تغذية مباشرة من NVD & CISA

قاعدة بيانات الثغرات الأمنية CVE Intelligence

بيانات CVE من NVD مع إثراء KEV من CISA وترجمة عربية. المحتوى مبني على المصادر الرسمية فقط.

الثغرات المستغلة فعليًا فقط

إعادة ضبط

عرض صفحة 10 من 27 (1330 ثغرة)

CVE ID	الشدة	CVSS	KEV مستغلة؟	تاريخ النشر	الملخص
CVE-2026-1671	Medium	6,5	لا	2026-02-12	The Activity Log for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the w…
CVE-2026-1316	High	7,2	لا	2026-02-12	The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'media[].href' parameter in …
CVE-2026-2276	Medium	5,3	لا	2026-02-12	Reflected Cross-Site Scripting (XSS) vulnerability in the Wix web application, where the endpoint ' https://manage.wix.com/account/account-…
CVE-2025-15575	Medium	5,3	لا	2026-02-12	The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash ma…
CVE-2025-15574	Medium	6,5	لا	2026-02-12	When connecting to the Solax Cloud MQTT server the username is the "registration number", which is the 10 character string printed on the S…
CVE-2025-15573	Critical	9,4	لا	2026-02-12	The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud (mq…
CVE-2026-1356	Medium	4,8	لا	2026-02-12	The Converter for Media – Optimize images \| Convert WebP & AVIF plugin for WordPress is vulnerable to Server-Side Request Forgery in all ve…
CVE-2026-21722	Medium	5,3	لا	2026-02-12	Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This m…
CVE-2025-41117	Medium	6,8	لا	2026-02-12	Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would …
CVE-2025-15577	High	8,7	لا	2026-02-12	An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Val…
CVE-2026-2327	Medium	5,5	لا	2026-02-12	Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the…
CVE-2025-14892	Critical	9,8	لا	2026-02-12	The Prime Listing Manager WordPress plugin through 1.1 allows an attacker to gain administrative access without having any kind of account …
CVE-2026-2391	Medium	6,3	لا	2026-02-12	### Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attack…
CVE-2026-26092	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-26091	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-26090	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-26089	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-26088	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-26087	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-26086	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-26085	N/A	—	لا	2026-02-12	Rejected reason: Not used
CVE-2026-25676	High	7,1	لا	2026-02-12	The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link…
CVE-2026-26235	High	8,7	لا	2026-02-12	JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerability that allows unauthenticated attackers to remotely shutdown or re…
CVE-2026-26234	High	8,7	لا	2026-02-12	JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override requ…
CVE-2026-1537	Medium	5,3	لا	2026-02-12	The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to unauthorized access of data due t…
CVE-2026-23857	High	8,2	لا	2026-02-12	Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privi…
CVE-2026-23856	High	7,8	لا	2026-02-12	Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module (iSM) for Linux, versions prior to 5.…
CVE-2026-0969	High	8,8	لا	2026-02-12	The serialize function used to compile MDX in next-mdx-remote is vulnerable to arbitrary code execution due to insufficient sanitization of…
CVE-2026-1729	Critical	9,8	لا	2026-02-12	The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the pl…
CVE-2026-26215	Critical	9,3	لا	2026-02-12	manga-image-translator version beta-0.3 and prior in shared API mode contains an unsafe deserialization vulnerability that can lead to unau…
CVE-2026-20700	High	7,8	نعم	2026-02-12	A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, v…
CVE-2026-20682	Medium	5,3	لا	2026-02-12	A logic issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. …
CVE-2026-20681	Low	3,3	لا	2026-02-12	A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.3. An app may be …
CVE-2026-20680	Medium	6,5	لا	2026-02-12	The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Tahoe 26.3, macOS Son…
CVE-2026-20678	Medium	5,5	لا	2026-02-12	An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS…
CVE-2026-20677	Critical	9,0	لا	2026-02-12	A race condition was addressed with improved handling of symbolic links. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS …
CVE-2026-20676	Medium	5,3	لا	2026-02-12	This issue was addressed through improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3,…
CVE-2026-20675	Medium	5,5	لا	2026-02-12	The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4,…
CVE-2026-20674	Medium	4,6	لا	2026-02-12	A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access…
CVE-2026-20673	Medium	5,3	لا	2026-02-12	A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26…
CVE-2026-20671	Low	3,1	لا	2026-02-12	A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, ma…
CVE-2026-20669	Medium	5,5	لا	2026-02-12	A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An…
CVE-2026-20667	High	8,8	لا	2026-02-12	A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia…
CVE-2026-20666	Medium	5,5	لا	2026-02-12	An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access …
CVE-2026-20663	Low	3,3	لا	2026-02-12	The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be …
CVE-2026-20662	Medium	4,6	لا	2026-02-12	An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An atta…
CVE-2026-20661	Medium	4,6	لا	2026-02-12	An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS…
CVE-2026-20660	High	7,5	لا	2026-02-12	A path handling issue was addressed with improved logic. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadO…
CVE-2026-20658	High	7,8	لا	2026-02-12	A package validation issue was addressed by blocking the vulnerable package. This issue is fixed in macOS Tahoe 26.3. An app may be able to…
CVE-2026-20656	Low	3,3	لا	2026-02-12	A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. A…