🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-34197	Apache ActiveMQ — CVE-2026-34197 Apache ActiveMQ contains an improper input validation vulnerability…	CRITICAL	9.8	KEV AI	Apr 16, 2026
CVE-2026-33704	Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including stu…	HIGH	7.1	✅	Apr 10, 2026
CVE-2019-25671	VA MAX 8.3.4 contains a remote code execution vulnerability that allows authenticated attackers to e…	HIGH	8.8	—	Apr 5, 2026
CVE-2026-3533	The Jupiter X Core plugin for WordPress is vulnerable to limited … The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authori…	HIGH	8.8	—	Mar 24, 2026
CVE-2020-36939	Cassandra Web 0.5.0 contains a directory traversal vulnerability … Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attacke…	HIGH	7.5	✅	Jan 27, 2026
CVE-2025-68493	Apache Struts Missing XML Validation Vulnerability (CVE-2025-6849… Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Str…	HIGH	8.1	✅ AI	Jan 11, 2026
CVE-2025-66518	Apache Kyuubi Path Traversal Vulnerability Allows Unauthorized Lo… Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-si…	HIGH	8.8	✅ AI	Jan 5, 2026
CVE-2025-48769	Use After Free vulnerability was discovered in fs/vfs/fs_rename c… Use After Free vulnerability was discovered in fs/vfs/fs_rename code of the Apache NuttX RTOS, that …	HIGH	8.1	✅	Jan 1, 2026
CVE-2024-38475	Apache HTTP Server Improper Escaping of Output Vulnerability — Ap… Apache HTTP Server Improper Escaping of Output Vulnerability — Apache HTTP Server contains an improp…	CRITICAL	9.0	⚡ ✅ KEV AI	May 1, 2025
CVE-2025-24813	Apache Tomcat Path Equivalence Vulnerability - Remote Code Execut… Apache Tomcat Path Equivalence Vulnerability — Apache Tomcat contains a path equivalence vulnerabili…	CRITICAL	9.0	⚡ ✅ KEV AI	Apr 1, 2025
CVE-2017-3066	Adobe ColdFusion Deserialization Vulnerability — Adobe ColdFusion… Adobe ColdFusion Deserialization Vulnerability — Adobe ColdFusion contains a deserialization vulnera…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 24, 2025
CVE-2024-45195	Apache OFBiz Forced Browsing Vulnerability — Apache OFBiz contain… Apache OFBiz Forced Browsing Vulnerability — Apache OFBiz contains a forced browsing vulnerability t…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 4, 2025
CVE-2024-27348	Critical RCE in Apache HugeGraph-Server via Improper Access Contr… Apache HugeGraph-Server Improper Access Control Vulnerability — Apache HugeGraph-Server contains an …	CRITICAL	9.0	⚡ ✅ KEV AI	Sep 18, 2024
CVE-2024-38856	Apache OFBiz Incorrect Authorization Vulnerability — Apache OFBiz… Apache OFBiz Incorrect Authorization Vulnerability — Apache OFBiz contains an incorrect authorizatio…	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 27, 2024
CVE-2024-32113	Apache OFBiz Path Traversal Vulnerability — Apache OFBiz contains… Apache OFBiz Path Traversal Vulnerability — Apache OFBiz contains a path traversal vulnerability tha…	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 7, 2024
CVE-2020-17519	Apache Flink Improper Access Control Vulnerability — Apache Flink… Apache Flink Improper Access Control Vulnerability — Apache Flink contains an improper access contro…	CRITICAL	9.0	⚡ ✅ KEV AI	May 23, 2024
CVE-2023-27524	Apache Superset Insecure Default Initialization of Resource Vulne… Apache Superset Insecure Default Initialization of Resource Vulnerability — Apache Superset contains…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 8, 2024
CVE-2023-46604	Apache ActiveMQ Deserialization of Untrusted Data Vulnerability —… Apache ActiveMQ Deserialization of Untrusted Data Vulnerability — Apache ActiveMQ contains a deseria…	CRITICAL	9.0	⚡ ✅ KEV AI	Nov 2, 2023
CVE-2023-33246	Apache RocketMQ Command Execution Vulnerability — Several compone… Apache RocketMQ Command Execution Vulnerability — Several components of Apache RocketMQ, including N…	CRITICAL	9.0	⚡ ✅ KEV AI	Sep 6, 2023
CVE-2023-38035	Ivanti Sentry Authentication Bypass Vulnerability — Ivanti Sentry… Ivanti Sentry Authentication Bypass Vulnerability — Ivanti Sentry, formerly known as MobileIron Sent…	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 22, 2023
CVE-2016-8735	Apache Tomcat Remote Code Execution Vulnerability — Apache Tomcat… Apache Tomcat Remote Code Execution Vulnerability — Apache Tomcat contains an unspecified vulnerabil…	CRITICAL	9.0	⚡ ✅ KEV AI	May 12, 2023
CVE-2021-45046	Apache Log4j2 Deserialization of Untrusted Data Vulnerability — A… Apache Log4j2 Deserialization of Untrusted Data Vulnerability — Apache Log4j2 contains a deserializa…	CRITICAL	9.0	⚡ ✅ KEV AI	May 1, 2023
CVE-2022-33891	Apache Spark Command Injection Vulnerability — Apache Spark conta… Apache Spark Command Injection Vulnerability — Apache Spark contains a command injection vulnerabili…	CRITICAL	9.0	⚡ ✅ KEV	Mar 7, 2023
CVE-2022-47966	Zoho ManageEngine Multiple Products Remote Code Execution Vulnera… Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability — Multiple Zoho ManageEngine…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 23, 2023
CVE-2022-24706	Apache CouchDB Insecure Default Initialization of Resource Vulner… Apache CouchDB Insecure Default Initialization of Resource Vulnerability — Apache CouchDB contains a…	CRITICAL	9.0	⚡ ✅ KEV	Aug 25, 2022

1 2 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,693 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8