🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2019-25279	FaceSentry Access Control System Cleartext Password Storage Vulne… FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allo…	HIGH	7.5	⚡ ✅ AI	Jan 8, 2026
CVE-2019-25289	SmartLiving SmartLAN Authenticated Remote Command Injection Vulne… SmartLiving SmartLAN <=6.x contains an authenticated remote command injection vulnerability in the w…	HIGH	8.8	✅ AI	Jan 8, 2026
CVE-2019-25291	INIM SmartLiving Hard-Coded Credentials Vulnerability (CVE-2019-2… INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distri…	HIGH	7.5	✅ AI	Jan 8, 2026
CVE-2025-11877	User Activity Log Plugin Authentication Bypass Allows Unauthorize… The User Activity Log plugin is vulnerable to a limited options update in versions up to, and includ…	HIGH	7.5	✅ AI	Jan 7, 2026
CVE-2025-13371	MoneySpace WordPress Plugin Exposes Full Payment Card Data via Un… The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions …	HIGH	8.6	✅ AI	Jan 7, 2026
CVE-2025-13493	WordPress Latest Registered Users Plugin Unauthorized User Data E… The Latest Registered Users plugin for WordPress is vulnerable to unauthorized user data export in a…	HIGH	7.5	✅ AI	Jan 7, 2026
CVE-2025-13801	Yoco Payments WordPress Plugin Path Traversal Vulnerability (CVE-… The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and in…	HIGH	7.5	✅ AI	Jan 7, 2026
CVE-2025-14070	Reviewify WordPress Plugin Unauthorized Coupon Creation Vulnerabi… The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missi…	HIGH	7.5	✅ AI	Jan 7, 2026
CVE-2025-14835	WP Photo Album Plus Plugin Reflected XSS Vulnerability via Shortc… The WP Photo Album Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the…	HIGH	7.1	✅ AI	Jan 7, 2026
CVE-2025-15158	WP Enable WebP Plugin Arbitrary File Upload Vulnerability (CVE-20… The WP Enable WebP plugin for WordPress is vulnerable to arbitrary file uploads due to improper file…	HIGH	8.8	✅ AI	Jan 7, 2026
CVE-2025-47380	Qualcomm Sensor IOCTL Memory Corruption Vulnerability (CVE-2025-4… Memory corruption while preprocessing IOCTLs in sensors.	HIGH	7.8	✅ AI	Jan 7, 2026
CVE-2025-47393	Qualcomm Kernel Driver Memory Corruption Vulnerability (CVE-2025-… Memory corruption when accessing resources in kernel driver.	HIGH	7.8	✅ AI	Jan 7, 2026
CVE-2025-66620	Webshell Vulnerability in Columbia Weather MicroServer Firmware E… An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files…	HIGH	8.0	✅ AI	Jan 7, 2026
CVE-2025-69262	Critical Command Injection in pnpm Package Manager via Environmen… pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability wh…	HIGH	7.5	⚡ ✅ AI	Jan 7, 2026
CVE-2025-69263	pnpm HTTP Tarball Integrity Bypass Vulnerability (CVE-2025-69263) pnpm is a package manager. Versions 10.26.2 and below store HTTP tarball dependencies (and git-hoste…	HIGH	7.5	⚡ ✅ AI	Jan 7, 2026
CVE-2026-0656	iPaymu Payment Gateway Authentication Bypass Enables Order Fraud … The iPaymu Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authenticat…	HIGH	8.2	✅ AI	Jan 7, 2026
CVE-2026-21441	urllib3 Decompression Bomb Vulnerability in HTTP Redirect Handlin… urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient …	HIGH	7.5	✅ AI	Jan 7, 2026
CVE-2026-21678	Heap Buffer Overflow in iccDEV Color Management Library (CVE-2026… iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and appli…	HIGH	7.8	⚡ ✅ AI	Jan 7, 2026
CVE-2026-21856	Time-Based Blind SQL Injection in Tarkov Data Manager Webhook and… The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to commit 9bdb3a75a98a7047b6…	HIGH	7.2	⚡ ✅ AI	Jan 7, 2026
CVE-2026-22186	XXE Vulnerability in Bio-Formats Leica Metadata Parser Enables SS… Bio-Formats versions up to and including 8.3.0 contain an XML External Entity (XXE) vulnerability in…	HIGH	7.1	✅ AI	Jan 7, 2026
CVE-2026-22187	Bio-Formats Unsafe Java Deserialization Vulnerability in Memoizat… Bio-Formats versions up to and including 8.3.0 perform unsafe Java deserialization of attacker-contr…	HIGH	7.8	✅ AI	Jan 7, 2026
CVE-2026-22190	Panda3D egg-mkfont Uncontrolled Format String Vulnerability (CVE-… Panda3D versions up to and including 1.10.16 egg-mkfont contains an uncontrolled format string vulne…	HIGH	7.5	⚡ ✅ AI	Jan 7, 2026
CVE-2020-36905	FIBARO Home Center Remote File Inclusion Vulnerability (CVE-2020-… FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented p…	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2020-36907	Aerohive HiveOS NetConfig UI Denial of Service Vulnerability (CVE… Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthent…	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2020-36910	Cayin Signage Media Player 3.0 Authenticated Remote Command Injec… Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in s…	HIGH	8.8	✅ AI	Jan 6, 2026

← 1…78 79 80 81 82 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8