| الحدث / CVE | المصدر | الخطورة | الاستغلال | الأنظمة | الحل |
|---|---|---|---|---|---|
|
CVE-2026-10520 U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerab… ← تفاصيل |
Security Affairs | 🔴 Critical | No | Refer to CVE-2026-10520 NVD advisory | |
|
CVE-2026-47131 CVE-2026-47131 — vm2 is an open source vm/sandbox for Node.js. Pr… ← تفاصيل |
NVD | 🔴 Critical | No | Node.js | Update to v3.11.4 |
|
CVE-2026-47137 CVE-2026-47137 — vm2 is an open source vm/sandbox for Node.js. Pr… ← تفاصيل |
NVD | 🔴 Critical | No | Node.js | Update to v3.11.4 |
|
CVE-2026-47140 CVE-2026-47140 — vm2 is an open source vm/sandbox for Node.js. Pr… ← تفاصيل |
NVD | 🔴 Critical | No | Node.js | Update to v3.11.4 |
|
CVE-2026-47208 CVE-2026-47208 — vm2 is an open source vm/sandbox for Node.js. Pr… ← تفاصيل |
NVD | 🔴 Critical | No | Node.js | Update to v3.11.4 |
|
CVE-2026-50086 CVE-2026-50086 — The Aqara IAM/SSO gateway (gw-builder.aqara.com)… ← تفاصيل |
NVD | 🔴 Critical | No | Refer to CVE-2026-50086 NVD advisory | |
|
CVE-2026-48558 CVE-2026-48558 — SimpleHelp versions 5.5.15 and prior and 6.0 pre… ← تفاصيل |
NVD | 🔴 Critical | No | Update to v5.5.15 | |
|
CVE-2026-49261 CVE-2026-49261 — MariaDB server is a community developed fork of … ← تفاصيل |
NVD | 🔴 Critical | No | MySQL | Update to v10.6.1 |
|
CVE-2026-49777 CVE-2026-49777 — Improper Validation of Specified Quantity in Inp… ← تفاصيل |
NVD | 🔴 Critical | No | Improper Validation of | Refer to CVE-2026-49777 NVD advisory |
|
CVE-2026-45618 CVE-2026-45618 — GHSA: LiquidJS is Vulnerable to Remote Code Exec… ← تفاصيل |
GHSA | 🔴 Critical | PoC Only | GHSA: LiquidJS is | Refer to CVE-2026-45618 NVD advisory |
| الحدث / CVE | المصدر | الخطورة | الاستغلال | الأنظمة | الحل |
|---|---|---|---|---|---|
| CISA gives feds 4 days to patch actively exploited cPanel plugin … ← تفاصيل | BleepingComputer | 🔴 Critical | Yes | CISA gives feds | Apply vendor security patch |
| CISA orders feds to patch actively exploited Drupal vulnerability ← تفاصيل | BleepingComputer | 🔴 Critical | Yes | Drupal | Apply vendor security patch |
|
CVE-2026-48172 CVE-2026-48172 — CISA KEV: LiteSpeed cPanel Plugin Privilege Esca… ← تفاصيل |
CISA KEV | 🔴 Critical | Yes | LiteSpeed cPanel Plugin | Apply mitigations per vendor instructions, follow applicable |
| Why pure extortion is replacing traditional ransomware ← تفاصيل | Security Affairs | 🔴 Critical | Yes | Why pure extortion | Apply vendor security patch |
| The Good, the Bad and the Ugly in Cybersecurity – Week 21 ← تفاصيل | SentinelOne Blog | 🔴 Critical | Yes | MS Defender Antimalware 4.18.x | Microsoft Patch Tuesday |
| Trend Micro warns of Apex One zero-day exploited in the wild ← تفاصيل | BleepingComputer | 🔴 Critical | Yes | Microsoft Windows | Microsoft Patch Tuesday |
| Verizon DBIR: Healthcare Fends Off Increased Social Engineering A… ← تفاصيل | Dark Reading | 🔴 Critical | Yes | Verizon DBIR: Healthcare | Apply vendor security patch |
|
CVE-2026-9082 CVE-2026-9082 — CISA KEV: Drupal Core SQL Injection Vulnerability ← تفاصيل |
CISA KEV | 🔴 Critical | Yes | Drupal Core | Apply mitigations per vendor instructions, follow applicable |
| Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensio… ← تفاصيل | Rapid7 Blog | 🔴 Critical | Yes | Q1 2026 Threat | Apply vendor security patch |
|
CVE-2025-34291 CVE-2025-34291 — CISA KEV: Langflow Origin Validation Error Vulne… ← تفاصيل |
CISA KEV | 🔴 Critical | Yes | Langflow Langflow | Apply mitigations per vendor instructions, follow applicable |
| الحدث / CVE | المصدر | الخطورة | الاستغلال | الأنظمة | الحل |
|---|---|---|---|---|---|
| CISA gives feds 4 days to patch actively exploited cPanel plugin … ← تفاصيل | BleepingComputer | 🔴 Critical | Yes | CISA gives feds | Apply vendor security patch |
| CISA orders feds to patch actively exploited Drupal vulnerability ← تفاصيل | BleepingComputer | 🔴 Critical | Yes | Drupal | Apply vendor security patch |
|
CVE-2026-48172 CVE-2026-48172 — CISA KEV: LiteSpeed cPanel Plugin Privilege Esca… ← تفاصيل |
CISA KEV | 🔴 Critical | Yes | LiteSpeed cPanel Plugin | Apply mitigations per vendor instructions, follow applicable |
| Why pure extortion is replacing traditional ransomware ← تفاصيل | Security Affairs | 🔴 Critical | Yes | Why pure extortion | Apply vendor security patch |
| The Good, the Bad and the Ugly in Cybersecurity – Week 21 ← تفاصيل | SentinelOne Blog | 🔴 Critical | Yes | MS Defender Antimalware 4.18.x | Microsoft Patch Tuesday |
| Trend Micro warns of Apex One zero-day exploited in the wild ← تفاصيل | BleepingComputer | 🔴 Critical | Yes | Microsoft Windows | Microsoft Patch Tuesday |
| Verizon DBIR: Healthcare Fends Off Increased Social Engineering A… ← تفاصيل | Dark Reading | 🔴 Critical | Yes | Verizon DBIR: Healthcare | Apply vendor security patch |
|
CVE-2026-9082 CVE-2026-9082 — CISA KEV: Drupal Core SQL Injection Vulnerability ← تفاصيل |
CISA KEV | 🔴 Critical | Yes | Drupal Core | Apply mitigations per vendor instructions, follow applicable |
| Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensio… ← تفاصيل | Rapid7 Blog | 🔴 Critical | Yes | Q1 2026 Threat | Apply vendor security patch |
|
CVE-2025-34291 CVE-2025-34291 — CISA KEV: Langflow Origin Validation Error Vulne… ← تفاصيل |
CISA KEV | 🔴 Critical | Yes | Langflow Langflow | Apply mitigations per vendor instructions, follow applicable |