remote Code Execution Vulnerability — Microsoft Windows Media Center contains a remote co
11:01 KSA
Microsoft Windows Media Center Remote Code Execution Vulnerability — Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.
CVE-2025-71278
XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized scopes. This affects any customer using O
17:48 KSA
XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized scopes. This affects any customer using OAuth2 clients on any version of XenForo 2.3 prior to 2.3.5, potentially allowing client applications to gain access beyond their intended authorization level.
CVE-2026-34040
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that all
03:28 KSA
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
CVE-2026-34227
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click
17:48 KSA
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected ta…
CVE-2026-34373
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version
03:28 KSA
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.66 and 9.7.0-alpha.10, the GraphQL API endpoint does not respect the allowOrigin server option and unconditionally allows cross-origin requests from any w…
CVE-2026-3666
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4
15:48 KSA
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber le…
CVE-2026-5204
A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/we
17:48 KSA
A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component Parameter Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow. The attack can be initiated rem…
CVE-2026-5211
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, D
17:48 KSA
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects th…
CVE-2026-5212
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D
17:48 KSA
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects t…
CVE-2026-5213
A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D
17:48 KSA
A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element…
CVE-2026-5214
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-32
17:48 KSA
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function …
CVE-2026-34585
SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute
17:48 KSA
SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute values to bypass server-side attribute escaping when an HTML entity is mixed with raw special characters. An attacker can embed a malicious IAL value inside a …
CVE-2018-25251
Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attacke
21:54 KSA
Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Net…
CVE-2018-25255
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local
21:54 KSA
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption p…
CVE-2026-34504
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-prov
03:28 KSA
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose inte…
CVE-2026-33577
OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that
03:28 KSA
OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend privile…
CVE-2026-33579
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to
03:28 KSA
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for…
CVE-2026-34210
mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method
03:28 KSA
mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt tok…
CVE-2026-34503
OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked.
03:28 KSA
OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked. Attackers with revoked credentials can maintain unauthorized access through existing live sessions until forced reconnection.
CVE-2026-4896
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is
09:36 KSA
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.25 via multiple AJAX actions including `wcfm_modify_order_status`, `de…
CVE-2026-5282
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of
23:50 KSA
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2016-20055
IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 serv
15:48 KSA
IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the service path and trigger privilege escalation when the…
CVE-2016-20056
Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv service
15:48 KSA
Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting malicious executables. Attackers can place executable files in the unquoted service path and t…
CVE-2016-20057
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that
15:48 KSA
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger…
CVE-2016-20058
Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivi
15:48 KSA
Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger servi…
CVE-2016-20059
IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services
15:48 KSA
IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege escalat…
CVE-2016-20060
Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attac
21:54 KSA
Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system rebo…
CVE-2016-20061
sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers
21:54 KSA
sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquoted path and trigger service restart or sy…
CVE-2026-2123
A security audit identified a privilege escalation
vulnerability in Operations Agent(<=OA 12.29) on Windows. Under speci
17:48 KSA
A security audit identified a privilege escalation
vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions
Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of
Oneconsult AG for reporting t…
CVE-2026-24165
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful explo
17:48 KSA
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
CVE-2026-34163
FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP (Model Context Protocol) tools endpoi
03:28 KSA
FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP (Model Context Protocol) tools endpoints (/api/core/app/mcpTools/getTools and /api/core/app/mcpTools/runTool) accept a user-supplied URL parameter and make server-side HTTP requests to it without v…
CVE-2026-34769
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to version
23:16 KSA
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process…
CVE-2025-13855
IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could
17:48 KSA
IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
CVE-2018-25246
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application
21:54 KSA
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an app…
CVE-2025-71282
XenForo before 2.3.7 discloses filesystem paths through exception messages triggered by open_basedir restrictions. This
17:48 KSA
XenForo before 2.3.7 discloses filesystem paths through exception messages triggered by open_basedir restrictions. This allows an attacker to obtain information about the server's directory structure.
CVE-2026-1233
The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure i
15:48 KSA
The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server…
CVE-2026-34573
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version
17:48 KSA
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out…
CVE-2026-34784
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version
17:48 KSA
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.71 and 9.7.1-alpha.1, file downloads via HTTP Range requests bypass the afterFind(Parse.File) trigger and its validators on storage adapters that support …
CVE-2026-5115
The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijackin
03:28 KSA
The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device.
It was internally discove…
CVE-2026-27655
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on M
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report.
CVE-2026-28703
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Betwee
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report.
CVE-2026-28754
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists rep
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report.
CVE-2026-28756
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on D
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report.
CVE-2026-3879
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Deta
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Details report.
CVE-2026-3880
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client P
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report.
CVE-2026-4107
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count a
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and Size report.
CVE-2026-4108
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Perm
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permission report.
CVE-2026-5198
A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown functi
03:28 KSA
A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation of the argument username/password causes sql injection. Remote exploitation of t…
CVE-2026-5210
A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a
17:48 KSA
A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a manipulation of the argument page results in file inclusion. Remote exploitation of the attack is possible. The exploit is now public and may be used.
CVE-2026-5237
A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an
17:48 KSA
A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /manage_user.php of the component Parameter Handler. Performing a manipulation of the argument ID results in sql injection. Th…
CVE-2026-5238
A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this issue is some unknown fun
17:48 KSA
A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /view_employee.php of the component Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack …
CVE-2026-5258
A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function _get_file of the file iopaint/file_manager/
23:50 KSA
A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function _get_file of the file iopaint/file_manager/file_manager.py of the component File Manager. Performing a manipulation of the argument filename results in path traversal. The attack is possible to be carrie…
CVE-2026-5526
A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerabil
21:54 KSA
A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The explo…
CVE-2018-25248
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inje
21:54 KSA
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when…
CVE-2018-25250
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows atta
21:54 KSA
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that exec…
CVE-2026-2936
The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page
15:48 KSA
The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page_title' parameter in all versions up to, and including, 8.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat…
CVE-2026-35056
XenForo before 2.3.9 and before 2.2.18 allows remote code execution (RCE) by authenticated, but malicious, admin users.
19:02 KSA
XenForo before 2.3.9 and before 2.2.18 allows remote code execution (RCE) by authenticated, but malicious, admin users. An attacker with admin panel access can execute arbitrary code on the server.
CVE-2026-4267
The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site S
03:28 KSA
The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘$_SERVER['REQUEST_URI']’ parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. Th…
CVE-2026-5425
The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data'
09:36 KSA
The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' parameter keys in all versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticate…
CVE-2026-3445
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePres
09:36 KSA
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to unauthorized membership payment bypass in all versions up to, and including, 4.16.11. This is due to a missing ownership…
CVE-2026-3309
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePres
01:31 KSA
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.11. This is due to the plugin allowing user-sup…
CVE-2026-3571
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized
21:14 KSA
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pie_main() function in all versions up to, and including, 3.8.4.8. This makes it possible for unau…
CVE-2018-25249
MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to in
03:38 KSA
MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers can add crafted HTML and JavaScript payloads in the comment field that execute when other u…
CVE-2025-13368
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the P
21:14 KSA
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Pricing Widget's 'onClick Event' setting in all versions up to, and including, 1.4.20 due to insufficient input sanitization and output escaping. This makes it p…
CVE-2025-15064
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugi
21:14 KSA
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user description field in all versions up to, and including, 2.11.1 due to insufficient inp…
CVE-2026-0552
The Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsc_displa
21:14 KSA
The Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsc_display_product' shortcode in all versions up to, and including, 5.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This ma…
CVE-2026-0626
The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulner
01:31 KSA
The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpf_optin_form' shortcode in all versions up to, and including, 3.7.9 due to insufficient input sanitization and ou…
CVE-2026-0664
The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button_text' p
21:14 KSA
The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button_text' parameter in all versions up to, and including, 1.7.1049 due to insufficient input sanitization and output escaping. This makes it possible for authenticated att…
CVE-2026-0737
The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all
23:16 KSA
The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 7.4.7. This is due to insufficient input sanitization and output escaping in the 'src' attribute of the su_lightbox shortcode. Th…
CVE-2026-0738
The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the
01:31 KSA
The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the su_carousel shortcode in all versions up to, and including, 7.4.8. This is due to insufficient input sanitization and output escaping in the 'su_slide_link' at…
CVE-2026-2437
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Stored Cross-S
01:31 KSA
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wte_trip_tax' shortcode in all versions up to, and including, 6.7.5 due to insufficient input sanitization and output escaping o…
CVE-2026-2600
The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the
01:31 KSA
The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ekit_tab_title' parameter in the Simple Tab widget in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping on u…
CVE-2026-2924
The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Stored Cross-Sit
21:14 KSA
The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'imageLoad' parameter in versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. This makes it poss…
CVE-2026-2949
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the I
21:14 KSA
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Icon Box widget in versions up to, and including, 1.4.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated att…
CVE-2026-5470
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca6
19:04 KSA
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Mod…
CVE-2026-5472
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Th
19:04 KSA
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. The affected element is an unknown function of the file /admin_panel/settings.php of the component Profile Picture Handler. This manipulation of the argument File…
CVE-2026-5474
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw
19:04 KSA
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw/src/to_lab_passthru_encode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must h…
CVE-2016-20050
NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to c
01:31 KSA
NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overw…
CVE-2018-25252
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by in
03:38 KSA
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and past…
CVE-2018-25253
Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local att
03:38 KSA
Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language f…
CVE-2018-25247
MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts b
03:38 KSA
MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating posts or threads with unvalidated subject content. Attackers can craft post subjects containing script tags that execute when other users view the at…
CVE-2026-5475
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_
19:04 KSA
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through…
CVE-2017-20233
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correc
21:14 KSA
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers wit…
CVE-2026-34425
OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protection
19:04 KSA
OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protection that allows attackers to execute blocked script content by using piped or complex command forms that the parser fails to recognize. Attackers can craft commands…
CVE-2016-20051
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credenti
01:31 KSA
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that…
CVE-2016-20053
Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create admin
03:38 KSA
Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting malicious pages. Attackers can craft HTML forms targeting the users endpoint with…
CVE-2025-14938
The Listeo Core plugin for WordPress is vulnerable to unauthenticated arbitrary media upload in all versions up to, and
01:31 KSA
The Listeo Core plugin for WordPress is vulnerable to unauthenticated arbitrary media upload in all versions up to, and including, 2.0.27 via the "listeo_core_handle_dropped_media" function. This is due to missing authorization and capability checks on the AJAX endpoint handling …
CVE-2026-34511
OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it thr
21:14 KSA
OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it through the redirect URL. Attackers who capture the redirect URL can obtain both the authorization code and PKCE verifier, defeating PKCE protection and enabling t…
CVE-2026-5484
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the
21:14 KSA
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access control…
⚠️ استخبارات التهديدات
2 تهديد
rss:Dark Reading
—
08:00 KSA
<strong>تسميات الخصوصية غير المتسقة لا تخبر المستخدمين بما يحصلون عليه</strong>
تفتقر تسميات الخصوصية لتطبيقات الهاتف المحمول إلى الاتساق وتفشل في إبلاغ المستخدمين بشكل كافٍ عن ممارسات جمع البيانات. تحتاج أنظمة وضع العلامات الحالية للخصوصية إلى تحسين كبير لتوفير شفافية حقيقية لل…
rss:Malwarebytes Lab
—
02:28 KSA
<strong>عرض العمل المثالي من كوكاكولا أو فيراري؟ إنه فخ لسرقة كلمات المرور</strong>
حملة تصيد احتيالي تنتحل صفة عروض عمل من كوكاكولا وفيراري تستهدف بيانات اعتماد جوجل وفيسبوك. يستخدم المهاجمون مخططات توظيف وهمية لسرقة بيانات المصادقة واختراق حسابات وسائل التواصل الاجتماعي.
📰 أخبار الأمن السيبراني
0 مقال
لا توجد أخبار مجمّعة اليوم حتى الآن
يتم تحديث هذه النشرة تلقائياً يومياً — آخر تحديث: 04 Apr 2026
أرشيف الثغرات ·
التهديدات ·
الأخبار