🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2025-64423	Coolify Privilege Escalation via Invitation Link Hijacking (CVE-2… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64424	Critical Command Injection in Coolify Server Management Platform … Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64425	Coolify Host Header Injection Enables Password Reset Token Theft … Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.1	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68454	Craft CMS Authenticated Remote Code Execution via Twig SSTI (CVE-… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68455	Craft CMS Authenticated Remote Code Execution via Malicious Behav… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	7.2	⚡ ✅ AI	Jan 5, 2026
CVE-2026-0589	Authentication Bypass in Online Product Reservation System 1.0 Ad… A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unk…	HIGH	7.3	⚡ ✅ AI	Jan 5, 2026
CVE-2026-0621	ReDoS Vulnerability in Anthropic MCP TypeScript SDK URI Template … Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression deni…	HIGH	7.5	⚡ ✅ AI	Jan 5, 2026
CVE-2025-15428	A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affec… A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the f…	HIGH	8.8	⚡ ✅	Jan 2, 2026
CVE-2025-15429	A security vulnerability has been detected in UTT 进取 512W 1.7.7-1… A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerabili…	HIGH	8.8	⚡ ✅	Jan 2, 2026
CVE-2025-69414	Plex Media Server Permanent Token Exposure via Transient Token Es… Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent access token via a /myp…	HIGH	8.5	⚡ ✅	Jan 2, 2026
CVE-2025-69415	Plex Media Server Device Token Authentication Bypass Vulnerabilit… In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device tok…	HIGH	7.1	⚡ ✅	Jan 2, 2026
CVE-2026-21449	Bagisto is an open source laravel eCommerce platform. Versions pr… Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to ser…	HIGH	8.8	⚡ ✅	Jan 2, 2026
CVE-2026-21451	Stored XSS Vulnerability in Bagisto CMS Page Editor Allows Admin … Bagisto is an open source laravel eCommerce platform. A stored Cross-Site Scripting (XSS) vulnerabil…	HIGH	8.4	⚡ ✅	Jan 2, 2026
CVE-2025-68619	Signal K Server Arbitrary Code Execution via Malicious npm Packag… Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19…	HIGH	7.2	⚡ ✅	Jan 1, 2026
CVE-2026-21428	cpp-httplib is a C++11 single-file header-only cross platform HTT… cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0…	HIGH	7.5	⚡ ✅	Jan 1, 2026

← 1…15 16 17

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8