🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-40901	DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below shi…	HIGH	8.8	⚡	Apr 16, 2026
CVE-2026-35632	OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.up…	HIGH	7.1	⚡	Apr 9, 2026
CVE-2026-30460	Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE…	HIGH	8.8	⚡	Apr 7, 2026
CVE-2026-34545	OpenEXR provides the specification and reference implementation of the EXR file format, an image sto…	HIGH	7.3	⚡ ✅	Apr 1, 2026
CVE-2026-0522	A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allo…	HIGH	8.8	⚡	Apr 1, 2026
CVE-2026-34585	SiYuan is a personal knowledge management system. Prior to versio… SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows cra…	HIGH	8.6	⚡	Mar 31, 2026
CVE-2026-33028	Nginx UI is a web user interface for the Nginx web server. Prior … Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui appl…	HIGH	7.5	⚡	Mar 30, 2026
CVE-2026-0560	A Server-Side Request Forgery (SSRF) vulnerability exists in pari… A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0…	HIGH	7.5	⚡ ✅	Mar 29, 2026
CVE-2026-33509	pyLoad is a free and open-source download manager written in Pyth… pyLoad is a free and open-source download manager written in Python. From version 0.4.0 to before ve…	HIGH	7.5	⚡	Mar 24, 2026
CVE-2026-33336	Vikunja is an open-source self-hosted task management platform. S… Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior…	HIGH	8.8	⚡	Mar 24, 2026
CVE-2026-33157	Craft CMS is a content management system (CMS). From version 5.6.… Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.13, a Remot…	HIGH	7.2	⚡ ✅	Mar 24, 2026
CVE-2019-25647	PhreeBooks ERP 5.2.3 contains a remote code execution vulnerabili… PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows…	HIGH	8.8	⚡	Mar 24, 2026
CVE-2026-28495	GetSimple CMS is a content management system. The massiveAdmin pl… GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpl…	CRITICAL	9.6	⚡ ✅ AI	Mar 10, 2026
CVE-2026-28208	Junrar is an open source java RAR archive library. Prior to versi… Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversa…	MEDIUM	5.9	⚡ ✅	Feb 26, 2026
CVE-2026-22719	VMware Aria Operations contains a command injection vulnerability… VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor…	HIGH	8.1	⚡ ✅ KEV	Feb 25, 2026
CVE-2025-49113	RoundCube Webmail Deserialization of Untrusted Data Vulnerability… RoundCube Webmail Deserialization of Untrusted Data Vulnerability — RoundCube Webmail contains a des…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 20, 2026
CVE-2008-0015	Microsoft Windows Video ActiveX Control Remote Code Execution Vul… Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability — Microsoft Windows Vid…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 17, 2026
CVE-2026-25924	Kanboard is project management software focused on Kanban methodo… Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security c…	HIGH	8.4	⚡ ✅	Feb 11, 2026
CVE-2026-25498	Craft is a platform for creating digital experiences. In versions… Craft is a platform for creating digital experiences. In versions 4.0.0-RC1 through 4.16.17 and 5.0.…	HIGH	7.2	⚡ ✅	Feb 9, 2026
CVE-2026-25539	CVE-2026-25539: Path Traversal Vulnerability in SiYuan Knowledge … SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile end…	CRITICAL	9.1	⚡ ✅ AI	Feb 4, 2026
CVE-2026-25512	Group-Office is an enterprise customer relationship management an… Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions…	HIGH	8.8	⚡ ✅	Feb 4, 2026
CVE-2026-25510	CVE-2026-25510: Remote Code Execution via File Editor in CI4MS CM… CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w…	CRITICAL	9.9	⚡ ✅ AI	Feb 3, 2026
CVE-2025-40551	SolarWinds Web Help Desk Critical Deserialization Vulnerability E… SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability — SolarWinds Web Help Desk …	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 3, 2026
CVE-2020-37113	GUnet OpenEclass 1.7.3 allows authenticated users to bypass file … GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when uploadi…	HIGH	8.8	⚡ ✅	Feb 3, 2026
CVE-2020-37084	School ERP Pro 1.0 contains a remote code execution vulnerability… School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin us…	HIGH	7.2	⚡ ✅	Feb 3, 2026

1 2 3…19 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8