🛡️ قاعدة بيانات الثغرات الأمنية

ثغرات CVE مع تحليل AI ثنائي اللغة خاص بالمملكة العربية السعودية

المعرّف	العنوان / الوصف	الخطورة	CVSS	الحالة	النشر
CVE-2025-9572	n authorization flaw in Foreman's GraphQL API allows low-privileg… n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond …	MEDIUM	5.0	—	فبراير 27, 2026
CVE-2025-9907	A flaw was found in the Red Hat Ansible Automation Platform, Even… A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream…	MEDIUM	6.7	—	فبراير 27, 2026
CVE-2025-9908	A flaw was found in the Red Hat Ansible Automation Platform, Even… A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream…	MEDIUM	6.7	—	فبراير 27, 2026
CVE-2025-9909	A flaw was found in the Red Hat Ansible Automation Platform Gatew… A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This v…	MEDIUM	6.7	—	فبراير 27, 2026
CVE-2026-0871	A flaw was found in Keycloak. An administrator with `manage-users… A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only a…	MEDIUM	4.9	—	فبراير 27, 2026
CVE-2026-1305	The Japanized for WooCommerce plugin for WordPress is vulnerable … The Japanized for WooCommerce plugin for WordPress is vulnerable to Improper Authentication in versi…	MEDIUM	5.3	—	فبراير 27, 2026
CVE-2026-1434	Omega-PSIR is vulnerable to Reflected XSS via the lang parameter.… Omega-PSIR is vulnerable to Reflected XSS via the lang parameter. An attacker can craft a malicious …	MEDIUM	6.1	—	فبراير 27, 2026
CVE-2026-1558	The WP Recipe Maker plugin for WordPress is vulnerable to an Inse… The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference (IDOR)…	MEDIUM	5.3	—	فبراير 27, 2026
CVE-2026-1626	An attacker may exploit the use of weak CBC-based cipher suites i… An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to poten…	MEDIUM	6.5	—	فبراير 27, 2026
CVE-2026-1627	An attacker may exploit the use of outdated and weak MAC algorith… An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to p…	MEDIUM	6.5	—	فبراير 27, 2026
CVE-2026-20733	Charging station authentication identifiers are publicly accessib… Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	MEDIUM	6.5	—	فبراير 27, 2026
CVE-2026-20797	A stack based buffer overflow exists in an API route of XWEB Pro … A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling…	MEDIUM	4.3	—	فبراير 27, 2026
CVE-2026-21619	Uncontrolled Resource Consumption, Deserialization of Untrusted D… Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-21654	Improper Neutralization of Special Elements used in an OS Command… Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-21656	Improper Control of Generation of Code ('Code Injection') vulnera… Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Co…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-21657	Improper Control of Generation of Code ('Code Injection') vulnera… Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Co…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-21658	Unauthenticated Remote Code Execution i.e Improper Control of Gen… Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') …	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-21659	Unauthenticated Remote Code Execution and Information Disclosure … Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) v…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-21660	Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-2… Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-22716	Out-of-bound write vulnerability in VMware Workstation 25H1 and b… Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an acto…	MEDIUM	5.0	—	فبراير 27, 2026
CVE-2026-22878	Charging station authentication identifiers are publicly accessib… Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	MEDIUM	6.5	—	فبراير 27, 2026
CVE-2026-22890	Charging station authentication identifiers are publicly accessib… Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	MEDIUM	6.5	—	فبراير 27, 2026
CVE-2026-2293	A NestJS application using @nestjs/platform-fastify can allow byp… A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-2359	Multer is a node.js middleware for handling `multipart/form-data`… Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior t…	MEDIUM	—	—	فبراير 27, 2026
CVE-2026-2362	The WP Accessibility plugin for WordPress is vulnerable to Stored… The WP Accessibility plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via…	MEDIUM	6.4	—	فبراير 27, 2026