🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2024-37079	Broadcom VMware vCenter Server Out-of-Bounds Write Vulnerability … Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability — Broadcom VMware vCenter Server co…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 23, 2026
CVE-2026-24307	Critical Input Validation Flaw in Microsoft 365 Copilot Enables I… Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to di…	CRITICAL	9.3	✅ AI	Jan 22, 2026
CVE-2025-68645	Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusio… Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability — Synacor Zimbra Co…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 22, 2026
CVE-2025-54313	Prettier eslint-config-prettier Embedded Malicious Code Vulnerabi… Prettier eslint-config-prettier Embedded Malicious Code Vulnerability — Prettier eslint-config-prett…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 22, 2026
CVE-2025-34026	Versa Concerto SD-WAN Improper Authentication Vulnerability (CVE-… Versa Concerto Improper Authentication Vulnerability — Versa Concerto SD-WAN orchestration platform …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 22, 2026
CVE-2025-31125	Vite Vitejs Improper Access Control Vulnerability (CVE-2025-31125… Vite Vitejs Improper Access Control Vulnerability — Vite Vitejs contains an improper access control …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 22, 2026
CVE-2026-20045	Cisco Unified Communications Products Critical Code Injection Vul… Cisco Unified Communications Products Code Injection Vulnerability — Cisco Unified Communications Ma…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 21, 2026
CVE-2025-53912	CVE-2025-53912: Critical Arbitrary File Read Vulnerability in Med… An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Pr…	CRITICAL	9.6	⚡ ✅ AI	Jan 20, 2026
CVE-2026-23836	HotCRP Critical Remote Code Execution via Formula Injection (CVE-… HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inade…	CRITICAL	9.9	✅ AI	Jan 19, 2026
CVE-2026-23523	Critical Code Injection in Dive MCP Host via Malicious Deeplink C… Dive is an open-source MCP Host Desktop Application that enables integration with function-calling L…	CRITICAL	9.6	⚡ ✅ AI	Jan 16, 2026
CVE-2026-23520	Critical Command Injection Vulnerability in Arcane Docker Managem… Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the upd…	CRITICAL	9.0	⚡ ✅ AI	Jan 15, 2026
CVE-2026-20805	CVE-2026-20805: Microsoft Windows Desktop Window Manager Critical… Microsoft Windows Information Disclosure Vulnerability — Microsoft Windows Desktop Windows Manager c…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 13, 2026
CVE-2026-0500	SAP Wily Introscope Enterprise Manager Critical Remote Code Execu… Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (Work…	CRITICAL	9.6	✅ AI	Jan 13, 2026
CVE-2026-0498	Critical Code Injection Backdoor in SAP S/4HANA RFC Function Modu… SAP S/4HANA (Private Cloud and On-Premise) allows an attacker with admin privileges to exploit a vul…	CRITICAL	9.1	✅ AI	Jan 13, 2026
CVE-2026-22794	CVE-2026-22794: Origin Header Injection Leading to Account Takeov… Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the ser…	CRITICAL	9.6	⚡ ✅ AI	Jan 12, 2026
CVE-2026-22783	CVE-2026-22783: Critical Arbitrary File Deletion Vulnerability in… Iris is a web collaborative platform that helps incident responders share technical details during i…	CRITICAL	9.6	✅ AI	Jan 12, 2026
CVE-2025-8110	Gogs Path Traversal Vulnerability Leading to Remote Code Executio… Gogs Path Traversal Vulnerability — Gogs contains a path traversal vulnerability affecting improper …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 12, 2026
CVE-2026-22688	Critical Command Injection Vulnerability in Tencent WeKnora LLM F… WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval.…	CRITICAL	9.9	⚡ ✅ AI	Jan 10, 2026
CVE-2025-64090	Critical Command Injection Vulnerability in Zenitel TCIS-3 Firmwa… This vulnerability allows authenticated attackers to execute commands via the hostname of the device…	CRITICAL	10.0	✅ AI	Jan 9, 2026
CVE-2025-69222	LibreChat SSRF Vulnerability Allows Internal Network Access via A… LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side r…	CRITICAL	9.1	⚡ ✅ AI	Jan 7, 2026
CVE-2025-37164	HPE OneView Critical Code Injection Vulnerability Enabling Remote… Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability — Hewlett Packard Enterprise (…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 7, 2026
CVE-2009-0556	Microsoft PowerPoint Remote Code Execution via OutlineTextRefAtom… Microsoft Office PowerPoint Code Injection Vulnerability — Microsoft Office PowerPoint contains a co…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 7, 2026
CVE-2025-64420	CVE-2025-64420: Critical Privilege Escalation via Private Key Exp… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	CRITICAL	9.9	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64419	Critical Command Injection in Coolify Docker Compose Allows Root … Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	CRITICAL	9.6	⚡ ✅ AI	Jan 5, 2026
CVE-2025-59157	Critical Command Injection Vulnerability in Coolify Git Repositor… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	CRITICAL	9.9	⚡ ✅ AI	Jan 5, 2026

← 1…4 5 6 7 8…66 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,738 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8