🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2020-36922	Sony BRAVIA Digital Signage API Information Disclosure Vulnerabil… Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unaut…	HIGH	7.5	⚡ ✅ AI	Jan 6, 2026
CVE-2020-36921	RED-V Digital Signage Unauthenticated Log File Disclosure Vulnera… RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allow…	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2020-36917	iDS6 DSSPro Digital Signage Cleartext Credential Transmission Vul… iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability tha…	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2020-36914	QiHang Media Web Digital Signage Cleartext Credential Transmissio… QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability tha…	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2020-36910	Cayin Signage Media Player 3.0 Authenticated Remote Command Injec… Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in s…	HIGH	8.8	✅ AI	Jan 6, 2026
CVE-2020-36907	Aerohive HiveOS NetConfig UI Denial of Service Vulnerability (CVE… Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthent…	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2020-36905	FIBARO Home Center Remote File Inclusion Vulnerability (CVE-2020-… FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented p…	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2026-0621	ReDoS Vulnerability in Anthropic MCP TypeScript SDK URI Template … Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression deni…	HIGH	7.5	⚡ ✅ AI	Jan 5, 2026
CVE-2026-0589	Authentication Bypass in Online Product Reservation System 1.0 Ad… A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unk…	HIGH	7.3	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68547	Critical Authorization Bypass in WPweb Follow My Blog Post WordPr… Missing Authorization vulnerability in WPweb Follow My Blog Post allows Exploiting Incorrectly Confi…	HIGH	7.5	✅ AI	Jan 5, 2026
CVE-2025-68455	Craft CMS Authenticated Remote Code Execution via Malicious Behav… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	7.2	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68454	Craft CMS Authenticated Remote Code Execution via Twig SSTI (CVE-… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68428	jsPDF Node.js Local File Inclusion Vulnerability (CVE-2025-68428) jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first…	HIGH	7.5	✅ AI	Jan 5, 2026
CVE-2025-66518	Apache Kyuubi Path Traversal Vulnerability Allows Unauthorized Lo… Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-si…	HIGH	8.8	✅ AI	Jan 5, 2026
CVE-2025-64425	Coolify Host Header Injection Enables Password Reset Token Theft … Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.1	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64424	Critical Command Injection in Coolify Server Management Platform … Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64423	Coolify Privilege Escalation via Invitation Link Hijacking (CVE-2… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64421	Coolify Privilege Escalation via Improper Authorization (CVE-2025… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.0	⚡ ✅ AI	Jan 5, 2026
CVE-2025-59158	Coolify Stored XSS Vulnerability Enables Privilege Escalation via… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.0	⚡ ✅ AI	Jan 5, 2026
CVE-2025-59156	Critical RCE Vulnerability in Coolify Docker Compose Deployment A… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-15462	UTT 520W Router Buffer Overflow Vulnerability (CVE-2025-15462) A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy o…	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-15456	MiniCMS Authentication Bypass Vulnerability in Page Editor (CVE-2… A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown funct…	HIGH	7.3	⚡ ✅ AI	Jan 5, 2026
CVE-2025-15240	QOCA aim AI Medical Cloud Platform Arbitrary File Upload Vulnerab… QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnera…	HIGH	8.8	✅ AI	Jan 5, 2026
CVE-2025-52863	QNAP QTS/QuTS Hero Buffer Overflow Vulnerability Enables Memory M… A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. …	HIGH	8.1	✅ AI	Jan 2, 2026

← 1 2 3 4

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8