🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-26077	Discourse is an open source discussion platform. Prior to version… Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0…	MEDIUM	6.5	—	Feb 26, 2026
CVE-2026-26207	Discourse is an open source discussion platform. Prior to version… Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0…	MEDIUM	5.4	—	Feb 26, 2026
CVE-2026-26228	VideoLAN VLC for Android prior to version 3.7.0 contains a path t… VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remot…	MEDIUM	4.9	—	Feb 26, 2026
CVE-2026-2677	Reflected Cross-Site Scripting (XSS) on the A3factura web platfor… Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factu…	MEDIUM	6.1	—	Feb 26, 2026
CVE-2026-2678	Reflected Cross-Site Scripting (XSS) on the A3factura web platfor… Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter '…	MEDIUM	6.1	—	Feb 26, 2026
CVE-2026-2679	Reflected Cross-Site Scripting (XSS) on the A3factura web platfor… Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in …	MEDIUM	6.1	—	Feb 26, 2026
CVE-2026-2680	Reflected Cross-Site Scripting (XSS) on the A3factura web platfor… Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerVATNumber'…	MEDIUM	6.1	—	Feb 26, 2026
CVE-2026-26932	Improper Validation of Array Index (CWE-129) in the PostgreSQL pr… Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lea…	MEDIUM	5.7	—	Feb 26, 2026
CVE-2026-26934	Improper Validation of Specified Quantity in Input (CWE-1284) in … Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated a…	MEDIUM	6.5	—	Feb 26, 2026
CVE-2026-26935	Improper Input Validation (CWE-20) in the internal Content Connec… Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can …	MEDIUM	6.5	—	Feb 26, 2026
CVE-2026-26936	Inefficient Regular Expression Complexity (CWE-1333) in the AI In… Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in Kib…	MEDIUM	4.9	—	Feb 26, 2026
CVE-2026-26937	Uncontrolled Resource Consumption (CWE-400) in the Timelion compo… Uncontrolled Resource Consumption (CWE-400) in the Timelion component in Kibana can lead Denial of S…	MEDIUM	6.5	—	Feb 26, 2026
CVE-2026-26973	Discourse is an open source discussion platform. Versions prior t… Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0…	MEDIUM	4.3	—	Feb 26, 2026
CVE-2026-27021	Discourse is an open source discussion platform. Prior to version… Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0…	MEDIUM	5.3	—	Feb 26, 2026
CVE-2026-27149	Discourse is an open source discussion platform. Prior to version… Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0…	MEDIUM	6.5	—	Feb 26, 2026
CVE-2026-27154	Discourse is an open source discussion platform. Prior to version… Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0…	MEDIUM	6.1	—	Feb 26, 2026
CVE-2026-27162	Discourse is an open source discussion platform. Prior to version… Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0…	MEDIUM	4.9	—	Feb 26, 2026
CVE-2026-27457	Weblate is a web based localization tool. Prior to version 5.16.1… Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's `AddonViewSet` (`w…	MEDIUM	4.3	✅	Feb 26, 2026
CVE-2026-27465	Fleet is open source device management software. In versions prio… Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fle…	MEDIUM	6.5	—	Feb 26, 2026
CVE-2026-27835	wger is a free, open-source workout and fitness manager. In versi… wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, `Repet…	MEDIUM	4.3	⚡ ✅	Feb 26, 2026
CVE-2026-27839	wger is a free, open-source workout and fitness manager. In versi… wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, three …	MEDIUM	4.3	⚡ ✅	Feb 26, 2026
CVE-2026-27963	Audiobookshelf is a self-hosted audiobook and podcast server. A s… Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) vu…	MEDIUM	4.8	⚡ ✅	Feb 26, 2026
CVE-2026-27974	Audiobookshelf is a self-hosted audiobook and podcast server. A c… Audiobookshelf is a self-hosted audiobook and podcast server. A cross-site scripting (XSS) vulnerabi…	MEDIUM	4.8	—	Feb 26, 2026
CVE-2026-28083	Improper Neutralization of Input During Web Page Generation ('Cro… Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i…	MEDIUM	6.5	—	Feb 26, 2026
CVE-2026-28131	Insertion of Sensitive Information Into Sent Data vulnerability i… Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon Elements …	MEDIUM	6.5	—	Feb 26, 2026

← 1…39 40 41 42 43 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8