🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-0560	A Server-Side Request Forgery (SSRF) vulnerability exists in pari… A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0…	HIGH	7.5	⚡ ✅	Mar 29, 2026
CVE-2026-25099	Bludit’s API plugin allows an authenticated attacker with a valid… Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any t…	HIGH	8.8	—	Mar 27, 2026
CVE-2026-3328	The Frontend Admin by DynamiApps plugin for WordPress is vulnerab… The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to PHP Object Injection via dese…	HIGH	7.2	—	Mar 26, 2026
CVE-2023-7338	Ruckus Unleashed contains a remote code execution vulnerability i… Ruckus Unleashed contains a remote code execution vulnerability in the web-based management interfac…	HIGH	7.5	—	Mar 26, 2026
CVE-2026-3533	The Jupiter X Core plugin for WordPress is vulnerable to limited … The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authori…	HIGH	8.8	—	Mar 24, 2026
CVE-2026-33509	pyLoad is a free and open-source download manager written in Pyth… pyLoad is a free and open-source download manager written in Python. From version 0.4.0 to before ve…	HIGH	7.5	⚡	Mar 24, 2026
CVE-2026-33336	Vikunja is an open-source self-hosted task management platform. S… Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior…	HIGH	8.8	⚡	Mar 24, 2026
CVE-2026-33157	Craft CMS is a content management system (CMS). From version 5.6.… Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.13, a Remot…	HIGH	7.2	⚡ ✅	Mar 24, 2026
CVE-2025-33247	NVIDIA Megatron LM contains a vulnerability in quantization confi… NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow…	HIGH	7.8	—	Mar 24, 2026
CVE-2019-25647	PhreeBooks ERP 5.2.3 contains a remote code execution vulnerabili… PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows…	HIGH	8.8	⚡	Mar 24, 2026
CVE-2025-10679	The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Re… The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Sche…	HIGH	7.3	—	Mar 23, 2026
CVE-2026-3854	An improper neutralization of special elements vulnerability was … An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Ser…	HIGH	8.8	✅	Mar 10, 2026
CVE-2026-3037	An OS command injection vulnerability exists in XWEB Pro version … An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an auth…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-28364	In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read i… In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/…	HIGH	7.9	✅	Feb 27, 2026
CVE-2026-25721	An OS command injection vulnerability exists in XWEB Pro version… An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an aut…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-25196	An OS command injection vulnerability exists in XWEB Pro version… An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an aut…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-25105	An OS command injection vulnerability exists in XWEB Pro ve… An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-25037	An OS command injection vulnerability exists in XWEB Pro versio… An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-24452	An OS command injection vulnerability exists in XWEB Pro versio… An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-23702	An OS command injection vulnerability exists in XWEB Pro version… An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an aut…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-20764	An OS command injection vulnerability exists in XWEB Pro version… An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an aut…	HIGH	8.0	✅	Feb 27, 2026
CVE-2026-0980	A flaw was found in rubyipmi, a gem used in the Baseboard Managem… A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of R…	HIGH	8.3	✅	Feb 27, 2026
CVE-2026-22206	SPIP versions prior to 4.4.10 contain a SQL injection vulnerabili… SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-pr…	HIGH	8.8	✅	Feb 26, 2026
CVE-2026-1565	The User Frontend: AI Powered Frontend Posting, User Directory, P… The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registrat…	HIGH	8.8	✅	Feb 26, 2026
CVE-2026-1311	The Worry Proof Backup plugin for WordPress is vulnerable to Path… The Worry Proof Backup plugin for WordPress is vulnerable to Path Traversal in all versions up to, a…	HIGH	8.8	✅	Feb 26, 2026

← 1 2 3 4 5 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8