🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-39355	Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnera…	CRITICAL	9.9	⚡ AI	Apr 7, 2026
CVE-2026-21861	baserCMS is a website development framework. Prior to version 5.2… baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command…	CRITICAL	9.1	⚡ AI	Mar 31, 2026
CVE-2026-33670	SiYuan Path Traversal Vulnerability in /api/file/readDir Interfac… SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir inte…	CRITICAL	9.8	⚡ AI	Mar 26, 2026
CVE-2026-33669	SiYuan Knowledge Management System Unauthorized Document Access v… SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieve…	CRITICAL	9.8	⚡ AI	Mar 26, 2026
CVE-2026-33152	Tandoor Recipes is an application for managing recipes, planning … Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists.…	CRITICAL	9.1	⚡ AI	Mar 26, 2026
CVE-2026-33502	WWBN AVideo is an open source video platform. In versions up to a… WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticat…	CRITICAL	9.3	⚡ ✅ AI	Mar 23, 2026
CVE-2026-33136	WeGIA is a web manager for charitable institutions. Versions 3.6.… WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-…	CRITICAL	9.3	⚡ ✅ AI	Mar 20, 2026
CVE-2026-33135	WeGIA is a web manager for charitable institutions. Versions 3.6.… WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-…	CRITICAL	9.3	⚡ ✅ AI	Mar 20, 2026
CVE-2026-28495	GetSimple CMS is a content management system. The massiveAdmin pl… GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpl…	CRITICAL	9.6	⚡ ✅ AI	Mar 10, 2026
CVE-2023-43000	Apple Multiple products Use-After-Free Vulnerability — Apple macO… Apple Multiple products Use-After-Free Vulnerability — Apple macOS, iOS, iPadOS, and Safari 16.6 con…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 5, 2026
CVE-2023-41974	Apple iOS and iPadOS Use-After-Free Vulnerability — Apple iOS and… Apple iOS and iPadOS Use-After-Free Vulnerability — Apple iOS and iPadOS contain a use-after-free vu…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 5, 2026
CVE-2021-30952	Apple Multiple Products Integer Overflow or Wraparound Vulnerabil… Apple Multiple Products Integer Overflow or Wraparound Vulnerability — Apple tvOS, macOS, Safari, iP…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 5, 2026
CVE-2021-22681	Rockwell Multiple Products Insufficient Protected Credentials Vul… Rockwell Multiple Products Insufficient Protected Credentials Vulnerability — Multiple Rockwell prod…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 5, 2026
CVE-2017-7921	Hikvision Multiple Products Improper Authentication Vulnerability… Hikvision Multiple Products Improper Authentication Vulnerability — Multiple Hikvision products cont…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 5, 2026
CVE-2026-3301	Critical OS Command Injection Vulnerability in Totolink N300RH Ro… A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnera…	CRITICAL	9.8	⚡ ✅ AI	Feb 27, 2026
CVE-2026-28370	Critical Code Injection Vulnerability in OpenStack Vitrage Query … In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed t…	CRITICAL	9.1	⚡ ✅ AI	Feb 27, 2026
CVE-2026-28215	hoppscotch is an open source API development ecosystem. Prior to … hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticate…	CRITICAL	9.1	⚡ ✅ AI	Feb 26, 2026
CVE-2026-20127	Critical Authentication Bypass Vulnerability in Cisco Catalyst SD… Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability — Cisco Catalyst SD…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 25, 2026
CVE-2022-20775	Cisco SD-WAN Path Traversal Vulnerability Allowing Privilege Esca… Cisco SD-WAN Path Traversal Vulnerability — Cisco SD-WAN CLI contains a path traversal vulnerability…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 25, 2026
CVE-2026-25108	Soliton Systems K.K FileZen OS Command Injection Vulnerability (C… Soliton Systems K.K FileZen OS Command Injection Vulnerability — Soliton Systems K.K FileZen contain…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 24, 2026
CVE-2026-27574	Critical Sandbox Escape Vulnerability in OneUptime Monitoring Pla… OneUptime is a solution for monitoring and managing online services. In versions 9.5.13 and below, c…	CRITICAL	9.9	⚡ ✅ AI	Feb 21, 2026
CVE-2025-68461	RoundCube Webmail Critical Cross-Site Scripting Vulnerability via… RoundCube Webmail Cross-site Scripting Vulnerability — RoundCube Webmail contains a cross-site scrip…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 20, 2026
CVE-2025-49113	RoundCube Webmail Deserialization of Untrusted Data Vulnerability… RoundCube Webmail Deserialization of Untrusted Data Vulnerability — RoundCube Webmail contains a des…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 20, 2026
CVE-2026-22769	Dell RecoverPoint for Virtual Machines Critical Hard-coded Creden… Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability — Dell R…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 18, 2026
CVE-2021-22175	GitLab Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021… GitLab Server-Side Request Forgery (SSRF) Vulnerability — GitLab contains a server-side request forg…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 18, 2026

1 2 3…63 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8