تقرير الأمن السيبراني

📊 توزيع الخطورة

🔴 Critical

292

🟠 High

772

🟡 Medium

880

🟢 Low

0

📡 توزيع المصادر

NVD

585

VulnCheck

429

Microsoft MSRC

347

MITRE CVE High

205

GHSA

129

Vulners

48

Ubuntu Security

39

Exploit-DB

29

Sploitus

23

Cyber Security News

13

🌐 المجالات الأكثر تأثراً

Exploit

379

Web

355

Vulnerability

266

General

202

Browser

147

Linux

119

Microsoft

101

OT/ICS

83

Network

32

DDoS

32

⚠️ أنواع التهديدات

Exploit

1713

DDoS

59

AI Attack

46

ICS/OT

35

APT

24

PoC Research

19

IOC

14

Zero-Day

8

🔴 أخطر الثغرات Critical

الحدث / CVE	المصدر	الخطورة	الاستغلال	الأنظمة	الحل
CVE-2026-47131 CVE-2026-47131 — GHSA: vm2 has a Sandbox Escape issue ← تفاصيل	GHSA	🔴 Critical	No
CVE-2026-47140 CVE-2026-47140 — GHSA: NodeVM builtin denylist bypass via process… ← تفاصيل	GHSA	🔴 Critical	No
CVE-2026-47137 CVE-2026-47137 — GHSA: vm2 has a CVE-2023-37903 patch bypass: nes… ← تفاصيل	GHSA	🔴 Critical	No
CVE-2026-47208 CVE-2026-47208 — GHSA: vm2 is Vulnerable to Sandbox Breakout Thro… ← تفاصيل	GHSA	🔴 Critical	No
CVE-2026-45618 CVE-2026-45618 — GHSA: LiquidJS is Vulnerable to Remote Code Exec… ← تفاصيل	GHSA	🔴 Critical	PoC Only	Multiple Systems	Refer to CVE-2026-45618 NVD advisory
CVE-2026-20223 Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Da… ← تفاصيل	THN	🔴 Critical	No	Multiple Systems	Update to v10.0 \| Cisco Security Advisory
CVE-2026-23652 CVE-2026-23652 — Improper neutralization of special elements used… ← تفاصيل	NVD	🔴 Critical	No	Multiple Systems	Microsoft Patch Tuesday
CVE-2026-42369 CVE-2026-42369 — GV-VMS V20 is a Video Monitoring Software used t… ← تفاصيل	NVD	🔴 Critical	No	Multiple Systems	Refer to CVE-2026-42369 NVD advisory
CVE-2026-45102 CVE-2026-45102 — OneUptime is an open-source monitoring and obser… ← تفاصيل	NVD	🔴 Critical	No	Multiple Systems	Refer to CVE-2026-45102 NVD advisory
CVE-2026-9559 CVE-2026-9559 — VulnCheck: A path traversal vulnerability exists … ← تفاصيل	VulnCheck	🔴 Critical	No	PHP	Refer to CVE-2026-9559 NVD advisory

⚡ CISA KEV — مستغَلّة رسمياً

الحدث / CVE	المصدر	الخطورة	الاستغلال	الأنظمة	الحل
CVE-2026-41089 Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited… ← تفاصيل	Cyber Security News	🔴 Critical	Yes	Windows Server (2019/2022)	Microsoft Patch Tuesday
CISA gives feds 4 days to patch actively exploited cPanel plugin … ← تفاصيل	BleepingComputer	🔴 Critical	Yes	Multiple Systems	Apply vendor security patch
CISA orders feds to patch actively exploited Drupal vulnerability ← تفاصيل	BleepingComputer	🔴 Critical	Yes	Multiple Systems	Apply vendor security patch
CVE-2026-48172 CVE-2026-48172 — CISA KEV: LiteSpeed cPanel Plugin Privilege Esca… ← تفاصيل	CISA KEV	🔴 Critical	Yes	LiteSpeed cPanel Plugin	Apply mitigations per vendor instructions, follow applicable
The Good, the Bad and the Ugly in Cybersecurity – Week 21 ← تفاصيل	SentinelOne Blog	🔴 Critical	Yes	MS Defender Antimalware 4.18.x	Microsoft Patch Tuesday
Trend Micro warns of Apex One zero-day exploited in the wild ← تفاصيل	BleepingComputer	🔴 Critical	Yes	Multiple Systems	Microsoft Patch Tuesday
CVE-2026-9082 CVE-2026-9082 — CISA KEV: Drupal Core SQL Injection Vulnerability ← تفاصيل	CISA KEV	🔴 Critical	Yes	Drupal Core	Apply mitigations per vendor instructions, follow applicable
Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensio… ← تفاصيل	Rapid7 Blog	🔴 Critical	Yes	Multiple Systems	Apply vendor security patch
CVE-2025-34291 CVE-2025-34291 — CISA KEV: Langflow Origin Validation Error Vulne… ← تفاصيل	CISA KEV	🔴 Critical	Yes	Langflow Langflow	Apply mitigations per vendor instructions, follow applicable
Exposing Fox Tempest: A malware-signing service operation ← تفاصيل	Microsoft Security	🔴 Critical	Yes	Multiple Systems	Microsoft Patch Tuesday

🔥 الثغرات المستغَلّة فعلياً

الحدث / CVE	المصدر	الخطورة	الاستغلال	الأنظمة	الحل
CVE-2026-41089 Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited… ← تفاصيل	Cyber Security News	🔴 Critical	Yes	Windows Server (2019/2022)	Microsoft Patch Tuesday
CISA gives feds 4 days to patch actively exploited cPanel plugin … ← تفاصيل	BleepingComputer	🔴 Critical	Yes	Multiple Systems	Apply vendor security patch
CISA orders feds to patch actively exploited Drupal vulnerability ← تفاصيل	BleepingComputer	🔴 Critical	Yes	Multiple Systems	Apply vendor security patch
CVE-2026-48172 CVE-2026-48172 — CISA KEV: LiteSpeed cPanel Plugin Privilege Esca… ← تفاصيل	CISA KEV	🔴 Critical	Yes	LiteSpeed cPanel Plugin	Apply mitigations per vendor instructions, follow applicable
The Good, the Bad and the Ugly in Cybersecurity – Week 21 ← تفاصيل	SentinelOne Blog	🔴 Critical	Yes	MS Defender Antimalware 4.18.x	Microsoft Patch Tuesday
Trend Micro warns of Apex One zero-day exploited in the wild ← تفاصيل	BleepingComputer	🔴 Critical	Yes	Multiple Systems	Microsoft Patch Tuesday
CVE-2026-9082 CVE-2026-9082 — CISA KEV: Drupal Core SQL Injection Vulnerability ← تفاصيل	CISA KEV	🔴 Critical	Yes	Drupal Core	Apply mitigations per vendor instructions, follow applicable
Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensio… ← تفاصيل	Rapid7 Blog	🔴 Critical	Yes	Multiple Systems	Apply vendor security patch
CVE-2025-34291 CVE-2025-34291 — CISA KEV: Langflow Origin Validation Error Vulne… ← تفاصيل	CISA KEV	🔴 Critical	Yes	Langflow Langflow	Apply mitigations per vendor instructions, follow applicable
Exposing Fox Tempest: A malware-signing service operation ← تفاصيل	Microsoft Security	🔴 Critical	Yes	Multiple Systems	Microsoft Patch Tuesday