🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2020-36922	Sony BRAVIA Digital Signage API Information Disclosure Vulnerabil… Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unaut…	HIGH	7.5	⚡ ✅ AI	Jan 6, 2026
CVE-2025-12793	ASUS MyASUS DLL Hijacking Vulnerability Enables Privilege Escalat… An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker …	HIGH	7.8	✅ AI	Jan 6, 2026
CVE-2025-14997	Critical File Deletion Vulnerability in BuddyPress Xprofile WordP… The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file dele…	HIGH	7.2	✅ AI	Jan 6, 2026
CVE-2025-15364	WordPress Download Manager Plugin Privilege Escalation via Accoun… The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover…	HIGH	7.3	✅ AI	Jan 6, 2026
CVE-2025-15382	WolfSSH Heap Buffer Over-Read Vulnerability in SCP Path Processin… A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An auth…	HIGH	8.1	✅ AI	Jan 6, 2026
CVE-2025-36589	Dell Unisphere for PowerMax XXE Vulnerability Enables Unauthorize… Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External …	HIGH	7.6	✅ AI	Jan 6, 2026
CVE-2025-69227	AIOHTTP Infinite Loop DoS Vulnerability in Request.post() Method … AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and …	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2025-69228	AIOHTTP Memory Exhaustion Vulnerability Allows Denial of Service … AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and …	HIGH	7.5	✅ AI	Jan 6, 2026
CVE-2025-15240	QOCA aim AI Medical Cloud Platform Arbitrary File Upload Vulnerab… QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnera…	HIGH	8.8	✅ AI	Jan 5, 2026
CVE-2025-15456	MiniCMS Authentication Bypass Vulnerability in Page Editor (CVE-2… A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown funct…	HIGH	7.3	⚡ ✅ AI	Jan 5, 2026
CVE-2025-15462	UTT 520W Router Buffer Overflow Vulnerability (CVE-2025-15462) A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy o…	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-59156	Critical RCE Vulnerability in Coolify Docker Compose Deployment A… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-59158	Coolify Stored XSS Vulnerability Enables Privilege Escalation via… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.0	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64421	Coolify Privilege Escalation via Improper Authorization (CVE-2025… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.0	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64423	Coolify Privilege Escalation via Invitation Link Hijacking (CVE-2… Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64424	Critical Command Injection in Coolify Server Management Platform … Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-64425	Coolify Host Header Injection Enables Password Reset Token Theft … Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. …	HIGH	8.1	⚡ ✅ AI	Jan 5, 2026
CVE-2025-66518	Apache Kyuubi Path Traversal Vulnerability Allows Unauthorized Lo… Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-si…	HIGH	8.8	✅ AI	Jan 5, 2026
CVE-2025-68428	jsPDF Node.js Local File Inclusion Vulnerability (CVE-2025-68428) jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first…	HIGH	7.5	✅ AI	Jan 5, 2026
CVE-2025-68454	Craft CMS Authenticated Remote Code Execution via Twig SSTI (CVE-… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	8.8	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68455	Craft CMS Authenticated Remote Code Execution via Malicious Behav… Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC…	HIGH	7.2	⚡ ✅ AI	Jan 5, 2026
CVE-2025-68547	Critical Authorization Bypass in WPweb Follow My Blog Post WordPr… Missing Authorization vulnerability in WPweb Follow My Blog Post allows Exploiting Incorrectly Confi…	HIGH	7.5	✅ AI	Jan 5, 2026
CVE-2026-0589	Authentication Bypass in Online Product Reservation System 1.0 Ad… A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unk…	HIGH	7.3	⚡ ✅ AI	Jan 5, 2026
CVE-2026-0621	ReDoS Vulnerability in Anthropic MCP TypeScript SDK URI Template … Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression deni…	HIGH	7.5	⚡ ✅ AI	Jan 5, 2026
CVE-2025-3646	Petlibro Smart Pet Feeder Authorization Bypass Vulnerability (CVE… Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerabil…	HIGH	7.3	✅	Jan 4, 2026

← 1…81 82 83 84 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,774 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8