🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-28495	GetSimple CMS is a content management system. The massiveAdmin pl… GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpl…	CRITICAL	9.6	⚡ ✅ AI	Mar 10, 2026
CVE-2025-49113	RoundCube Webmail Deserialization of Untrusted Data Vulnerability… RoundCube Webmail Deserialization of Untrusted Data Vulnerability — RoundCube Webmail contains a des…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 20, 2026
CVE-2008-0015	Microsoft Windows Video ActiveX Control Remote Code Execution Vul… Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability — Microsoft Windows Vid…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 17, 2026
CVE-2026-25539	CVE-2026-25539: Path Traversal Vulnerability in SiYuan Knowledge … SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile end…	CRITICAL	9.1	⚡ ✅ AI	Feb 4, 2026
CVE-2026-25510	CVE-2026-25510: Remote Code Execution via File Editor in CI4MS CM… CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w…	CRITICAL	9.9	⚡ ✅ AI	Feb 3, 2026
CVE-2025-40551	SolarWinds Web Help Desk Critical Deserialization Vulnerability E… SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability — SolarWinds Web Help Desk …	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 3, 2026
CVE-2026-1281	Ivanti Endpoint Manager Mobile (EPMM) Unauthenticated Remote Code… Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability — Ivanti Endpoint Manager Mobile …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 29, 2026
CVE-2026-24897	Critical Path Traversal Vulnerability in Erugo File-Sharing Platf… Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticat…	CRITICAL	10.0	⚡ ✅ AI	Jan 28, 2026
CVE-2025-52691	SmarterTools SmarterMail Critical Unrestricted File Upload Vulner… SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability — SmarterTool…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 26, 2026
CVE-2024-37079	Broadcom VMware vCenter Server Out-of-Bounds Write Vulnerability … Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability — Broadcom VMware vCenter Server co…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 23, 2026
CVE-2025-8110	Gogs Path Traversal Vulnerability Leading to Remote Code Executio… Gogs Path Traversal Vulnerability — Gogs contains a path traversal vulnerability affecting improper …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 12, 2026
CVE-2026-22244	OpenMetadata Server-Side Template Injection Enables Remote Code E… OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code …	HIGH	7.2	⚡ ✅ AI	Jan 8, 2026
CVE-2026-22241	Critical File Upload Vulnerability in Open eClass Platform Enable… The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Pr…	HIGH	7.2	⚡ ✅ AI	Jan 8, 2026
CVE-2025-69262	Critical Command Injection in pnpm Package Manager via Environmen… pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability wh…	HIGH	7.5	⚡ ✅ AI	Jan 7, 2026
CVE-2025-37164	HPE OneView Critical Code Injection Vulnerability Enabling Remote… Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability — Hewlett Packard Enterprise (…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 7, 2026
CVE-2009-0556	Microsoft PowerPoint Remote Code Execution via OutlineTextRefAtom… Microsoft Office PowerPoint Code Injection Vulnerability — Microsoft Office PowerPoint contains a co…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 7, 2026
CVE-2025-68455	Craft CMS Authenticated Remote Code Execution via Malicious Behav… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	7.2	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68454	Craft CMS Authenticated Remote Code Execution via Twig SSTI (CVE-… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-59156	Critical RCE Vulnerability in Coolify Docker Compose Deployment A… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-66398	Signal K Server Critical Path Traversal Leading to RCE via Backup… Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.…	CRITICAL	9.6	⚡ ✅ AI	Jan 1, 2026
CVE-2025-55182	Meta React Server Components Remote Code Execution Vulnerability … Meta React Server Components Remote Code Execution Vulnerability — Meta React Server Components cont…	CRITICAL	9.0	⚡ ✅ KEV AI	Dec 5, 2025
CVE-2025-9242	WatchGuard Firebox Out-of-Bounds Write Vulnerability Enabling Rem… WatchGuard Firebox Out-of-Bounds Write Vulnerability — WatchGuard Firebox contains an out-of-bounds …	CRITICAL	9.0	⚡ ✅ KEV AI	Nov 12, 2025
CVE-2025-48703	CWP Control Web Panel Critical OS Command Injection Vulnerability… CWP Control Web Panel OS Command Injection Vulnerability — CWP Control Web Panel (formerly CentOS We…	CRITICAL	9.0	⚡ ✅ KEV AI	Nov 4, 2025
CVE-2025-24893	XWiki Platform Eval Injection Vulnerability Enabling Remote Code … XWiki Platform Eval Injection Vulnerability — XWiki Platform contains an eval injection vulnerabilit…	CRITICAL	9.0	⚡ ✅ KEV AI	Oct 30, 2025
CVE-2025-59287	Microsoft Windows Server Update Service (WSUS) Deserialization Re… Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability — Mic…	CRITICAL	9.0	⚡ ✅ KEV AI	Oct 24, 2025

1 2 3…17 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8