الثغرات / Vulnerabilities
بيانات CVE من NVD مع إثراء KEV من CISA وترجمة عربية. المحتوى أدناه مبني على المصادر الرسمية فقط.
| CVE | الشدة | CVSS | مستغلة فعليًا؟ | تاريخ النشر | ملخص عربي |
|---|---|---|---|---|---|
| CVE-2026-1164 | Medium | 6.1 | لا | 2026-02-14 | The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in al… |
| CVE-2026-0692 | High | 7.5 | لا | 2026-02-14 | The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all version… |
| CVE-2026-26303 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26302 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26301 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26300 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26299 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26298 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26297 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26296 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2026-26295 | N/A | - | لا | 2026-02-14 | Rejected reason: Not used |
| CVE-2025-14608 | Medium | 5.3 | لا | 2026-02-14 | The WP Last Modified Info plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to,… |
| CVE-2025-14067 | Medium | 5.3 | لا | 2026-02-14 | The Easy Form Builder plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability che… |
| CVE-2025-13973 | Medium | 5.3 | لا | 2026-02-14 | The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information Disclosure in all vers… |
| CVE-2025-13681 | Medium | 4.9 | لا | 2026-02-14 | The BFG Tools – Extension Zipper plugin for WordPress is vulnerable to Path Traversal in all versions up to, and includ… |
| CVE-2026-24853 | High | 8.1 | لا | 2026-02-14 | Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through th… |
| CVE-2026-26273 | Critical | 9.8 | لا | 2026-02-14 | Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1… |
| CVE-2026-1844 | High | 7.2 | لا | 2026-02-14 | The PixelYourSite PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pysTrafficSource' para… |
| CVE-2026-1841 | High | 7.2 | لا | 2026-02-14 | The PixelYourSite – Your smart PIXEL (TAG) & API Manager plugin for WordPress is vulnerable to Stored Cross-Site Script… |
| CVE-2025-70957 | N/A | - | لا | 2026-02-14 | A Denial of Service (DoS) vulnerability was discovered in the TON Lite Server before v2024.09. The vulnerability arises… |
| CVE-2025-70956 | N/A | - | لا | 2026-02-14 | A State Pollution vulnerability was discovered in the TON Virtual Machine (TVM) before v2025.04. The issue exists in th… |
| CVE-2025-70955 | N/A | - | لا | 2026-02-14 | A Stack Overflow vulnerability was discovered in the TON Virtual Machine (TVM) before v2024.10. The vulnerability stems… |
| CVE-2025-70954 | N/A | - | لا | 2026-02-14 | A Null Pointer Dereference vulnerability exists in the TON Virtual Machine (TVM) within the TON Blockchain before v2025… |
| CVE-2025-70866 | N/A | - | لا | 2026-02-14 | LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An authenticated user with low-level privileges (User ro… |
| CVE-2025-69633 | N/A | - | لا | 2026-02-14 | A SQL Injection vulnerability in the Advanced Popup Creator (advancedpopupcreator) module for PrestaShop 1.1.26 through… |
| CVE-2025-15157 | High | 8.8 | لا | 2026-02-14 | The Starfish Review Generation & Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modificatio… |
| CVE-2026-26335 | Critical | 9.3 | لا | 2026-02-14 | Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web ap… |
| CVE-2026-26334 | High | 8.5 | لا | 2026-02-14 | Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll (… |
| CVE-2026-26333 | Critical | 10.0 | لا | 2026-02-14 | Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The s… |
| CVE-2025-68128 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2025-68127 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2025-68126 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2025-68125 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2025-68124 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2025-58184 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2025-58182 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2025-47915 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2024-34157 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2024-34154 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2023-45291 | N/A | - | لا | 2026-02-14 | Rejected reason: reserved but not needed |
| CVE-2026-26269 | Medium | 5.4 | لا | 2026-02-13 | Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim… |
| CVE-2026-2441 | High | 8.8 | لا | 2026-02-13 | Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code insid… |
| CVE-2026-26264 | High | 7.8 | لا | 2026-02-13 | BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a m… |
| CVE-2026-26208 | High | 7.8 | لا | 2026-02-13 | ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deseria… |
| CVE-2026-26190 | Critical | 9.8 | لا | 2026-02-13 | Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus expos… |
| CVE-2026-26187 | High | 8.1 | لا | 2026-02-13 | lakeFS is an open-source tool that transforms object storage into a Git-like repositories. Prior to 1.77.0, the local b… |
| CVE-2026-25991 | High | 7.7 | لا | 2026-02-13 | Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, th… |
| CVE-2026-25964 | Medium | 4.9 | لا | 2026-02-13 | Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, a … |
| CVE-2026-21878 | High | 7.5 | لا | 2026-02-13 | BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability… |
| CVE-2025-36552 | N/A | - | لا | 2026-02-13 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused |