🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-40918	A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can le…	MEDIUM	5.5	—	Apr 15, 2026
CVE-2026-40917	A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function…	MEDIUM	5.0	—	Apr 15, 2026
CVE-2026-40916	A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decod…	MEDIUM	5.0	—	Apr 15, 2026
CVE-2026-40915	A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the F…	MEDIUM	5.5	—	Apr 15, 2026
CVE-2026-4091	The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up t…	MEDIUM	6.1	—	Apr 15, 2026
CVE-2026-40500	ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the…	MEDIUM	6.8	—	Apr 15, 2026
CVE-2026-4011	The Power Charts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id'…	MEDIUM	6.4	—	Apr 15, 2026
CVE-2026-4005	The Coachific Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'u…	MEDIUM	6.4	—	Apr 15, 2026
CVE-2026-3998	The WM JqMath plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' shor…	MEDIUM	6.4	—	Apr 15, 2026
CVE-2026-3659	The WP Circliful plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shor…	MEDIUM	6.4	—	Apr 15, 2026
CVE-2026-3649	The Katalogportal PDF Sync plugin for WordPress is vulnerable to Missing Authorization in all versio…	MEDIUM	5.3	—	Apr 15, 2026
CVE-2026-3642	The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions…	MEDIUM	5.3	—	Apr 15, 2026
CVE-2026-5717	The VI: Include Post By plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c…	MEDIUM	6.4	—	Apr 15, 2026
CVE-2026-6245	A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() fu…	MEDIUM	5.5	—	Apr 15, 2026
CVE-2026-6383	A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization …	MEDIUM	5.4	—	Apr 15, 2026
CVE-2026-6385	A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specia…	MEDIUM	6.5	—	Apr 15, 2026
CVE-2026-27679	Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Stru…	MEDIUM	6.5	—	Apr 14, 2026
CVE-2026-27678	Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Struc…	MEDIUM	6.5	—	Apr 14, 2026
CVE-2026-27677	Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), a…	MEDIUM	6.5	—	Apr 14, 2026
CVE-2026-27674	Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an…	MEDIUM	6.1	—	Apr 14, 2026
CVE-2026-27301	Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerabil…	MEDIUM	5.5	—	Apr 14, 2026
CVE-2026-27300	Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vuln…	MEDIUM	5.5	—	Apr 14, 2026
CVE-2026-27299	Adobe Framemaker versions 2022.8 and earlier are affected by an Improper Input Validation vulnerabil…	MEDIUM	6.3	—	Apr 14, 2026
CVE-2026-27288	Adobe Experience Manager versions FP11.7 and earlier are affected by a stored Cross-Site Scripting (…	MEDIUM	5.4	—	Apr 14, 2026
CVE-2026-27286	InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vuln…	MEDIUM	5.5	—	Apr 14, 2026

← 1…3 4 5 6 7…43 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8