🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-5718	The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbi…	HIGH	8.1	—	Apr 17, 2026
CVE-2026-3464	The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to i…	HIGH	8.8	—	Apr 17, 2026
CVE-2026-40901	DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below shi…	HIGH	8.8	⚡	Apr 16, 2026
CVE-2026-20204	In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform ve…	HIGH	7.1	—	Apr 15, 2026
CVE-2026-6227	The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the `block_name` paramet…	HIGH	7.2	—	Apr 14, 2026
CVE-2026-40040	Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to u…	HIGH	8.8	—	Apr 13, 2026
CVE-2026-33704	Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including stu…	HIGH	7.1	✅	Apr 10, 2026
CVE-2026-35639	OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve m…	HIGH	8.8	—	Apr 9, 2026
CVE-2026-35632	OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.up…	HIGH	7.1	⚡	Apr 9, 2026
CVE-2026-35625	OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-au…	HIGH	7.8	—	Apr 9, 2026
CVE-2026-5436	The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to …	HIGH	8.1	—	Apr 8, 2026
CVE-2026-4808	The Gerador de Certificados – DevApps plugin for WordPress is vulnerable to arbitrary file uploads d…	HIGH	7.2	—	Apr 8, 2026
CVE-2026-3243	The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to in…	HIGH	8.8	—	Apr 8, 2026
CVE-2026-30460	Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE…	HIGH	8.8	⚡	Apr 7, 2026
CVE-2026-22683	Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability that allows u…	HIGH	8.8	—	Apr 7, 2026
CVE-2026-22666	Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution vulnerabili…	HIGH	7.2	—	Apr 7, 2026
CVE-2026-35029	LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.…	HIGH	8.8	—	Apr 6, 2026
CVE-2019-25671	VA MAX 8.3.4 contains a remote code execution vulnerability that allows authenticated attackers to e…	HIGH	8.8	—	Apr 5, 2026
CVE-2025-59710	An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is …	HIGH	8.8	—	Apr 3, 2026
CVE-2026-4347	The MW WP Form plugin for WordPress is vulnerable to arbitrary fi… The MW WP Form plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file …	HIGH	8.1	—	Apr 2, 2026
CVE-2026-35056	XenForo before 2.3.9 and before 2.2.18 allows remote code executi… XenForo before 2.3.9 and before 2.2.18 allows remote code execution (RCE) by authenticated, but mali…	HIGH	7.2	—	Apr 1, 2026
CVE-2026-34545	OpenEXR provides the specification and reference implementation of the EXR file format, an image sto…	HIGH	7.3	⚡ ✅	Apr 1, 2026
CVE-2026-0522	A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allo…	HIGH	8.8	⚡	Apr 1, 2026
CVE-2026-34585	SiYuan is a personal knowledge management system. Prior to versio… SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows cra…	HIGH	8.6	⚡	Mar 31, 2026
CVE-2026-33028	Nginx UI is a web user interface for the Nginx web server. Prior … Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui appl…	HIGH	7.5	⚡	Mar 30, 2026

1 2 3…5 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8