🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-21513	Microsoft MSHTML Framework Protection Mechanism Failure Vulnerabi… Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability — Microsoft MSHTML Framework c…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 10, 2026
CVE-2026-21510	Microsoft Windows Shell Protection Mechanism Failure Vulnerabilit… Microsoft Windows Shell Protection Mechanism Failure Vulnerability — Microsoft Windows Shell contain…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 10, 2026
CVE-2026-24423	SmarterTools SmarterMail Missing Authentication for Critical Func… SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability — SmarterTools S…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 5, 2026
CVE-2025-11953	Critical OS Command Injection Vulnerability in React Native Commu… React Native Community CLI OS Command Injection Vulnerability — React Native Community CLI contains …	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 5, 2026
CVE-2026-25539	CVE-2026-25539: Path Traversal Vulnerability in SiYuan Knowledge … SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile end…	CRITICAL	9.1	⚡ ✅ AI	Feb 4, 2026
CVE-2026-25160	Critical TLS Certificate Verification Bypass in Alist File Manage… Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to v…	CRITICAL	9.1	⚡ ✅ AI	Feb 4, 2026
CVE-2026-25510	CVE-2026-25510: Remote Code Execution via File Editor in CI4MS CM… CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture w…	CRITICAL	9.9	⚡ ✅ AI	Feb 3, 2026
CVE-2025-70841	Critical Authentication Bypass and Sensitive Data Exposure in Dok… Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to …	CRITICAL	10.0	⚡ ✅ AI	Feb 3, 2026
CVE-2025-64328	Sangoma FreePBX OS Command Injection Vulnerability (CVE-2025-6432… Sangoma FreePBX OS Command Injection Vulnerability — Sangoma FreePBX Endpoint Manager contains an OS…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 3, 2026
CVE-2025-40551	SolarWinds Web Help Desk Critical Deserialization Vulnerability E… SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability — SolarWinds Web Help Desk …	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 3, 2026
CVE-2021-39935	GitLab CI Lint API Server-Side Request Forgery Vulnerability (CVE… GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability — GitLab C…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 3, 2026
CVE-2020-37082	WebERP 4.15.1 Unauthenticated Database Backup File Access Vulnera… webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to …	CRITICAL	9.8	⚡ ✅ AI	Feb 3, 2026
CVE-2019-19006	Sangoma FreePBX Improper Authentication Vulnerability (CVE-2019-1… Sangoma FreePBX Improper Authentication Vulnerability — Sangoma FreePBX contains an improper authen…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 3, 2026
CVE-2026-23515	Critical Command Injection Vulnerability in Signal K Server (CVE-… Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a comm…	CRITICAL	9.9	⚡ ✅ AI	Feb 2, 2026
CVE-2026-0963	Critical Path Traversal Vulnerability in Crafty Controller File O… An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Contro…	CRITICAL	9.9	✅ AI	Jan 30, 2026
CVE-2026-1281	Ivanti Endpoint Manager Mobile (EPMM) Unauthenticated Remote Code… Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability — Ivanti Endpoint Manager Mobile …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 29, 2026
CVE-2026-24897	Critical Path Traversal Vulnerability in Erugo File-Sharing Platf… Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticat…	CRITICAL	10.0	⚡ ✅ AI	Jan 28, 2026
CVE-2026-24858	Critical Authentication Bypass Vulnerability in Fortinet Multiple… Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability — …	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 27, 2026
CVE-2026-24736	Critical SSRF Vulnerability in Squidex CMS Webhook Configuration … Squidex is an open source headless content management system and content management hub. Versions of…	CRITICAL	9.1	⚡ ✅ AI	Jan 27, 2026
CVE-2026-24061	GNU InetUtils Telnetd Argument Injection Vulnerability - Remote A… GNU InetUtils Argument Injection Vulnerability — GNU InetUtils contains an argument injection vulner…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 26, 2026
CVE-2026-23760	SmarterTools SmarterMail Critical Authentication Bypass Vulnerabi… SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability — Sm…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 26, 2026
CVE-2026-21509	CVE-2026-21509: Microsoft Office Security Feature Bypass Vulnerab… Microsoft Office Security Feature Bypass Vulnerability — Microsoft Office contains a security featur…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 26, 2026
CVE-2025-52691	SmarterTools SmarterMail Critical Unrestricted File Upload Vulner… SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability — SmarterTool…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 26, 2026
CVE-2018-14634	Linux Kernel Integer Overflow Privilege Escalation Vulnerability … Linux Kernel Integer Overflow Vulnerability — Linux Kernel contains an integer overflow vulnerabilit…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 26, 2026
CVE-2026-24304	Critical Privilege Escalation in Microsoft Azure Resource Manager… Improper access control in Azure Resource Manager allows an authorized attacker to elevate privilege…	CRITICAL	9.9	✅ AI	Jan 23, 2026

← 1…3 4 5 6 7…66 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8