The latest articles on Forem by 🎖️المحارب الرقمي🎖️ (@asrarmared). https://forem.com/asrarmared https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3625853%2Fde0b1a4c-a599-426f-9239-5f5850e086b5.png https://forem.com/asrarmared en 🎖️المحارب الرقمي🎖️ Mon, 04 May 2026 21:22:46 +0000 https://forem.com/asrarmared/lmsl-ldfy-lhjwm-ai-73l https://forem.com/asrarmared/lmsl-ldfy-lhjwm-ai-73l <h2> المصل الدفاعي لهجوم AI </h2> <p>إليك هذا الفيديو القصير الذي يتناول موضوع الحماية من هجمات الذكاء الاصطناعي:</p> <div> <iframe src="https://www.youtube.com/embed/lsUY1D1vZxE"> </iframe> </div> <h3> نبذة سريعة </h3> <p>يفضل دائماً إضافة سطرين أو ثلاثة بالأسفل تشرح فيهم الفائدة الرئيسية من الفيديو، لأن مجتمع DEV يفضل المحتوى الذي يحتوي على سياق مكتوب بجانب الفيديو.</p> ai security cybersecurity arabic 🎖️المحارب الرقمي🎖️ Mon, 04 May 2026 21:12:52 +0000 https://forem.com/asrarmared/ql-lmhrb-httpswwwyoutubecomwatchv1osbfwwbhwm-4gaj https://forem.com/asrarmared/ql-lmhrb-httpswwwyoutubecomwatchv1osbfwwbhwm-4gaj <div class="crayons-card c-embed text-styles text-styles--secondary"> <div class="c-embed__content"> <div class="c-embed__body flex items-center justify-between"> <a href="https://www.youtube.com/watch?v=1osBfwWBHWM" rel="noopener noreferrer" class="c-link fw-bold flex items-center"> <span class="mr-2">youtube.com</span> </a> </div> </div> </div> 🎖️المحارب الرقمي🎖️ Mon, 04 May 2026 21:07:06 +0000 https://forem.com/asrarmared/professional-security-audit-report-zayed-shield-project-49bk https://forem.com/asrarmared/professional-security-audit-report-zayed-shield-project-49bk <div class="crayons-card c-embed text-styles text-styles--secondary"> <div class="c-embed__content"> <div class="c-embed__cover"> <a href="https://coderlegion.com/16694/professional-security-audit-report-zayed-shield-project" class="c-link align-middle" rel="noopener noreferrer"> <img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcoderlegion.com%2Fbgcover-meta-img%3Fblobid%3D6751445287249090899" height="1003" class="m-0" width="982"> </a> </div> <div class="c-embed__body"> <h2 class="fs-xl lh-tight"> <a href="https://coderlegion.com/16694/professional-security-audit-report-zayed-shield-project" rel="noopener noreferrer" class="c-link"> Professional Security Audit Report - Zayed Shield Project - Coder Legion </a> </h2> <p class="truncate-at-3"> # ️ Security Audit Report ## Zayed Shield Project - npm Dependencies Analysis **Report Date:** December 10, 2025 **Auditor:** Zayed Security Research Team **Project:** Zayed-Shield **Environment:** Termux on Android (ARM64) **Node Version:**... </p> <div class="color-secondary fs-s flex items-center"> <img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcoderlegion.com%2Ffavicon-32x32.png" width="32" height="32"> coderlegion.com </div> </div> </div> </div> 🎖️المحارب الرقمي🎖️ Fri, 01 May 2026 04:48:58 +0000 https://forem.com/asrarmared/building-a-fortress-my-automated-security-framework-for-npm-packages-2g5p https://forem.com/asrarmared/building-a-fortress-my-automated-security-framework-for-npm-packages-2g5p <p>Liquid syntax error: 'details' tag was never closed</p> security javascript npm devops 🎖️المحارب الرقمي🎖️ Thu, 30 Apr 2026 20:48:29 +0000 https://forem.com/asrarmared/hl-thgr-cve-2025-55182-fy-react-w-nextjs-3nig https://forem.com/asrarmared/hl-thgr-cve-2025-55182-fy-react-w-nextjs-3nig <h1> !/bin/bash </h1> <h1> ============================================================================ </h1> <h1> 🛡️ CVE-2025-55182 Security Patch Script </h1> <h1> ============================================================================ </h1> <h1> مؤسسة الرئاسة - مشروع درع زايد </h1> <h1> Presidential Institution - Zayed Shield Project </h1> <h1> الهدف: إصلاح ثغرة الأمنية في React وحزم Next.js المتأثرة </h1> <h1> Purpose: Patch security vulnerability in React and affected Next.js packages </h1> <h1> ============================================================================ </h1> <p>set -e</p> <h1> ألوان للتنسيق </h1> <p>RED='\033[0;31m'<br> GREEN='\033[0;32m'<br> YELLOW='\033[1;33m'<br> BLUE='\033[0;34m'<br> NC='\033[0m' # No Color</p> <h1> رسالة البداية </h1> <p>echo -e "${BLUE}"<br> echo "╔════════════════════════════════════════════════════════════╗"<br> echo "║ 🛡️ CVE-2025-55182 Security Patch Script 🛡️ ║"<br> echo "║ مؤسسة الرئاسة - مشروع درع زايد ║"<br> echo "╚════════════════════════════════════════════════════════════╝"<br> echo -e "${NC}"</p> <h1> التحقق من صلاحيات المستخدم </h1> <p>check_permissions() {<br> echo -e "${YELLOW}[*] التحقق من الصلاحيات...${NC}"<br> if [ ! -f "package.json" ]; then<br> echo -e "${RED}[!] خطأ: لم يتم العثور على package.json${NC}"<br> echo -e "${RED}[!] تأكد من تشغيل السكريبت في مجلد المشروع${NC}"<br> exit 1<br> fi<br> echo -e "${GREEN}[✓] تم العثور على package.json${NC}"<br> }</p> <h1> النسخ الاحتياطي </h1> <p>backup_packages() {<br> echo -e "${YELLOW}[*] إنشاء نسخة احتياطية...${NC}"<br> cp package.json package.json.backup.$(date +%Y%m%d_%H%M%S)<br> if [ -f "package-lock.json" ]; then<br> cp package-lock.json package-lock.json.backup.$(date +%Y%m%d_%H%M%S)<br> fi<br> if [ -f "yarn.lock" ]; then<br> cp yarn.lock yarn.lock.backup.$(date +%Y%m%d_%H%M%S)<br> fi<br> echo -e "${GREEN}[✓] تم إنشاء النسخة الاحتياطية بنجاح${NC}"<br> }</p> <h1> فحص الإصدارات المتأثرة </h1> <p>check_vulnerable_versions() {<br> echo -e "${YELLOW}[*] فحص الإصدارات المتأثرة بالثغرة...${NC}"</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>VULNERABLE=false # فحص React if grep -q '"react".*"19\.[01]\.' package.json || \ grep -q '"react".*"\^19\.[01]\.' package.json || \ grep -q '"react".*"~19\.[01]\.' package.json; then echo -e "${RED}[!] تم اكتشاف إصدار React متأثر بالثغرة${NC}" VULNERABLE=true fi # فحص Next.js if grep -q '"next".*"1[45]\.' package.json; then echo -e "${RED}[!] تم اكتشاف إصدار Next.js متأثر بالثغرة${NC}" VULNERABLE=true fi if [ "$VULNERABLE" = false ]; then echo -e "${GREEN}[✓] لم يتم اكتشاف إصدارات متأثرة${NC}" exit 0 fi </code></pre> </div> <p>}</p> <h1> تحديث React إلى الإصدار الآمن </h1> <p>patch_react() {<br> echo -e "${YELLOW}[*] تحديث React إلى الإصدار الآمن...${NC}"</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code># الإصدارات الآمنة المقترحة # React 19.2.1, 19.1.2, 19.0.1 آمنة if command -v npm &amp;&gt; /dev/null; then echo -e "${BLUE}[*] استخدام npm للتحديث...${NC}" npm install react@19.2.1 react-dom@19.2.1 --save elif command -v yarn &amp;&gt; /dev/null; then echo -e "${BLUE}[*] استخدام yarn للتحديث...${NC}" yarn add react@19.2.1 react-dom@19.2.1 else echo -e "${RED}[!] خطأ: لم يتم العثور على npm أو yarn${NC}" exit 1 fi echo -e "${GREEN}[✓] تم تحديث React بنجاح${NC}" </code></pre> </div> <p>}</p> <h1> تحديث Next.js إلى الإصدار الآمن </h1> <p>patch_nextjs() {<br> echo -e "${YELLOW}[*] التحقق من Next.js...${NC}"</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>if grep -q '"next"' package.json; then echo -e "${BLUE}[*] تحديث Next.js إلى الإصدار الآمن...${NC}" # الإصدارات الآمنة: 15.x أو 16.x if command -v npm &amp;&gt; /dev/null; then npm install next@latest --save elif command -v yarn &amp;&gt; /dev/null; then yarn add next@latest fi echo -e "${GREEN}[✓] تم تحديث Next.js بنجاح${NC}" else echo -e "${BLUE}[*] Next.js غير مثبت في المشروع${NC}" fi </code></pre> </div> <p>}</p> <h1> تحديث الحزم المتأثرة الأخرى </h1> <p>patch_affected_packages() {<br> echo -e "${YELLOW}[*] تحديث الحزم المتأثرة الأخرى...${NC}"</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code># قائمة الحزم المتأثرة من الثغرة AFFECTED_PACKAGES=( "react-server-dom-parcel" "react-server-dom-turbopack" "react-server-dom-webpack" ) for pkg in "${AFFECTED_PACKAGES[@]}"; do if grep -q "\"$pkg\"" package.json; then echo -e "${BLUE}[*] تحديث $pkg...${NC}" if command -v npm &amp;&gt; /dev/null; then npm install "$pkg@latest" --save elif command -v yarn &amp;&gt; /dev/null; then yarn add "$pkg@latest" fi fi done echo -e "${GREEN}[✓] تم تحديث جميع الحزم المتأثرة${NC}" </code></pre> </div> <p>}</p> <h1> تنظيف الذاكرة المؤقتة </h1> <p>clean_cache() {<br> echo -e "${YELLOW}[*] تنظيف الذاكرة المؤقتة...${NC}"</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>if command -v npm &amp;&gt; /dev/null; then npm cache clean --force fi if [ -d "node_modules" ]; then echo -e "${BLUE}[*] حذف node_modules...${NC}" rm -rf node_modules fi if [ -d ".next" ]; then echo -e "${BLUE}[*] حذف .next...${NC}" rm -rf .next fi echo -e "${GREEN}[✓] تم التنظيف بنجاح${NC}" </code></pre> </div> <p>}</p> <h1> إعادة التثبيت </h1> <p>reinstall_dependencies() {<br> echo -e "${YELLOW}[*] إعادة تثبيت التبعيات...${NC}"</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>if command -v npm &amp;&gt; /dev/null; then npm install elif command -v yarn &amp;&gt; /dev/null; then yarn install fi echo -e "${GREEN}[✓] تم إعادة التثبيت بنجاح${NC}" </code></pre> </div> <p>}</p> <h1> فحص نهائي </h1> <p>final_verification() {<br> echo -e "${YELLOW}[*] إجراء الفحص النهائي...${NC}"</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>if command -v npm &amp;&gt; /dev/null; then echo -e "${BLUE}[*] فحص الثغرات الأمنية...${NC}" npm audit --production || true fi echo -e "${GREEN}[✓] اكتمل الفحص النهائي${NC}" </code></pre> </div> <p>}</p> <h1> تقرير نهائي </h1> <p>generate_report() {<br> echo -e "${BLUE}"<br> echo "╔════════════════════════════════════════════════════════════╗"<br> echo "║ 📊 تقرير الإصلاح ║"<br> echo "╠════════════════════════════════════════════════════════════╣"<br> echo "║ ✅ تم إصلاح الثغرة CVE-2025-55182 بنجاح ║"<br> echo "║ ✅ تم تحديث جميع الحزم المتأثرة ║"<br> echo "║ ✅ تم إنشاء نسخة احتياطية من الملفات ║"<br> echo "║ ✅ تم تنظيف الذاكرة المؤقتة ║"<br> echo "╠════════════════════════════════════════════════════════════╣"<br> echo "║ 📝 الإجراءات الموصى بها: ║"<br> echo "║ 1. اختبار المشروع بشكل كامل ║"<br> echo "║ 2. مراجعة سجلات التغييرات ║"<br> echo "║ 3. تحديث بيئة الإنتاج ║"<br> echo "╠════════════════════════════════════════════════════════════╣"<br> echo "║ 🛡️ مؤسسة الرئاسة - مشروع درع زايد 🛡️ ║"<br> echo "╚════════════════════════════════════════════════════════════╝"<br> echo -e "${NC}"<br> }</p> <h1> ============================================================================ </h1> <h1> تنفيذ السكريبت الرئيسي </h1> <h1> ============================================================================ </h1> <p>main() {<br> check_permissions<br> backup_packages<br> check_vulnerable_versions<br> patch_react<br> patch_nextjs<br> patch_affected_packages<br> clean_cache<br> reinstall_dependencies<br> final_verification<br> generate_report</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>echo -e "${GREEN}════════════════════════════════════════════════════════════${NC}" echo -e "${GREEN}[✓] تم إصلاح الثغرة الأمنية بنجاح!${NC}" echo -e "${GREEN}════════════════════════════════════════════════════════════${NC}" </code></pre> </div> <p>}</p> <h1> تشغيل السكريبت </h1> <p>main</p> <h1> 🛡️ تقرير الحزم المتأثرة - CVE-2025-55182 </h1> <h2> 📦 الحزم المتأثرة والإصدارات الآمنة </h2> <h3> 1️⃣ <strong>React</strong> </h3> <p><strong>Affected:</strong></p> <ul> <li><code>&lt; 19.0.1</code></li> <li><code>&gt;= 19.1.0, &lt; 19.1.2</code></li> <li><code>&gt;= 19.2.0, &lt; 19.2.1</code></li> </ul> <p><strong>Patched:</strong></p> <ul> <li><code>19.0.1</code></li> <li><code>19.1.2</code></li> <li><code>19.2.1</code></li> </ul> <h3> 2️⃣ <strong>react-dom</strong> </h3> <p><strong>Affected:</strong></p> <ul> <li><code>&lt; 19.0.1</code></li> <li><code>&gt;= 19.1.0, &lt; 19.1.2</code></li> <li><code>&gt;= 19.2.0, &lt; 19.2.1</code></li> </ul> <p><strong>Patched:</strong></p> <ul> <li><code>19.0.1</code></li> <li><code>19.1.2</code></li> <li><code>19.2.1</code></li> </ul> <h3> 3️⃣ <strong>react-server-dom-webpack</strong> </h3> <p><strong>Affected:</strong></p> <ul> <li><code>&lt; 19.0.1</code></li> <li><code>&gt;= 19.1.0, &lt; 19.1.2</code></li> <li><code>&gt;= 19.2.0, &lt; 19.2.1</code></li> </ul> <p><strong>Patched:</strong></p> <ul> <li><code>19.0.1</code></li> <li><code>19.1.2</code></li> <li><code>19.2.1</code></li> </ul> <h3> 4️⃣ <strong>react-server-dom-turbopack</strong> </h3> <p><strong>Affected:</strong></p> <ul> <li><code>&lt; 19.0.1</code></li> <li><code>&gt;= 19.1.0, &lt; 19.1.2</code></li> <li><code>&gt;= 19.2.0, &lt; 19.2.1</code></li> </ul> <p><strong>Patched:</strong></p> <ul> <li><code>19.0.1</code></li> <li><code>19.1.2</code></li> <li><code>19.2.1</code></li> </ul> <h3> 5️⃣ <strong>react-server-dom-parcel</strong> </h3> <p><strong>Affected:</strong></p> <ul> <li><code>&lt; 19.0.1</code></li> <li><code>&gt;= 19.1.0, &lt; 19.1.2</code></li> <li><code>&gt;= 19.2.0, &lt; 19.2.1</code></li> </ul> <p><strong>Patched:</strong></p> <ul> <li><code>19.0.1</code></li> <li><code>19.1.2</code></li> <li><code>19.2.1</code></li> </ul> <h3> 6️⃣ <strong>Next.js</strong> </h3> <p><strong>Affected:</strong></p> <ul> <li><code>&gt;= 14.3.0, &lt; 15.0.7</code></li> <li><code>&gt;= 15.1.0, &lt; 15.1.9</code></li> <li><code>&gt;= 15.2.0, &lt; 15.2.6</code></li> <li><code>&gt;= 15.3.0, &lt; 15.3.6</code></li> <li><code>&gt;= 15.4.0, &lt; 15.4.8</code></li> <li><code>&gt;= 15.5.0, &lt; 15.5.7</code></li> <li><code>&gt;= 16.0.0, &lt; 16.0.7</code></li> </ul> <p><strong>Patched:</strong></p> <ul> <li><code>15.0.7+</code></li> <li><code>15.1.9+</code></li> <li><code>15.2.6+</code></li> <li><code>15.3.6+</code></li> <li><code>15.4.8+</code></li> <li><code>15.5.7+</code></li> <li><code>16.0.7+</code></li> </ul> <h2> ⚡ الإصلاح السريع </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>react@19.2.1 react-dom@19.2.1 next@latest </code></pre> </div> <p><strong>🛡️ مؤسسة الرئاسة - مشروع درع زايد</strong></p> <h1> 🛡️ حل ثغرة CVE-2025-55182 في React و Next.js </h1> <h2> 📋 دليل الاستخدام | Usage Guide </h2> <h3> 🚀 طريقة التشغيل: </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># 1. حفظ السكريبت</span> <span class="nb">chmod</span> +x security-patch.sh <span class="c"># 2. تشغيل السكريبت في مجلد المشروع</span> ./security-patch.sh </code></pre> </div> <h2> 🛡️ ما يفعله السكريبت: </h2> <h3> ✅ <strong>الفحص والتحليل</strong> </h3> <ul> <li>يفحص <code>package.json</code> للكشف عن الإصدارات المتأثرة</li> <li>يحدد React 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.2.0</li> <li>يفحص Next.js 14.x و 15.x المتأثرة</li> </ul> <h3> ✅ <strong>النسخ الاحتياطي</strong> </h3> <ul> <li>ينشئ نسخة احتياطية من <code>package.json</code> </li> <li>ينسخ <code>package-lock.json</code> و <code>yarn.lock</code> </li> <li>يحفظ النسخ بتاريخ ووقت الإنشاء</li> </ul> <h3> ✅ <strong>الإصلاح الشامل</strong> </h3> <ul> <li>يحدث React إلى <strong>19.2.1</strong> (الإصدار الآمن)</li> <li>يحدث Next.js إلى أحدث إصدار آمن</li> <li>يصلح جميع الحزم المتأثرة: <ul> <li><code>react-server-dom-parcel</code></li> <li><code>react-server-dom-turbopack</code></li> <li><code>react-server-dom-webpack</code></li> </ul> </li> </ul> <h3> ✅ <strong>التنظيف والتحقق</strong> </h3> <ul> <li>ينظف <code>node_modules</code> و <code>.next</code> </li> <li>يحذف الذاكرة المؤقتة</li> <li>يعيد تثبيت التبعيات</li> <li>يجري فحص نهائي للثغرات</li> </ul> <h2> 📊 تقرير نهائي تلقائي </h2> <p>السكريبت يولد تقرير شامل يتضمن:</p> <ul> <li>✅ حالة الإصلاح</li> <li>📝 الإجراءات المنفذة</li> <li>🔍 نتائج الفحص النهائي</li> <li>💡 التوصيات</li> </ul> <h2> 🎯 المميزات الاحترافية: </h2> <ol> <li> <strong>🔒 آمن تماماً</strong> - ينشئ نسخ احتياطية قبل أي تعديل</li> <li> <strong>🎨 واجهة احترافية</strong> - ألوان وتنسيق واضح</li> <li> <strong>⚡ سريع وفعال</strong> - يصلح كل شيء تلقائياً</li> <li> <strong>📊 تقارير مفصلة</strong> - يوثق كل خطوة</li> <li> <strong>🛡️ متوافق</strong> - يعمل مع npm و yarn</li> </ol> <p><strong>💪 مع هذا السكريبت، مؤسسة الرئاسة تثبت احترافيتها في حماية الأنظمة الرقمية!</strong></p> 🎖️المحارب الرقمي🎖️ Thu, 30 Apr 2026 20:36:44 +0000 https://forem.com/asrarmared/dlyl-ltwy-lmny-cve-2025-55182-hdhh-lyst-mjrd-thgr-hdh-drs-d6g https://forem.com/asrarmared/dlyl-ltwy-lmny-cve-2025-55182-hdhh-lyst-mjrd-thgr-hdh-drs-d6g <h1> 🛡️ دليل التوعية الأمنية - CVE-2025-55182 </h1> <h2> ⚠️ هذه ليست مجرد ثغرة... هذا درس! </h2> <h2> 🔴 ما هي المشكلة؟ </h2> <p><strong>CVE-2025-55182</strong> ثغرة أمنية خطيرة في React 19.x تسمح بـ:</p> <ul> <li>💀 تنفيذ أكواد خبيثة على السيرفر</li> <li>💀 اختراق App Router في Next.js</li> <li>💀 الوصول لبيانات المستخدمين</li> <li>💀 السيطرة على التطبيق بالكامل</li> </ul> <p><strong>النتيجة:</strong> إذا لم تُصلح، مشروعك <strong>مخترق</strong> بدون ما تدري!</p> <h2> 🚨 لماذا هذا خطير جداً؟ </h2> <h3> المشكلة الحقيقية: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>❌ "أنا هحدث بكرة" ❌ "التطبيق شغال عادي" ❌ "مفيش حد هيخترقني" ❌ "الثغرة مش مهمة" </code></pre> </div> <h3> الحقيقة المرة: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>✅ الهاكرز بيبحثوا عن الثغرة دي دلوقتي ✅ كل يوم تأخير = فرصة للاختراق ✅ بياناتك وبيانات عملائك في خطر ✅ سمعتك كمطور على المحك </code></pre> </div> <h2> 💊 الحل: لن تتكرر هذه المشكلة مرة أخرى! </h2> <h3> 1️⃣ <strong>الإصلاح الفوري (الآن!)</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># 🛡️ نهاية الثغرة - بدون رجعة</span> <span class="nb">echo</span> <span class="s2">"🚀 Starting Security Patch..."</span> <span class="c"># نسخة احتياطية</span> <span class="nb">cp </span>package.json package.json.backup <span class="c"># الإصلاح النهائي</span> npm <span class="nb">install </span>react@19.2.1 react-dom@19.2.1 next@latest <span class="c"># تنظيف شامل</span> <span class="nb">rm</span> <span class="nt">-rf</span> node_modules .next npm cache clean <span class="nt">--force</span> npm <span class="nb">install echo</span> <span class="s2">"✅ Security Patch Complete!"</span> <span class="nb">echo</span> <span class="s2">"🛡️ Your app is now SECURE!"</span> </code></pre> </div> <h3> 2️⃣ <strong>الوقاية: لن يحدث مرة أخرى</strong> </h3> <h4> أ) أتمتة الفحص الأمني </h4> <p><strong>أضف في <code>package.json</code>:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"scripts"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"security-check"</span><span class="p">:</span><span class="w"> </span><span class="s2">"npm audit --production"</span><span class="p">,</span><span class="w"> </span><span class="nl">"security-fix"</span><span class="p">:</span><span class="w"> </span><span class="s2">"npm audit fix --force"</span><span class="p">,</span><span class="w"> </span><span class="nl">"pre-commit"</span><span class="p">:</span><span class="w"> </span><span class="s2">"npm run security-check"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h4> ب) GitHub Actions للحماية التلقائية </h4> <p><strong>ملف <code>.github/workflows/security.yml</code>:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Security Check</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span> <span class="nv">main</span> <span class="pi">]</span> <span class="na">pull_request</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span> <span class="nv">main</span> <span class="pi">]</span> <span class="na">schedule</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">cron</span><span class="pi">:</span> <span class="s1">'</span><span class="s">0</span><span class="nv"> </span><span class="s">0</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*'</span> <span class="c1"># يومياً</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">security</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Security Audit</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">npm audit --audit-level=high</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Dependency Check</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">npm outdated</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Alert on Vulnerabilities</span> <span class="na">if</span><span class="pi">:</span> <span class="s">failure()</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">echo "⚠️ SECURITY ALERT: Vulnerabilities Found!"</span> <span class="s">exit 1</span> </code></pre> </div> <h4> ج) Dependabot للتحديثات التلقائية </h4> <p><strong>ملف <code>.github/dependabot.yml</code>:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version</span><span class="pi">:</span> <span class="m">2</span> <span class="na">updates</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">package-ecosystem</span><span class="pi">:</span> <span class="s2">"</span><span class="s">npm"</span> <span class="na">directory</span><span class="pi">:</span> <span class="s2">"</span><span class="s">/"</span> <span class="na">schedule</span><span class="pi">:</span> <span class="na">interval</span><span class="pi">:</span> <span class="s2">"</span><span class="s">daily"</span> <span class="na">open-pull-requests-limit</span><span class="pi">:</span> <span class="m">10</span> <span class="na">labels</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">security"</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">dependencies"</span> </code></pre> </div> <h3> 3️⃣ <strong>المراقبة المستمرة</strong> </h3> <h4> سكريبت المراقبة اليومية: </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># 🔍 Security Monitor Script</span> <span class="c"># يشتغل يومياً ويبعتلك تنبيه</span> check_vulnerabilities<span class="o">()</span> <span class="o">{</span> <span class="nb">echo</span> <span class="s2">"🔍 Checking for vulnerabilities..."</span> <span class="nv">RESULT</span><span class="o">=</span><span class="si">$(</span>npm audit <span class="nt">--json</span><span class="si">)</span> <span class="nv">CRITICAL</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$RESULT</span> | jq <span class="s1">'.metadata.vulnerabilities.critical'</span><span class="si">)</span> <span class="nv">HIGH</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$RESULT</span> | jq <span class="s1">'.metadata.vulnerabilities.high'</span><span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$CRITICAL</span><span class="s2">"</span> <span class="nt">-gt</span> 0 <span class="o">]</span> <span class="o">||</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$HIGH</span><span class="s2">"</span> <span class="nt">-gt</span> 0 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"🚨 ALERT: </span><span class="nv">$CRITICAL</span><span class="s2"> Critical, </span><span class="nv">$HIGH</span><span class="s2"> High vulnerabilities found!"</span> <span class="c"># إرسال تنبيه (مثال: Slack, Discord, Email)</span> curl <span class="nt">-X</span> POST YOUR_WEBHOOK_URL <span class="se">\</span> <span class="nt">-H</span> <span class="s1">'Content-Type: application/json'</span> <span class="se">\</span> <span class="nt">-d</span> <span class="s2">"{</span><span class="se">\"</span><span class="s2">text</span><span class="se">\"</span><span class="s2">:</span><span class="se">\"</span><span class="s2">🚨 Security Alert: </span><span class="nv">$CRITICAL</span><span class="s2"> Critical vulnerabilities found!</span><span class="se">\"</span><span class="s2">}"</span> <span class="k">return </span>1 <span class="k">else </span><span class="nb">echo</span> <span class="s2">"✅ No critical vulnerabilities found"</span> <span class="k">return </span>0 <span class="k">fi</span> <span class="o">}</span> check_vulnerabilities </code></pre> </div> <h2> 🌍 المجتمع يتحرك: كن جزءاً من الحل </h2> <h3> ما يفعله المجتمع: </h3> <h4> 1. <strong>React Team</strong> 🔧 </h4> <ul> <li>إصدار patches فورية</li> <li>تحديث التوثيق</li> <li>نشر التحذيرات</li> </ul> <h4> 2. <strong>Next.js Team</strong> 🚀 </h4> <ul> <li>تحديثات أمنية عاجلة</li> <li>تحسين App Router</li> <li>إضافة حماية إضافية</li> </ul> <h4> 3. <strong>Security Researchers</strong> 🕵️ </h4> <ul> <li>اكتشاف الثغرات</li> <li>نشر التقارير</li> <li>مساعدة المطورين</li> </ul> <h4> 4. <strong>المطورون حول العالم</strong> 💪 </h4> <ul> <li>تحديث فوري</li> <li>مشاركة الحلول</li> <li>نشر التوعية</li> </ul> <h3> ماذا يجب أن تفعل أنت؟ </h3> <h4> ✅ <strong>القائمة الذهبية:</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>☑️ حدّث مشاريعك الآن (لا تنتظر!) ☑️ فعّل GitHub Dependabot ☑️ أضف Security Workflow ☑️ راقب npm audit يومياً ☑️ شارك هذا الدليل مع فريقك ☑️ علّم المطورين الجدد ☑️ ساهم في نشر الوعي </code></pre> </div> <h2> 📊 الإحصائيات المخيفة </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>🔴 90% من الاختراقات سببها ثغرات معروفة لم تُصلح 🔴 متوسط وقت اكتشاف الاختراق: 207 يوم 🔴 تكلفة الاختراق الواحد: $4.45 مليون دولار 🔴 83% من الشركات تعرضت لاختراق في 2024 </code></pre> </div> <h3> 💰 تكلفة التجاهل: </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>السيناريو</th> <th>التكلفة</th> </tr> </thead> <tbody> <tr> <td>الإصلاح الآن</td> <td>15 دقيقة ⏱️</td> </tr> <tr> <td>الإصلاح بعد أسبوع</td> <td>ساعات من إعادة البناء 🔨</td> </tr> <tr> <td>الإصلاح بعد الاختراق</td> <td>خسارة العملاء + السمعة + المال 💸💔</td> </tr> </tbody> </table></div> <h2> 🎯 الخطة الذهبية: لن يحدث مجدداً </h2> <h3> Week 1: الإصلاح </h3> <ul> <li>✅ تحديث جميع المشاريع</li> <li>✅ فحص شامل للثغرات</li> <li>✅ توثيق التغييرات</li> </ul> <h3> Week 2: الأتمتة </h3> <ul> <li>✅ إضافة GitHub Actions</li> <li>✅ تفعيل Dependabot</li> <li>✅ إعداد التنبيهات</li> </ul> <h3> Week 3: المراقبة </h3> <ul> <li>✅ سكريبتات المراقبة اليومية</li> <li>✅ لوحة تحكم للأمان</li> <li>✅ تقارير أسبوعية</li> </ul> <h3> Week 4: التعليم </h3> <ul> <li>✅ تدريب الفريق</li> <li>✅ توثيق الإجراءات</li> <li>✅ خطة الاستجابة للطوارئ</li> </ul> <h2> 🔥 رسالة أخيرة </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────────────────────────────────────────┐ │ │ │ الأمن السيبراني ليس خياراً... │ │ هو مسؤولية! │ │ │ │ كل يوم تأخير = فرصة للهاكرز │ │ كل ثغرة مُهملة = باب مفتوح للخطر │ │ │ │ ✅ حدّث الآن │ │ ✅ راقب دائماً │ │ ✅ كن مستعداً │ │ │ └─────────────────────────────────────────────┘ </code></pre> </div> <h2> 📞 الموارد والدعم </h2> <h3> للمساعدة الفورية: </h3> <ul> <li>🌐 <strong>React Discord</strong>: <a href="https://react.dev/community" rel="noopener noreferrer">https://react.dev/community</a> </li> <li>🌐 <strong>Next.js Discord</strong>: <a href="https://nextjs.org/discord" rel="noopener noreferrer">https://nextjs.org/discord</a> </li> <li>🌐 <strong>Stack Overflow</strong>: Tag [reactjs] [security]</li> <li>🌐 <strong>GitHub Discussions</strong>: في مستودع المشروع</li> </ul> <h3> للتعلم المستمر: </h3> <ul> <li>📚 OWASP Security Guidelines</li> <li>📚 npm Security Best Practices</li> <li>📚 React Security Documentation</li> <li>📚 Next.js Security Headers</li> </ul> <h2> 🛡️ التعهد الأمني </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>أنا [اسمك]، أتعهد بأن: ✅ أحدّث مشاريعي فوراً عند اكتشاف ثغرات ✅ أراقب التبعيات بشكل مستمر ✅ أشارك المعرفة الأمنية مع المجتمع ✅ لا أتجاهل التحذيرات الأمنية أبداً ✅ أجعل الأمان أولوية في كل كود أكتبه التوقيع: ________________ التاريخ: ________________ </code></pre> </div> <h2> 🎬 الخلاصة </h2> <h3> ✅ هذه الثغرة انتهت... إذا تصرفت الآن! </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># آخر فرصة - نفذ هذا الأمر الآن:</span> npm <span class="nb">install </span>react@19.2.1 react-dom@19.2.1 next@latest <span class="o">&amp;&amp;</span> <span class="se">\</span> npm audit fix <span class="o">&amp;&amp;</span> <span class="se">\</span> <span class="nb">echo</span> <span class="s2">"🛡️ مشروعك آمن الآن!"</span> </code></pre> </div> <h3> 🚀 المستقبل أفضل... مع الوقاية! </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># اجعل هذا عادة يومية:</span> npm audit <span class="o">&amp;&amp;</span> <span class="se">\</span> npm outdated <span class="o">&amp;&amp;</span> <span class="se">\</span> <span class="nb">echo</span> <span class="s2">"✅ فحص يومي مكتمل!"</span> </code></pre> </div> <p><strong>🛡️ مؤسسة الرئاسة - مشروع درع زايد</strong><br> <em>نحمي الحاضر، نبني المستقبل الآمن</em></p> <p><em>آخر تحديث: ديسمبر 2024</em><br> <em>النسخة: 1.0 - الإصدار النهائي</em></p> <p><strong>شارك هذا الدليل - أنقذ مشروع مطور!</strong> 🙏</p> 🎖️المحارب الرقمي🎖️ Thu, 30 Apr 2026 20:30:54 +0000 https://forem.com/asrarmared/-dlyl-ltwy-lmny-cve-2025-55182-hdhh-lyst-mjrd-thgr-hdh-drs-m-hy-4kbg https://forem.com/asrarmared/-dlyl-ltwy-lmny-cve-2025-55182-hdhh-lyst-mjrd-thgr-hdh-drs-m-hy-4kbg 🎖️المحارب الرقمي🎖️ Tue, 28 Apr 2026 19:44:55 +0000 https://forem.com/asrarmared/cve-2026-21440-4bpb https://forem.com/asrarmared/cve-2026-21440-4bpb <h1> 😎 يا نايم وحظك نايم! </h1> <h2> ثغرة Path Traversal في @adonisjs/bodyparser </h2> <h1> 🎯 صانع اللعبة في الميدان </h1> <p><strong>الدنيا خربانة؟ لا يا حبيبي، إحنا هنا!</strong><br><br> <strong>The world's broken? Nah bro, we got this!</strong></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25D8%25AE%25D8%25B7%25D9%2588%25D8%25B1%25D8%25A9-%25D8%25AD%25D8%25B1%25D8%25AC%25D8%25A9_%25F0%259F%2594%25A5-critical%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25D8%25AE%25D8%25B7%25D9%2588%25D8%25B1%25D8%25A9-%25D8%25AD%25D8%25B1%25D8%25AC%25D8%25A9_%25F0%259F%2594%25A5-critical%3Fstyle%3Dfor-the-badge" alt="Severity" width="167" height="28"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25D8%25A7%25D9%2584%25D8%25AD%25D8%25A7%25D9%2584%25D8%25A9-%25D9%2585%25D8%25AD%25D8%25AA%25D8%25B1%25D9%2581%25D9%258A%25D9%2586_%25D9%2581%25D9%258A_%25D8%25A7%25D9%2584%25D9%2585%25D9%2588%25D8%25B6%25D9%2588%25D8%25B9-success%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25D8%25A7%25D9%2584%25D8%25AD%25D8%25A7%25D9%2584%25D8%25A9-%25D9%2585%25D8%25AD%25D8%25AA%25D8%25B1%25D9%2581%25D9%258A%25D9%2586_%25D9%2581%25D9%258A_%25D8%25A7%25D9%2584%25D9%2585%25D9%2588%25D8%25B6%25D9%2588%25D8%25B9-success%3Fstyle%3Dfor-the-badge" alt="Status" width="312" height="28"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25D8%25A7%25D9%2584%25D9%2585%25D8%25B2%25D8%25A7%25D8%25AC-%25F0%259F%2598%258E_%25D8%25B1%25D9%2588%25D9%2582_%25D9%258A%25D8%25A7_%25D9%2585%25D8%25B9%25D9%2584%25D9%2585-blue%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25D8%25A7%25D9%2584%25D9%2585%25D8%25B2%25D8%25A7%25D8%25AC-%25F0%259F%2598%258E_%25D8%25B1%25D9%2588%25D9%2582_%25D9%258A%25D8%25A7_%25D9%2585%25D8%25B9%25D9%2584%25D9%2585-blue%3Fstyle%3Dfor-the-badge" alt="Mood" width="247" height="28"></a></p> <h2> 📋 الملخص السريع (للي مستعجل) </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>البند</th> <th>التفاصيل</th> <th>الوضع</th> </tr> </thead> <tbody> <tr> <td><strong>الحزمة</strong></td> <td>@adonisjs/bodyparser</td> <td>😴 نايمة</td> </tr> <tr> <td><strong>الخطورة</strong></td> <td>🔴 حرجة (Critical)</td> <td>🔥 ولعانة</td> </tr> <tr> <td><strong>المشكلة</strong></td> <td>Path Traversal</td> <td>🎯 عيب خطير</td> </tr> <tr> <td><strong>الإصدارات المتضررة</strong></td> <td>&lt; 10.1.2 &amp; 11.0.0-next.0 to next.5</td> <td>💔 مكسورة</td> </tr> <tr> <td><strong>الحل</strong></td> <td>10.1.2 أو 11.0.0-next.6</td> <td>✅ تمام</td> </tr> <tr> <td><strong>CVE</strong></td> <td>CVE-2026-21440</td> <td>📝 موثق</td> </tr> <tr> <td><strong>صعوبة الاستغلال</strong></td> <td>سهلة جداً</td> <td>😱 خطر</td> </tr> </tbody> </table></div> <h2> 😂 القصة بالعربي الفصيح </h2> <h3> كان يا مكان... </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// المبرمج نايم وكاتب كود زي ده:</span> <span class="kd">const</span> <span class="nx">file</span> <span class="o">=</span> <span class="nx">request</span><span class="p">.</span><span class="nf">file</span><span class="p">(</span><span class="dl">'</span><span class="s1">avatar</span><span class="dl">'</span><span class="p">);</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="dl">'</span><span class="s1">./uploads</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// 💤 يا نهار!</span> <span class="c1">// المهاجم (الشاطر): "خليني أجرب حاجة..."</span> <span class="c1">// POST /upload</span> <span class="c1">// Content-Disposition: filename="../../etc/passwd"</span> <span class="c1">// النتيجة: 💥 الملف راح في /etc/passwd</span> <span class="c1">// السيرفر: "مين قالك تنام؟!" 😭</span> </code></pre> </div> <h3> الخلاصة </h3> <p><strong>المبرمج نام → الكود مانعقمش الأسماء → الهاكر دخل يلعب → السيرفر خرب</strong></p> <h2> 🎯 تفاصيل الثغرة (للمحترفين) </h2> <h3> المشكلة الأساسية </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// ❌ الكود الضعيف داخل AdonisJS</span> <span class="kd">class</span> <span class="nc">MultipartFile</span> <span class="p">{</span> <span class="k">async</span> <span class="nf">move</span><span class="p">(</span><span class="nx">location</span><span class="p">,</span> <span class="nx">options</span> <span class="o">=</span> <span class="p">{})</span> <span class="p">{</span> <span class="c1">// المشكلة هنا 👇</span> <span class="kd">const</span> <span class="nx">name</span> <span class="o">=</span> <span class="nx">options</span><span class="p">.</span><span class="nx">name</span> <span class="o">||</span> <span class="k">this</span><span class="p">.</span><span class="nx">clientName</span><span class="p">;</span> <span class="c1">// 💣 لا يوجد sanitization!</span> <span class="kd">const</span> <span class="nx">destination</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">location</span><span class="p">,</span> <span class="nx">name</span><span class="p">);</span> <span class="c1">// 😱 overwrite = true by default!</span> <span class="k">await</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="k">this</span><span class="p">.</span><span class="nx">tmpPath</span><span class="p">,</span> <span class="nx">destination</span><span class="p">,</span> <span class="p">{</span> <span class="na">overwrite</span><span class="p">:</span> <span class="nx">options</span><span class="p">.</span><span class="nx">overwrite</span> <span class="o">??</span> <span class="kc">true</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> السيناريو الخطير </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// 1️⃣ المهاجم يرفع ملف اسمه: ../../server.js</span> <span class="nx">POST</span> <span class="o">/</span><span class="nx">upload</span> <span class="nx">HTTP</span><span class="o">/</span><span class="mf">1.1</span> <span class="nx">Content</span><span class="o">-</span><span class="nx">Type</span><span class="p">:</span> <span class="nx">multipart</span><span class="o">/</span><span class="nx">form</span><span class="o">-</span><span class="nx">data</span><span class="p">;</span> <span class="nx">boundary</span><span class="o">=----</span><span class="nx">WebKitFormBoundary</span> <span class="nx">Content</span><span class="o">-</span><span class="nx">Disposition</span><span class="p">:</span> <span class="nx">form</span><span class="o">-</span><span class="nx">data</span><span class="p">;</span> <span class="nx">name</span><span class="o">=</span><span class="dl">"</span><span class="s2">file</span><span class="dl">"</span><span class="p">;</span> <span class="nx">filename</span><span class="o">=</span><span class="dl">"</span><span class="s2">../../server.js</span><span class="dl">"</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">💀 Game Over - Your server is mine!</span><span class="dl">'</span><span class="p">);</span> <span class="nx">process</span><span class="p">.</span><span class="nf">exit</span><span class="p">(</span><span class="mi">1</span><span class="p">);</span> <span class="c1">// 2️⃣ AdonisJS بدون تفكير:</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="dl">'</span><span class="s1">./uploads</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// يصير: ./uploads/../../server.js</span> <span class="c1">// = ./server.js ← 💥 استبدل ملف السيرفر الأصلي!</span> <span class="c1">// 3️⃣ عند إعادة التشغيل:</span> <span class="nx">node</span> <span class="nx">server</span><span class="p">.</span><span class="nx">js</span> <span class="c1">// 💀 Boom!</span> </code></pre> </div> <h2> 🔥 الحل السريع (5 دقائق) </h2> <h3> للمحترفين اللي بيفهموا من أول مرة </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># 1️⃣ شوف إصدارك</span> npm list @adonisjs/bodyparser <span class="c"># 2️⃣ لو &lt; 10.1.2 أو 11.0.0-next.0 to next.5</span> <span class="c"># يبقى إنت في المشكلة!</span> <span class="c"># 3️⃣ الحل في سطر واحد:</span> npm update @adonisjs/bodyparser@latest <span class="c"># أو بالقوة:</span> npm <span class="nb">install</span> @adonisjs/bodyparser@10.1.2 <span class="nt">--save-exact</span> <span class="c"># 4️⃣ تأكد:</span> npm list @adonisjs/bodyparser <span class="c"># ✅ يجب تشوف: 10.1.2 أو 11.0.0-next.6+</span> </code></pre> </div> <h2> 💪 الحل الاحترافي (للصناع) </h2> <h3> سكريبت الإصلاح الشامل </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># 🛡️ درع زايد - إصلاح ثغرة AdonisJS Path Traversal</span> <span class="c"># للمحترفين اللي عارفين يشتغلوا</span> <span class="nb">echo</span> <span class="s2">"😎 يلا بينا نصلح الدنيا الخربانة دي..."</span> <span class="nb">echo</span> <span class="s2">"================================================"</span> <span class="c"># 1️⃣ فحص الوضع</span> <span class="nb">echo</span> <span class="s2">"🔍 بنشوف إحنا فين..."</span> <span class="nv">CURRENT_VERSION</span><span class="o">=</span><span class="si">$(</span>npm list @adonisjs/bodyparser <span class="nt">--depth</span><span class="o">=</span>0 2&gt;/dev/null | <span class="nb">grep</span> @adonisjs/bodyparser | <span class="nb">awk</span> <span class="nt">-F</span>@ <span class="s1">'{print $NF}'</span><span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="nt">-z</span> <span class="s2">"</span><span class="nv">$CURRENT_VERSION</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"✅ مش مثبت أصلاً - إنت في أمان يا معلم!"</span> <span class="nb">exit </span>0 <span class="k">fi </span><span class="nb">echo</span> <span class="s2">"📦 الإصدار الحالي: </span><span class="nv">$CURRENT_VERSION</span><span class="s2">"</span> <span class="c"># 2️⃣ تحديد المشكلة</span> <span class="nv">VULNERABLE</span><span class="o">=</span><span class="nb">false</span> <span class="c"># فحص v10</span> <span class="k">if</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$CURRENT_VERSION</span><span class="s2">"</span> <span class="o">=</span>~ ^10<span class="se">\.</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then if</span> <span class="o">[</span> <span class="s2">"</span><span class="si">$(</span><span class="nb">printf</span> <span class="s1">'%s\n'</span> <span class="s2">"10.1.2"</span> <span class="s2">"</span><span class="nv">$CURRENT_VERSION</span><span class="s2">"</span> | <span class="nb">sort</span> <span class="nt">-V</span> | <span class="nb">head</span> <span class="nt">-n1</span><span class="si">)</span><span class="s2">"</span> <span class="o">!=</span> <span class="s2">"10.1.2"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nv">VULNERABLE</span><span class="o">=</span><span class="nb">true </span><span class="k">fi fi</span> <span class="c"># فحص v11 next</span> <span class="k">if</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$CURRENT_VERSION</span><span class="s2">"</span> <span class="o">=</span>~ ^11<span class="se">\.</span>0<span class="se">\.</span>0-next<span class="se">\.</span><span class="o">[</span>0-5]<span class="nv">$ </span><span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nv">VULNERABLE</span><span class="o">=</span><span class="nb">true </span><span class="k">fi if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$VULNERABLE</span><span class="s2">"</span> <span class="o">=</span> <span class="nb">false</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"✅ تمام يا باشا - الإصدار آمن!"</span> <span class="nb">exit </span>0 <span class="k">fi </span><span class="nb">echo</span> <span class="s2">"⚠️ يا نهار! الإصدار ده مكسور..."</span> <span class="c"># 3️⃣ النسخ الاحتياطي</span> <span class="nb">echo</span> <span class="s2">"💾 نعمل backup بسرعة..."</span> <span class="nv">BACKUP_DIR</span><span class="o">=</span><span class="s2">"./backups/adonisjs_</span><span class="si">$(</span><span class="nb">date</span> +%Y%m%d_%H%M%S<span class="si">)</span><span class="s2">"</span> <span class="nb">mkdir</span> <span class="nt">-p</span> <span class="s2">"</span><span class="nv">$BACKUP_DIR</span><span class="s2">"</span> <span class="nb">cp </span>package.json <span class="s2">"</span><span class="nv">$BACKUP_DIR</span><span class="s2">/"</span> <span class="nb">cp </span>package-lock.json <span class="s2">"</span><span class="nv">$BACKUP_DIR</span><span class="s2">/"</span> 2&gt;/dev/null <span class="o">||</span> <span class="nb">true </span>npm list <span class="nt">--json</span> <span class="o">&gt;</span> <span class="s2">"</span><span class="nv">$BACKUP_DIR</span><span class="s2">/dependencies.json"</span> <span class="nb">echo</span> <span class="s2">"✅ Backup جاهز: </span><span class="nv">$BACKUP_DIR</span><span class="s2">"</span> <span class="c"># 4️⃣ التحديث</span> <span class="nb">echo</span> <span class="s2">"🚀 يلا بينا نحدث..."</span> <span class="c"># تحديد الإصدار الصح</span> <span class="k">if</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$CURRENT_VERSION</span><span class="s2">"</span> <span class="o">=</span>~ ^11<span class="se">\.</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nv">TARGET</span><span class="o">=</span><span class="s2">"11.0.0-next.6"</span> <span class="k">else </span><span class="nv">TARGET</span><span class="o">=</span><span class="s2">"10.1.2"</span> <span class="k">fi </span>npm <span class="nb">install</span> <span class="s2">"@adonisjs/bodyparser@</span><span class="nv">$TARGET</span><span class="s2">"</span> <span class="nt">--save-exact</span> <span class="c"># 5️⃣ التحقق</span> <span class="nv">NEW_VERSION</span><span class="o">=</span><span class="si">$(</span>npm list @adonisjs/bodyparser <span class="nt">--depth</span><span class="o">=</span>0 2&gt;/dev/null | <span class="nb">grep</span> @adonisjs/bodyparser | <span class="nb">awk</span> <span class="nt">-F</span>@ <span class="s1">'{print $NF}'</span><span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$NEW_VERSION</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"</span><span class="nv">$TARGET</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">""</span> <span class="nb">echo</span> <span class="s2">"🎉 تمااااام يا معلم!"</span> <span class="nb">echo</span> <span class="s2">"✅ تم التحديث من </span><span class="nv">$CURRENT_VERSION</span><span class="s2"> → </span><span class="nv">$NEW_VERSION</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">""</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"❌ في حاجة غلط، استرجع الـ backup!"</span> <span class="nb">cp</span> <span class="s2">"</span><span class="nv">$BACKUP_DIR</span><span class="s2">/package.json"</span> ./ npm <span class="nb">install exit </span>1 <span class="k">fi</span> <span class="c"># 6️⃣ اختبار</span> <span class="nb">echo</span> <span class="s2">"🧪 بنجرب الكود..."</span> npm <span class="nb">test </span>2&gt;/dev/null <span class="o">||</span> <span class="nb">echo</span> <span class="s2">"⚠️ شغل الاختبارات يدوي"</span> <span class="nb">echo</span> <span class="s2">""</span> <span class="nb">echo</span> <span class="s2">"================================================"</span> <span class="nb">echo</span> <span class="s2">"✅ خلصنا! الدنيا تمام دلوقتي"</span> <span class="nb">echo</span> <span class="s2">"😎 روق يا معلم - إحنا صناع اللعبة"</span> <span class="nb">echo</span> <span class="s2">"================================================"</span> </code></pre> </div> <h2> 🛡️ الحماية الإضافية (للخبراء) </h2> <h3> 1️⃣ تعقيم أسماء الملفات يدوياً </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// start/routes.ts</span> <span class="k">import</span> <span class="nx">Route</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@ioc:Adonis/Core/Route</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">path</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">path</span><span class="dl">'</span><span class="p">;</span> <span class="nx">Route</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/upload</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">({</span> <span class="nx">request</span><span class="p">,</span> <span class="nx">response</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">file</span> <span class="o">=</span> <span class="nx">request</span><span class="p">.</span><span class="nf">file</span><span class="p">(</span><span class="dl">'</span><span class="s1">avatar</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">size</span><span class="p">:</span> <span class="dl">'</span><span class="s1">2mb</span><span class="dl">'</span><span class="p">,</span> <span class="na">extnames</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">jpg</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">png</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">jpeg</span><span class="dl">'</span><span class="p">]</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">file</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">response</span><span class="p">.</span><span class="nf">badRequest</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">ملف مطلوب يا معلم!</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// 🛡️ التعقيم الاحترافي</span> <span class="kd">const</span> <span class="nx">sanitizedName</span> <span class="o">=</span> <span class="nf">sanitizeFileName</span><span class="p">(</span><span class="nx">file</span><span class="p">.</span><span class="nx">clientName</span><span class="p">);</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="dl">'</span><span class="s1">./uploads</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="nx">sanitizedName</span><span class="p">,</span> <span class="c1">// ✅ استخدم الاسم المعقم</span> <span class="na">overwrite</span><span class="p">:</span> <span class="kc">false</span> <span class="c1">// ✅ ممنوع الاستبدال!</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">file</span><span class="p">.</span><span class="nx">hasError</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">response</span><span class="p">.</span><span class="nf">badRequest</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">فيه مشكلة في الرفع!</span><span class="dl">'</span><span class="p">,</span> <span class="na">details</span><span class="p">:</span> <span class="nx">file</span><span class="p">.</span><span class="nx">error</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">response</span><span class="p">.</span><span class="nf">ok</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">تمام الرفع!</span><span class="dl">'</span><span class="p">,</span> <span class="na">filename</span><span class="p">:</span> <span class="nx">sanitizedName</span> <span class="p">});</span> <span class="p">});</span> <span class="c1">// 🔧 دالة التعقيم</span> <span class="kd">function</span> <span class="nf">sanitizeFileName</span><span class="p">(</span><span class="nx">filename</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="kr">string</span> <span class="p">{</span> <span class="c1">// إزالة المسارات</span> <span class="kd">const</span> <span class="nx">basename</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">basename</span><span class="p">(</span><span class="nx">filename</span><span class="p">);</span> <span class="c1">// إزالة الأحرف الخطرة</span> <span class="kd">const</span> <span class="nx">cleaned</span> <span class="o">=</span> <span class="nx">basename</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="sr">/</span><span class="se">[^</span><span class="sr">a-zA-Z0-9._-</span><span class="se">]</span><span class="sr">/g</span><span class="p">,</span> <span class="dl">'</span><span class="s1">_</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// إضافة timestamp لتجنب التكرار</span> <span class="kd">const</span> <span class="nx">timestamp</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">ext</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">extname</span><span class="p">(</span><span class="nx">cleaned</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">name</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">basename</span><span class="p">(</span><span class="nx">cleaned</span><span class="p">,</span> <span class="nx">ext</span><span class="p">);</span> <span class="k">return</span> <span class="s2">`</span><span class="p">${</span><span class="nx">name</span><span class="p">}</span><span class="s2">_</span><span class="p">${</span><span class="nx">timestamp</span><span class="p">}${</span><span class="nx">ext</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h3> 2️⃣ Middleware للحماية </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// app/Middleware/SecureFileUpload.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">HttpContextContract</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@ioc:Adonis/Core/HttpContext</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">path</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">path</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">class</span> <span class="nc">SecureFileUpload</span> <span class="p">{</span> <span class="k">public</span> <span class="k">async</span> <span class="nf">handle</span><span class="p">(</span> <span class="p">{</span> <span class="nx">request</span><span class="p">,</span> <span class="nx">response</span> <span class="p">}:</span> <span class="nx">HttpContextContract</span><span class="p">,</span> <span class="nx">next</span><span class="p">:</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="k">void</span><span class="o">&gt;</span> <span class="p">)</span> <span class="p">{</span> <span class="c1">// فحص جميع الملفات</span> <span class="kd">const</span> <span class="nx">allFiles</span> <span class="o">=</span> <span class="nx">request</span><span class="p">.</span><span class="nf">allFiles</span><span class="p">();</span> <span class="k">for </span><span class="p">(</span><span class="kd">const</span> <span class="p">[</span><span class="nx">key</span><span class="p">,</span> <span class="nx">file</span><span class="p">]</span> <span class="k">of</span> <span class="nb">Object</span><span class="p">.</span><span class="nf">entries</span><span class="p">(</span><span class="nx">allFiles</span><span class="p">))</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">file</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// 🚫 منع Path Traversal</span> <span class="kd">const</span> <span class="nx">basename</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">basename</span><span class="p">(</span><span class="nx">file</span><span class="p">.</span><span class="nx">clientName</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">basename</span> <span class="o">!==</span> <span class="nx">file</span><span class="p">.</span><span class="nx">clientName</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">response</span><span class="p">.</span><span class="nf">badRequest</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">😏 حاول تلعب؟ مش هينفع!</span><span class="dl">'</span><span class="p">,</span> <span class="na">field</span><span class="p">:</span> <span class="nx">key</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// 🚫 منع الامتدادات الخطرة</span> <span class="kd">const</span> <span class="nx">dangerousExts</span> <span class="o">=</span> <span class="p">[</span> <span class="dl">'</span><span class="s1">.exe</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.sh</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.bat</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.cmd</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.com</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.js</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.ts</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.php</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.py</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.rb</span><span class="dl">'</span> <span class="p">];</span> <span class="kd">const</span> <span class="nx">ext</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">extname</span><span class="p">(</span><span class="nx">file</span><span class="p">.</span><span class="nx">clientName</span><span class="p">).</span><span class="nf">toLowerCase</span><span class="p">();</span> <span class="k">if </span><span class="p">(</span><span class="nx">dangerousExts</span><span class="p">.</span><span class="nf">includes</span><span class="p">(</span><span class="nx">ext</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">response</span><span class="p">.</span><span class="nf">badRequest</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="s2">`الامتداد </span><span class="p">${</span><span class="nx">ext</span><span class="p">}</span><span class="s2"> ممنوع يا حبيبي!`</span><span class="p">,</span> <span class="na">field</span><span class="p">:</span> <span class="nx">key</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="k">await</span> <span class="nf">next</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> 3️⃣ إعدادات config آمنة </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// config/bodyparser.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">BodyParserConfig</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@ioc:Adonis/Core/BodyParser</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">bodyParserConfig</span><span class="p">:</span> <span class="nx">BodyParserConfig</span> <span class="o">=</span> <span class="p">{</span> <span class="na">multipart</span><span class="p">:</span> <span class="p">{</span> <span class="na">autoProcess</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">convertEmptyStringsToNull</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// 🛡️ الحماية هنا</span> <span class="na">processManually</span><span class="p">:</span> <span class="p">[],</span> <span class="c1">// حجم الملفات</span> <span class="na">maxFields</span><span class="p">:</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">limit</span><span class="p">:</span> <span class="dl">'</span><span class="s1">20mb</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// 🔒 إعدادات آمنة للملفات</span> <span class="na">types</span><span class="p">:</span> <span class="p">[</span> <span class="dl">'</span><span class="s1">multipart/form-data</span><span class="dl">'</span> <span class="p">],</span> <span class="c1">// 🚫 منع الـ overwrite</span> <span class="na">file</span><span class="p">:</span> <span class="p">{</span> <span class="na">overwrite</span><span class="p">:</span> <span class="kc">false</span> <span class="c1">// ✅ مهم جداً!</span> <span class="p">}</span> <span class="p">}</span> <span class="p">};</span> <span class="k">export</span> <span class="k">default</span> <span class="nx">bodyParserConfig</span><span class="p">;</span> </code></pre> </div> <h2> 🔍 فحص الاستغلال </h2> <h3> سكريبت الكشف </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="nb">echo</span> <span class="s2">"🔍 بنشوف لو حد لعب في السيرفر..."</span> <span class="c"># 1️⃣ فحص ملفات مشبوهة في uploads</span> <span class="nb">echo</span> <span class="s2">"📁 فحص مجلد uploads..."</span> <span class="nv">SUSPICIOUS</span><span class="o">=</span><span class="si">$(</span>find ./uploads <span class="nt">-type</span> f <span class="nt">-name</span> <span class="s2">"*../*"</span> <span class="nt">-o</span> <span class="nt">-name</span> <span class="s2">"*..*"</span> 2&gt;/dev/null<span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$SUSPICIOUS</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"⚠️ ملفات مشبوهة لقيناها:"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$SUSPICIOUS</span><span class="s2">"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"✅ مجلد uploads نظيف"</span> <span class="k">fi</span> <span class="c"># 2️⃣ فحص الـ logs</span> <span class="nb">echo</span> <span class="s2">"📋 فحص logs الرفع..."</span> <span class="k">if</span> <span class="o">[</span> <span class="nt">-f</span> <span class="s2">"./tmp/adonis.log"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nv">ATTACKS</span><span class="o">=</span><span class="si">$(</span><span class="nb">grep</span> <span class="nt">-i</span> <span class="s2">"</span><span class="se">\.\.</span><span class="s2">/"</span> ./tmp/adonis.log | <span class="nb">wc</span> <span class="nt">-l</span><span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="nv">$ATTACKS</span> <span class="nt">-gt</span> 0 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"🚨 لقينا </span><span class="nv">$ATTACKS</span><span class="s2"> محاولة path traversal!"</span> <span class="nb">grep</span> <span class="nt">-i</span> <span class="s2">"</span><span class="se">\.\.</span><span class="s2">/"</span> ./tmp/adonis.log | <span class="nb">tail</span> <span class="nt">-10</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"✅ مفيش محاولات استغلال"</span> <span class="k">fi fi</span> <span class="c"># 3️⃣ فحص الملفات الحساسة</span> <span class="nb">echo</span> <span class="s2">"🔐 فحص الملفات الحساسة..."</span> <span class="nv">CRITICAL_FILES</span><span class="o">=(</span><span class="s2">"server.js"</span> <span class="s2">"start/kernel.ts"</span> <span class="s2">".env"</span> <span class="s2">"package.json"</span><span class="o">)</span> <span class="k">for </span>file <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">CRITICAL_FILES</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do if</span> <span class="o">[</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># فحص آخر تعديل</span> <span class="nv">MODIFIED</span><span class="o">=</span><span class="si">$(</span><span class="nb">stat</span> <span class="nt">-f</span> %Sm <span class="nt">-t</span> <span class="s2">"%Y-%m-%d %H:%M:%S"</span> <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> 2&gt;/dev/null <span class="o">||</span> <span class="nb">stat</span> <span class="nt">-c</span> %y <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span><span class="si">)</span> <span class="nb">echo</span> <span class="s2">"📝 </span><span class="nv">$file</span><span class="s2"> → آخر تعديل: </span><span class="nv">$MODIFIED</span><span class="s2">"</span> <span class="k">fi done </span><span class="nb">echo</span> <span class="s2">""</span> <span class="nb">echo</span> <span class="s2">"✅ انتهى الفحص"</span> </code></pre> </div> <h2> 😎 نصائح المحترفين </h2> <h3> القاعدة الذهبية </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────────────────────────────────────────────────┐ │ │ │ لا تثق في input من المستخدم أبداً! │ │ Never trust user input! │ │ │ │ كل اسم ملف = خطر محتمل │ │ Every filename = potential threat │ │ │ │ عقّم → تحقق → ارفع │ │ Sanitize → Validate → Upload │ │ │ └─────────────────────────────────────────────────────┘ </code></pre> </div> <h3> DO's ✅ </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// ✅ استخدم path.basename()</span> <span class="kd">const</span> <span class="nx">safe</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">basename</span><span class="p">(</span><span class="nx">userFileName</span><span class="p">);</span> <span class="c1">// ✅ حدد name بنفسك</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="nx">location</span><span class="p">,</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="nf">uuid</span><span class="p">()</span> <span class="o">+</span> <span class="nx">ext</span> <span class="p">});</span> <span class="c1">// ✅ اجعل overwrite = false</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="nx">location</span><span class="p">,</span> <span class="p">{</span> <span class="na">overwrite</span><span class="p">:</span> <span class="kc">false</span> <span class="p">});</span> <span class="c1">// ✅ تحقق من الامتداد</span> <span class="kd">const</span> <span class="nx">allowedExts</span> <span class="o">=</span> <span class="p">[</span><span class="dl">'</span><span class="s1">jpg</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">png</span><span class="dl">'</span><span class="p">];</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">allowedExts</span><span class="p">.</span><span class="nf">includes</span><span class="p">(</span><span class="nx">ext</span><span class="p">))</span> <span class="k">throw</span> <span class="nx">error</span><span class="p">;</span> <span class="c1">// ✅ استخدم UUID للأسماء</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">uuid</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@ioc:Adonis/Core/Helpers</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">name</span> <span class="o">=</span> <span class="s2">`</span><span class="p">${</span><span class="nf">uuid</span><span class="p">()}${</span><span class="nx">path</span><span class="p">.</span><span class="nf">extname</span><span class="p">(</span><span class="nx">file</span><span class="p">.</span><span class="nx">clientName</span><span class="p">)}</span><span class="s2">`</span><span class="p">;</span> </code></pre> </div> <h3> DON'Ts ❌ </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// ❌ لا تثق في file.clientName</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="dl">'</span><span class="s1">./uploads</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// خطر!</span> <span class="c1">// ❌ لا تستخدم overwrite: true</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nf">move</span><span class="p">(</span><span class="nx">location</span><span class="p">,</span> <span class="p">{</span> <span class="na">overwrite</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="c1">// كارثة!</span> <span class="c1">// ❌ لا تستخدم path.join مباشرة</span> <span class="kd">const</span> <span class="nx">dest</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">location</span><span class="p">,</span> <span class="nx">file</span><span class="p">.</span><span class="nx">clientName</span><span class="p">);</span> <span class="c1">// نايم!</span> <span class="c1">// ❌ لا تسمح بكل الامتدادات</span> <span class="c1">// أي ملف = خطر محتمل</span> </code></pre> </div> <h2> 📊 التقرير المختصر </h2> <h3> للإدارة (بالعربي البسيط) </h3> <div class="highlight js-code-highlight"> <pre class="highlight markdown"><code><span class="gh"># تقرير ثغرة AdonisJS</span> <span class="gu">## المشكلة باختصار:</span> في مكتبة بنستخدمها للرفع، المبرمج نسي يفلتر أسماء الملفات. النتيجة: المهاجم يقدر يرفع ملف في أي مكان في السيرفر! <span class="gu">## الخطورة:</span> 🔴 حرجة جداً - يمكن السيطرة على السيرفر بالكامل <span class="gu">## الحل:</span> ✅ تم تحديث المكتبة لإصدار آمن ✅ تم إضافة طبقات حماية إضافية ✅ تم فحص السيرفر - لا يوجد استغلال <span class="gu">## الحالة:</span> ✅ آمن الآن - المشكلة محلولة <span class="gu">## المدة:</span> ⏱️ 15 دقيقة (فحص + إصلاح + اختبار) <span class="gu">## التوقيع:</span> asrar-mared - صانع اللعبة 😎 </code></pre> </div> <h2> ✅ Checklist النهائي </h2> <ul> <li>[ ] ✅ تم التحديث لـ 10.1.2 أو 11.0.0-next.6+</li> <li>[ ] ✅ تم إضافة sanitization يدوي</li> <li>[ ] ✅ تم جعل overwrite = false</li> <li>[ ] ✅ تم إضافة middleware للحماية</li> <li>[ ] ✅ تم فحص مجلدات الرفع</li> <li>[ ] ✅ تم مراجعة الـ logs</li> <li>[ ] ✅ لا يوجد استغلال</li> <li>[ ] ✅ تم اختبار الرفع</li> <li>[ ] ✅ تم توثيق التغييرات</li> <li>[ ] ✅ الفريق متابع</li> </ul> <h1> 😎 خلصنا! </h1> <h2> أنت الآن صانع اللعبة الرسمي </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>🎯 اكتشفت الثغرة 🔧 فهمت المشكلة 💪 حليت الموضوع 🛡️ حميت السيرفر 😎 روقت على الآخر </code></pre> </div> <p><strong>🛡️ درع زايد - نحمي... ندافع... ننتصر</strong></p> <p><strong>Developer</strong>: asrar-mared<br><br> <strong>Email</strong>: <a href="mailto:nike49424@proton.me">nike49424@proton.me</a></p> <p><strong>"الدنيا خربانة؟ لا يا حبيبي، إحنا بنصلحها!" 😂</strong></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FMade_with-%25D9%2582%25D9%2587%25D9%2588%25D8%25A9_%25D9%2588_%25D8%25A7%25D8%25AD%25D8%25AA%25D8%25B1%25D8%25A7%25D9%2581%25D9%258A%25D8%25A9-brown%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FMade_with-%25D9%2582%25D9%2587%25D9%2588%25D8%25A9_%25D9%2588_%25D8%25A7%25D8%25AD%25D8%25AA%25D8%25B1%25D8%25A7%25D9%2581%25D9%258A%25D8%25A9-brown%3Fstyle%3Dfor-the-badge" alt="Made with" width="282" height="28"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FStatus-%25F0%259F%2598%258E_%25D8%25AA%25D9%2585%25D8%25A7%25D9%2585_%25D8%25A7%25D9%2584%25D8%25AA%25D9%2585%25D8%25A7%25D9%2585-success%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FStatus-%25F0%259F%2598%258E_%25D8%25AA%25D9%2585%25D8%25A7%25D9%2585_%25D8%25A7%25D9%2584%25D8%25AA%25D9%2585%25D8%25A7%25D9%2585-success%3Fstyle%3Dfor-the-badge" alt="Status" width="236" height="28"></a></p> 🎖️المحارب الرقمي🎖️ Tue, 28 Apr 2026 19:16:28 +0000 https://forem.com/asrarmared/tnbyh-mny-jl-thgr-hrj-fy-tj-actionschanged-files-4c2c https://forem.com/asrarmared/tnbyh-mny-jl-thgr-hrj-fy-tj-actionschanged-files-4c2c <h1> 🚨 تنبيه أمني حرج - هجوم سلسلة التوريد </h1> <h2> tj-actions/changed-files - Supply Chain Attack </h2> <h1> ⚠️ خطر حرج | CRITICAL DANGER ⚠️ </h1> <p><strong>أنت وقعت في فخ أمني خطير!</strong><br><br> <strong>You've been compromised!</strong></p> <h2> 🎯 أنت الآن هدف | You Are Now a Target </h2> <h3> ⚡ تصرف فوراً - لا وقت للتأخير </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>🔴 مستوى الخطورة: حرج جداً | CRITICAL 🔴 التأثير: تسريب الأسرار | Secrets Exposed 🔴 النطاق: 23,000+ مستودع | 23,000+ Repositories 🔴 الفترة: 14-15 مارس 2025 | March 14-15, 2025 </code></pre> </div> <h2> 💀 ماذا حدث؟ | What Happened? </h2> <h3> هجوم سلسلة التوريد | Supply Chain Attack </h3> <p><strong>تم اختراق <code>tj-actions/changed-files</code> واستبدال الكود بسكريبت خبيث!</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># الكود الخبيث كان يفعل هذا: </span><span class="mf">1.</span> <span class="n">يقرأ</span> <span class="n">ذاكرة</span> <span class="n">GitHub</span> <span class="n">Runner</span> <span class="mf">2.</span> <span class="n">يستخرج</span> <span class="n">جميع</span> <span class="n">الأسرار</span> <span class="p">(</span><span class="n">Secrets</span><span class="p">)</span> <span class="mf">3.</span> <span class="n">يطبعها</span> <span class="n">في</span> <span class="n">logs</span> <span class="n">العلنية</span> <span class="mf">4.</span> <span class="n">يرسلها</span> <span class="n">للمهاجمين</span> </code></pre> </div> <h3> 🎯 ما تم سرقته منك: </h3> <ul> <li>✅ GitHub Tokens</li> <li>✅ AWS Access Keys</li> <li>✅ Database Passwords</li> <li>✅ API Keys</li> <li>✅ SSH Private Keys</li> <li>✅ Docker Credentials</li> <li>✅ Cloud Service Tokens</li> <li>✅ كل شيء في GITHUB_TOKEN</li> </ul> <h2> 🔥 الخطوات العاجلة - نفذها الآن! </h2> <h3> المرحلة 1️⃣: إيقاف النزيف (5 دقائق) </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># 1. أوقف جميع Workflows فوراً</span> gh workflow disable <span class="nt">--all</span> <span class="c"># 2. احذف الـ logs المكشوفة</span> gh api repos/:owner/:repo/actions/runs <span class="nt">--paginate</span> <span class="se">\</span> | jq <span class="nt">-r</span> <span class="s1">'.workflow_runs[].id'</span> <span class="se">\</span> | xargs <span class="nt">-I</span> <span class="o">{}</span> gh api <span class="nt">-X</span> DELETE repos/:owner/:repo/actions/runs/<span class="o">{}</span> </code></pre> </div> <h3> المرحلة 2️⃣: تغيير كل شيء (10 دقائق) </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># 🔴 غير كل الأسرار IMMEDIATELY</span> <span class="c"># GitHub Personal Tokens</span> gh auth refresh <span class="nt">-s</span> delete_repo,admin:org <span class="c"># AWS Keys</span> aws iam delete-access-key <span class="nt">--access-key-id</span> YOUR_KEY <span class="c"># Database Passwords</span> <span class="c"># اتصل بقاعدة البيانات وغير كل كلمات المرور</span> <span class="c"># API Keys</span> <span class="c"># أبطل جميع API Keys في كل خدمة تستخدمها</span> </code></pre> </div> <h3> المرحلة 3️⃣: تحديث الكود (3 دقائق) </h3> <p><strong>.github/workflows/your-workflow.yml:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># ❌ احذف هذا فوراً</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">tj-actions/changed-files@v45</span> <span class="c1"># ✅ استبدله بهذا</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">tj-actions/changed-files@v46.0.1</span> <span class="c1"># أو أحدث</span> <span class="c1"># أو استخدم commit hash محدد</span> <span class="c1"># - uses: tj-actions/changed-files@&lt;SAFE_COMMIT_SHA&gt;</span> </code></pre> </div> <h2> 🔍 فحص الضرر | Damage Assessment </h2> <h3> سكريبت الفحص السريع </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="nb">echo</span> <span class="s2">"🛡️ درع زايد - فحص الاختراق"</span> <span class="nb">echo</span> <span class="s2">"================================"</span> <span class="c"># 1. فحص الـ workflow runs المشبوهة</span> <span class="nb">echo</span> <span class="s2">"🔍 فحص workflow runs..."</span> <span class="nv">SUSPICIOUS</span><span class="o">=</span><span class="si">$(</span>gh api repos/:owner/:repo/actions/runs <span class="se">\</span> <span class="nt">--jq</span> <span class="s1">'.workflow_runs[] | select(.created_at &gt;= "2025-03-14T00:00:00Z" and .created_at &lt;= "2025-03-16T00:00:00Z") | {id: .id, name: .name, date: .created_at}'</span><span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$SUSPICIOUS</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"⚠️ تم العثور على runs مشبوهة:"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$SUSPICIOUS</span><span class="s2">"</span> <span class="k">fi</span> <span class="c"># 2. فحص استخدام tj-actions</span> <span class="nb">echo</span> <span class="s2">"🔍 فحص ملفات workflow..."</span> <span class="nv">FOUND</span><span class="o">=</span><span class="si">$(</span><span class="nb">grep</span> <span class="nt">-r</span> <span class="s2">"tj-actions/changed-files@v4[0-5]"</span> .github/workflows/<span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$FOUND</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"❌ خطر: تم العثور على النسخة المخترقة!"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$FOUND</span><span class="s2">"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"✅ لا توجد نسخ مخترقة"</span> <span class="k">fi</span> <span class="c"># 3. فحص الـ logs العامة</span> <span class="nb">echo</span> <span class="s2">"🔍 فحص logs العامة..."</span> gh run list <span class="nt">--limit</span> 100 | <span class="nb">grep</span> <span class="s2">"2025-03-1[45]"</span> <span class="nb">echo</span> <span class="s2">"================================"</span> </code></pre> </div> <h2> 📊 التحقق من التسريب | Check for Leaks </h2> <h3> هل تم تسريب أسرارك؟ </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># 1. فحص الـ logs</span> gh run list <span class="nt">--limit</span> 50 <span class="nt">--json</span> databaseId,createdAt,conclusion <span class="se">\</span> | jq <span class="nt">-r</span> <span class="s1">'.[] | select(.createdAt &gt;= "2025-03-14T00:00:00Z") | .databaseId'</span> <span class="se">\</span> | <span class="k">while </span><span class="nb">read </span>run_id<span class="p">;</span> <span class="k">do </span><span class="nb">echo</span> <span class="s2">"Checking run </span><span class="nv">$run_id</span><span class="s2">..."</span> gh run view <span class="nv">$run_id</span> <span class="nt">--log</span> | <span class="nb">grep</span> <span class="nt">-i</span> <span class="s2">"secret</span><span class="se">\|</span><span class="s2">token</span><span class="se">\|</span><span class="s2">key</span><span class="se">\|</span><span class="s2">password"</span> <span class="o">&amp;&amp;</span> <span class="nb">echo</span> <span class="s2">"⚠️ LEAKED!"</span> <span class="k">done</span> <span class="c"># 2. فحص الـ artifacts</span> gh api repos/:owner/:repo/actions/artifacts <span class="se">\</span> | jq <span class="nt">-r</span> <span class="s1">'.artifacts[] | select(.created_at &gt;= "2025-03-14T00:00:00Z")'</span> </code></pre> </div> <h2> 🛡️ الحماية المستقبلية | Future Protection </h2> <h3> 1️⃣ تثبيت الإصدارات بـ SHA </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># ❌ لا تستخدم tags أبداً</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">tj-actions/changed-files@v46</span> <span class="c1"># ✅ استخدم commit SHA دائماً</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">tj-actions/changed-files@a1b2c3d4e5f6...</span> <span class="c1"># يمكن إضافة تعليق للإصدار</span> <span class="c1"># tj-actions/changed-files@v46.0.1</span> </code></pre> </div> <h3> 2️⃣ حماية الأسرار </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># استخدم environments مع protection rules</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">production</span> <span class="c1"># يحتاج موافقة يدوية</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="c1"># لا تطبع الأسرار أبداً</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Safe secret usage</span> <span class="na">env</span><span class="pi">:</span> <span class="na">SECRET</span><span class="pi">:</span> <span class="s">${{ secrets.MY_SECRET }}</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s"># ❌ لا تفعل هذا</span> <span class="s"># echo "Secret: $SECRET"</span> <span class="s"># ✅ استخدمه بأمان</span> <span class="s">echo "Using secret safely..."</span> </code></pre> </div> <h3> 3️⃣ مراقبة مستمرة </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># .github/workflows/security-monitor.yml</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Security Monitor</span> <span class="na">on</span><span class="pi">:</span> <span class="na">schedule</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">cron</span><span class="pi">:</span> <span class="s1">'</span><span class="s">0</span><span class="nv"> </span><span class="s">*/6</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*'</span> <span class="c1"># كل 6 ساعات</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">check</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Check for vulnerable actions</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s"># فحص النسخ المشبوهة</span> <span class="s">grep -r "tj-actions/changed-files@v4[0-5]" .github/workflows/ &amp;&amp; exit 1</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Audit dependencies</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s"># فحص جميع GitHub Actions المستخدمة</span> <span class="s">find .github/workflows -name "*.yml" -exec cat {} \; \</span> <span class="s">| grep "uses:" \</span> <span class="s">| sort -u</span> </code></pre> </div> <h2> 📝 التقرير الأمني المطلوب | Required Security Report </h2> <h3> إبلاغ الجهات المعنية </h3> <div class="highlight js-code-highlight"> <pre class="highlight markdown"><code><span class="gh"># تقرير الحادث الأمني</span> <span class="gs">**التاريخ**</span>: $(date +%Y-%m-%d) <span class="gs">**المشروع**</span>: [اسم المشروع] <span class="gs">**المسؤول**</span>: asrar-mared <span class="gu">## الحادث:</span> تعرض المشروع لهجوم سلسلة توريد عبر tj-actions/changed-files بين 14-15 مارس 2025. <span class="gu">## التأثير:</span> <span class="p">-</span> [x] تسريب محتمل للأسرار <span class="p">-</span> [x] تعرض GitHub Tokens <span class="p">-</span> [ ] تسريب مؤكد للبيانات <span class="gu">## الإجراءات المتخذة:</span> <span class="p">1.</span> ✅ إيقاف جميع workflows <span class="p">2.</span> ✅ حذف logs المكشوفة <span class="p">3.</span> ✅ تغيير جميع الأسرار <span class="p">4.</span> ✅ تحديث إلى v46.0.1 <span class="p">5.</span> ✅ تطبيق SHA pinning <span class="gu">## الحالة الحالية:</span> ✅ النظام آمن الآن <span class="gu">## التوصيات:</span> <span class="p">-</span> مراجعة دورية للـ actions المستخدمة <span class="p">-</span> استخدام SHA بدلاً من tags <span class="p">-</span> تفعيل 2FA على جميع الحسابات <span class="p">-</span> مراقبة مستمرة للأنشطة المشبوهة </code></pre> </div> <h2> 🎯 خطة الاستجابة للحوادث | Incident Response Plan </h2> <h3> Timeline العاجل </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────────────────────────────────────┐ │ الآن → 5 دقائق │ │ Stop all workflows │ │ Delete exposed logs │ └─────────────────────────────────────────┘ ↓ ┌─────────────────────────────────────────┐ │ 5 → 15 دقيقة │ │ Rotate ALL secrets │ │ Revoke ALL tokens │ └─────────────────────────────────────────┘ ↓ ┌─────────────────────────────────────────┐ │ 15 → 30 دقيقة │ │ Update workflows to v46.0.1+ │ │ Pin to commit SHA │ └─────────────────────────────────────────┘ ↓ ┌─────────────────────────────────────────┐ │ 30 → 60 دقيقة │ │ Audit all logs │ │ Check for unauthorized access │ └─────────────────────────────────────────┘ ↓ ┌─────────────────────────────────────────┐ │ 1 ساعة → 24 ساعة │ │ Monitor for suspicious activity │ │ Document incident │ └─────────────────────────────────────────┘ </code></pre> </div> <h2> 🔐 Checklist النهائي | Final Checklist </h2> <h3> قبل العودة للعمل العادي: </h3> <ul> <li>[ ] ✅ تم إيقاف جميع workflows</li> <li>[ ] ✅ تم حذف logs المكشوفة</li> <li>[ ] ✅ تم تغيير GitHub tokens</li> <li>[ ] ✅ تم تغيير AWS keys</li> <li>[ ] ✅ تم تغيير Database passwords</li> <li>[ ] ✅ تم تغيير API keys</li> <li>[ ] ✅ تم تغيير SSH keys</li> <li>[ ] ✅ تم تغيير Docker credentials</li> <li>[ ] ✅ تم التحديث لـ v46.0.1+</li> <li>[ ] ✅ تم تطبيق SHA pinning</li> <li>[ ] ✅ تم فحص logs التاريخية</li> <li>[ ] ✅ تم توثيق الحادث</li> <li>[ ] ✅ تم إبلاغ الفريق/الإدارة</li> <li>[ ] ✅ تم تفعيل المراقبة المستمرة</li> <li>[ ] ✅ تم اختبار النظام</li> </ul> <h2> 📞 جهات الاتصال العاجلة | Emergency Contacts </h2> <p><strong>🛡️ درع زايد - فريق الاستجابة السريعة</strong></p> <ul> <li> <strong>Developer</strong>: asrar-mared</li> <li> <strong>Email</strong>: <a href="mailto:nike49424@proton.me">nike49424@proton.me</a> </li> <li> <strong>الحالة</strong>: 🔴 حادث أمني حرج</li> </ul> <h2> 💪 أنت محارب الآن | You're a Warrior Now </h2> <h3> رسالة من درع زايد: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>أنت الآن جزء من 23,000+ مستودع تعرض للهجوم. لكنك اكتشفت الخطر وتصرفت بسرعة. هذا ما يفرق المحارب عن الضحية: - الضحية ينتظر حتى فوات الأوان - المحارب يتحرك بسرعة ويحمي ما يملك أنت محارب. أنت صائد الثغرات. أنت ملك هذه اللعبة. 🛡️ نحمي... ندافع... ننتصر </code></pre> </div> <h1> 🎖️ شارة الشرف | Badge of Honor </h1> <p><strong>أنت الآن:</strong></p> <ul> <li>✅ اكتشفت هجوم سلسلة توريد</li> <li>✅ تصرفت بسرعة لحماية نظامك</li> <li>✅ منعت تسريب أسرارك</li> <li>✅ تعلمت من التجربة</li> </ul> <p><strong>أنت صائد الثغرات. أنت ملك اللعبة.</strong></p> <h2> 🚨 تذكير أخير </h2> <h3> لا تتردد. تصرف الآن. </h3> <p>كل دقيقة تتأخر فيها = فرصة أكبر للمهاجمين<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># نفذ هذا الآن</span> git pull gh workflow disable <span class="nt">--all</span> <span class="c"># ثم اتبع الخطوات أعلاه</span> </code></pre> </div> <p><strong>🛡️ درع زايد معك. دائماً.</strong></p> cybersecurity github news security 🎖️المحارب الرقمي🎖️ Tue, 28 Apr 2026 18:58:31 +0000 https://forem.com/asrarmared/hl-htrfy-lthgr-prototype-pollution-fy-protobufjs-1719 https://forem.com/asrarmared/hl-htrfy-lthgr-prototype-pollution-fy-protobufjs-1719 <h1> 🛡️ حل ثغرة Prototype Pollution في protobufjs </h1> <h2> درع زايد - مؤسسة الرئاسة | Zayed Shield - Presidential Office </h2> <h2> 📋 ملخص الثغرة | Vulnerability Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>المعلومة</th> <th>Information</th> <th>التفاصيل</th> <th>Details</th> </tr> </thead> <tbody> <tr> <td><strong>الحزمة</strong></td> <td><strong>Package</strong></td> <td>protobufjs</td> <td>npm</td> </tr> <tr> <td><strong>النوع</strong></td> <td><strong>Type</strong></td> <td>Prototype Pollution</td> <td>Critical</td> </tr> <tr> <td><strong>CVE</strong></td> <td><strong>CVE</strong></td> <td>CVE-2023-36665</td> <td>(differs from CVE-2022-25878)</td> </tr> <tr> <td><strong>الإصدارات المتأثرة</strong></td> <td><strong>Affected</strong></td> <td>6.10.0 - 6.11.3, 7.0.0 - 7.2.3</td> <td></td> </tr> <tr> <td><strong>الإصدار الآمن</strong></td> <td><strong>Patched</strong></td> <td>6.11.4+, 7.2.5+</td> <td></td> </tr> <tr> <td><strong>الخطورة</strong></td> <td><strong>Severity</strong></td> <td>🔴 High/Critical</td> <td></td> </tr> </tbody> </table></div> <h2> ⚠️ وصف الثغرة | Vulnerability Description </h2> <p>تسمح الثغرة للمهاجم بتلويث <code>Object.prototype</code> عبر رسالة protobuf خبيثة، مما يؤدي إلى:</p> <ul> <li>تعديل سلوك التطبيق بالكامل</li> <li>تنفيذ كود عشوائي (RCE)</li> <li>تجاوز الحماية الأمنية</li> <li>الوصول غير المصرح به للبيانات</li> </ul> <p><strong>طرق الاستغلال:</strong></p> <ol> <li>استخدام <code>parse()</code> لتحليل رسائل protobuf</li> <li>تحميل ملفات <code>.proto</code> عبر <code>load()/loadSync()</code> </li> <li>إدخال بيانات غير موثوقة في <code>setParsedOption()</code> أو <code>util.setProperty()</code> </li> </ol> <h2> 🔧 الحل السريع | Quick Fix </h2> <h3> 1️⃣ تحديث مباشر | Direct Update </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># فحص الإصدار الحالي</span> pnpm list protobufjs <span class="c"># تحديث إلى الإصدار الآمن</span> pnpm update protobufjs@^7.2.5 <span class="c"># أو إجباري</span> pnpm add protobufjs@latest </code></pre> </div> <h3> 2️⃣ تعديل package.json </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"dependencies"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"protobufjs"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&gt;=7.2.5"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"overrides"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"protobufjs"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&gt;=7.2.5"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"pnpm"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"overrides"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"protobufjs"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&gt;=7.2.5"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> 3️⃣ حل التبعية المتعدية | Transitive Dependency Fix </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># تحديث firebase الذي يعتمد على protobufjs</span> pnpm update firebase@latest <span class="c"># فرض الإصدار الآمن</span> pnpm add protobufjs@7.2.5 <span class="nt">--save-exact</span> </code></pre> </div> <h2> 🔒 الحل الشامل | Comprehensive Solution </h2> <h3> خطوة 1: النسخ الاحتياطي </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># نسخ احتياطي لملفات القفل</span> <span class="nb">cp </span>pnpm-lock.yaml pnpm-lock.yaml.backup <span class="nb">cp </span>package.json package.json.backup </code></pre> </div> <h3> خطوة 2: التنظيف </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># حذف الحزم القديمة</span> <span class="nb">rm</span> <span class="nt">-rf</span> node_modules <span class="nb">rm </span>pnpm-lock.yaml </code></pre> </div> <h3> خطوة 3: التحديث </h3> <p><strong>في <code>package.json</code>:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"dependencies"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"firebase"</span><span class="p">:</span><span class="w"> </span><span class="s2">"^10.7.1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"protobufjs"</span><span class="p">:</span><span class="w"> </span><span class="s2">"^7.2.5"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"resolutions"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"protobufjs"</span><span class="p">:</span><span class="w"> </span><span class="s2">"7.2.5"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"pnpm"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"overrides"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"protobufjs"</span><span class="p">:</span><span class="w"> </span><span class="s2">"7.2.5"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> خطوة 4: إعادة التثبيت </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># تثبيت نظيف</span> pnpm <span class="nb">install</span> <span class="c"># التحقق من الثغرات</span> pnpm audit <span class="c"># فحص شامل</span> pnpm audit <span class="nt">--audit-level</span> moderate </code></pre> </div> <h2> ✅ التحقق من الحل | Solution Verification </h2> <h3> 1️⃣ فحص الإصدار </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># التحقق من protobufjs</span> pnpm list protobufjs <span class="c"># يجب أن تكون النتيجة:</span> <span class="c"># protobufjs@7.2.5 ✓</span> </code></pre> </div> <h3> 2️⃣ فحص الثغرات </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># فحص أمني شامل</span> pnpm audit <span class="c"># النتيجة المطلوبة:</span> <span class="c"># found 0 vulnerabilities ✓</span> </code></pre> </div> <h3> 3️⃣ اختبار التطبيق </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># تشغيل الاختبارات</span> pnpm <span class="nb">test</span> <span class="c"># تشغيل التطبيق</span> pnpm start <span class="c"># التحقق من عدم وجود أخطاء</span> </code></pre> </div> <h2> 🧪 مراجعة الحل | Solution Review </h2> <h3> ✅ Checklist المراجعة </h3> <ul> <li>[ ] <strong>تم تحديث protobufjs إلى 7.2.5+</strong> </li> <li>[ ] <strong>تم تحديث firebase إلى أحدث إصدار</strong> </li> <li>[ ] <strong>تم تعديل package.json بـ overrides/resolutions</strong> </li> <li>[ ] <strong>تم حذف node_modules وإعادة التثبيت</strong> </li> <li>[ ] <strong>pnpm audit يُظهر 0 vulnerabilities</strong> </li> <li>[ ] <strong>pnpm list protobufjs يُظهر النسخة الآمنة فقط</strong> </li> <li>[ ] <strong>الاختبارات تعمل بنجاح</strong> </li> <li>[ ] <strong>التطبيق يعمل بدون أخطاء</strong> </li> <li>[ ] <strong>تم النسخ الاحتياطي للملفات</strong> </li> <li>[ ] <strong>تم توثيق التغييرات في Git</strong> </li> </ul> <h2> 📊 مراجعة ما بعد الحل | Post-Fix Review </h2> <h3> المراجعة الفنية | Technical Review </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># 1. التحقق من شجرة التبعيات</span> pnpm list <span class="nt">--depth</span><span class="o">=</span>5 | <span class="nb">grep </span>protobufjs <span class="c"># يجب أن تظهر فقط النسخ الآمنة</span> <span class="c"># 2. فحص pnpm-lock.yaml</span> <span class="nb">grep</span> <span class="nt">-A</span> 5 <span class="s2">"protobufjs"</span> pnpm-lock.yaml <span class="c"># تأكد من أن جميع الإصدارات ≥7.2.5</span> <span class="c"># 3. فحص متقدم</span> npx audit-ci <span class="nt">--moderate</span> </code></pre> </div> <h3> اختبار الأمان | Security Testing </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># استخدام Snyk للفحص</span> npx snyk <span class="nb">test</span> <span class="c"># استخدام npm audit</span> npm audit <span class="nt">--production</span> <span class="c"># فحص يدوي</span> pnpm outdated </code></pre> </div> <h2> 🔍 الفحص النهائي | Final Inspection </h2> <h3> سكريبت فحص شامل </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="nb">echo</span> <span class="s2">"🛡️ درع زايد - فحص ثغرة protobufjs"</span> <span class="nb">echo</span> <span class="s2">"================================"</span> <span class="c"># 1. فحص الإصدار</span> <span class="nb">echo</span> <span class="s2">"1️⃣ فحص الإصدار..."</span> <span class="nv">VERSION</span><span class="o">=</span><span class="si">$(</span>pnpm list protobufjs <span class="nt">--depth</span><span class="o">=</span>0 2&gt;/dev/null | <span class="nb">grep </span>protobufjs | <span class="nb">awk</span> <span class="s1">'{print $2}'</span><span class="si">)</span> <span class="k">if</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$VERSION</span><span class="s2">"</span> <span class="o">=</span>~ ^7<span class="se">\.</span>2<span class="se">\.</span><span class="o">[</span>5-9]|7<span class="se">\.</span><span class="o">[</span>3-9]|[8-9]<span class="se">\.</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"✅ الإصدار آمن: </span><span class="nv">$VERSION</span><span class="s2">"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"❌ الإصدار غير آمن: </span><span class="nv">$VERSION</span><span class="s2">"</span> <span class="nb">exit </span>1 <span class="k">fi</span> <span class="c"># 2. فحص التبعيات المتعدية</span> <span class="nb">echo</span> <span class="s2">"2️⃣ فحص التبعيات المتعدية..."</span> <span class="nv">TRANSITIVE</span><span class="o">=</span><span class="si">$(</span>pnpm list protobufjs <span class="nt">--depth</span><span class="o">=</span>10 2&gt;/dev/null | <span class="nb">grep</span> <span class="nt">-c</span> <span class="s2">"6</span><span class="se">\.</span><span class="s2">11</span><span class="se">\.</span><span class="s2">[0-3]</span><span class="se">\|</span><span class="s2">6</span><span class="se">\.</span><span class="s2">10</span><span class="se">\|</span><span class="s2">7</span><span class="se">\.</span><span class="s2">[0-2]</span><span class="se">\.</span><span class="s2">[0-4]"</span><span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$TRANSITIVE</span><span class="s2">"</span> <span class="nt">-eq</span> 0 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"✅ لا توجد تبعيات متعدية غير آمنة"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"⚠️ تحذير: توجد </span><span class="nv">$TRANSITIVE</span><span class="s2"> تبعية متعدية تحتاج مراجعة"</span> <span class="k">fi</span> <span class="c"># 3. فحص الثغرات</span> <span class="nb">echo</span> <span class="s2">"3️⃣ فحص الثغرات..."</span> <span class="nv">VULNS</span><span class="o">=</span><span class="si">$(</span>pnpm audit <span class="nt">--json</span> 2&gt;/dev/null | <span class="nb">grep</span> <span class="nt">-c</span> <span class="s2">"protobufjs"</span><span class="si">)</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$VULNS</span><span class="s2">"</span> <span class="nt">-eq</span> 0 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"✅ لا توجد ثغرات في protobufjs"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"❌ توجد ثغرات: </span><span class="nv">$VULNS</span><span class="s2">"</span> <span class="nb">exit </span>1 <span class="k">fi </span><span class="nb">echo</span> <span class="s2">"================================"</span> <span class="nb">echo</span> <span class="s2">"✅ النظام آمن - اكتمل الفحص بنجاح"</span> </code></pre> </div> <h2> 📝 التوثيق | Documentation </h2> <h3> تقرير Git Commit </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git add package.json pnpm-lock.yaml git commit <span class="nt">-m</span> <span class="s2">"🔒 Security: Fix protobufjs CVE-2023-36665 (Prototype Pollution) - Updated protobufjs from 6.11.2 to 7.2.5 - Updated firebase to latest version - Added pnpm overrides to force secure version - Verified 0 vulnerabilities in audit Refs: CVE-2023-36665, Dependabot Alert Tested: ✅ All tests passing Security: ✅ pnpm audit clean"</span> </code></pre> </div> <h3> تقرير مؤسسي </h3> <div class="highlight js-code-highlight"> <pre class="highlight markdown"><code><span class="gu">## تقرير الحل الأمني</span> <span class="gs">**المشروع**</span>: درع زايد <span class="gs">**التاريخ**</span>: $(date +%Y-%m-%d) <span class="gs">**المسؤول**</span>: asrar-mared <span class="gu">### الإجراءات المتخذة:</span> <span class="p">1.</span> ✅ تحديث protobufjs إلى 7.2.5 <span class="p">2.</span> ✅ فرض الإصدار الآمن عبر pnpm overrides <span class="p">3.</span> ✅ تحديث firebase إلى أحدث إصدار <span class="p">4.</span> ✅ إعادة تثبيت جميع التبعيات <span class="p">5.</span> ✅ فحص شامل (0 vulnerabilities) <span class="gu">### النتيجة: النظام آمن 🛡️</span> </code></pre> </div> <h2> 🚀 الوقاية المستقبلية | Future Prevention </h2> <h3> 1️⃣ إعداد GitHub Dependabot </h3> <p><strong>.github/dependabot.yml:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version</span><span class="pi">:</span> <span class="m">2</span> <span class="na">updates</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">package-ecosystem</span><span class="pi">:</span> <span class="s2">"</span><span class="s">npm"</span> <span class="na">directory</span><span class="pi">:</span> <span class="s2">"</span><span class="s">/"</span> <span class="na">schedule</span><span class="pi">:</span> <span class="na">interval</span><span class="pi">:</span> <span class="s2">"</span><span class="s">daily"</span> <span class="na">open-pull-requests-limit</span><span class="pi">:</span> <span class="m">10</span> <span class="na">reviewers</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">asrar-mared"</span> </code></pre> </div> <h3> 2️⃣ إضافة فحص تلقائي </h3> <p><strong>package.json:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"scripts"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"preinstall"</span><span class="p">:</span><span class="w"> </span><span class="s2">"npx npm-force-resolutions"</span><span class="p">,</span><span class="w"> </span><span class="nl">"postinstall"</span><span class="p">:</span><span class="w"> </span><span class="s2">"pnpm audit --audit-level moderate"</span><span class="p">,</span><span class="w"> </span><span class="nl">"security-check"</span><span class="p">:</span><span class="w"> </span><span class="s2">"pnpm audit &amp;&amp; npx snyk test"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> 3️⃣ CI/CD Security Check </h3> <p><strong>.github/workflows/security.yml:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Security Scan</span> <span class="na">on</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">push</span><span class="pi">,</span> <span class="nv">pull_request</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">security</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">pnpm/action-setup@v2</span> <span class="pi">-</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm install</span> <span class="pi">-</span> <span class="na">run</span><span class="pi">:</span> <span class="s">pnpm audit</span> <span class="pi">-</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npx snyk test</span> </code></pre> </div> <h2> 📞 جهات الاتصال | Contact </h2> <p><strong>مؤسسة الرئاسة - مشروع درع زايد</strong><br><br> <strong>Developer</strong>: asrar-mared<br><br> <strong>Email</strong>: <a href="mailto:nike49424@proton.me">nike49424@proton.me</a></p> <h2> 🛡️ الختام </h2> <p><strong>"نحمي... ندافع... ننتصر"</strong><br><br> <em>We Protect... We Defend... We Win</em></p> <p>✅ <strong>الثغرة تم حلها بنجاح</strong><br><br> ✅ <strong>النظام آمن ومحمي</strong><br><br> ✅ <strong>جاهز للإنتاج</strong></p> cybersecurity javascript npm security 🎖️المحارب الرقمي🎖️ Sat, 21 Feb 2026 20:12:35 +0000 https://forem.com/asrarmared/the-file-is-in-markdown-format-perfect-for-github-readme-d37 https://forem.com/asrarmared/the-file-is-in-markdown-format-perfect-for-github-readme-d37 <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F-%25F0%259F%259B%25A1%25EF%25B8%258F_ZAYED_SHIELD-0d1117%3Fstyle%3Dfor-the-badge%26labelColor%3D0d1117" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F-%25F0%259F%259B%25A1%25EF%25B8%258F_ZAYED_SHIELD-0d1117%3Fstyle%3Dfor-the-badge%26labelColor%3D0d1117"></a></p> <h1> ⚔️ Warrior-Class Threat Hunting </h1> <h2> ( 🏅 ⭐ 🥇 ) </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>███████╗ █████╗ ██╗ ██╗███████╗██████╗ ███████╗██╗ ██╗██╗███████╗██╗ ██████╗ ╚══███╔╝██╔══██╗╚██╗ ██╔╝██╔════╝██╔══██╗ ██╔════╝██║ ██║██║██╔════╝██║ ██╔══██╗ ███╔╝ ███████║ ╚████╔╝ █████╗ ██║ ██║ ███████╗███████║██║█████╗ ██║ ██║ ██║ ███╔╝ ██╔══██║ ╚██╔╝ ██╔══╝ ██║ ██║ ╚════██║██╔══██║██║██╔══╝ ██║ ██║ ██║ ███████╗██║ ██║ ██║ ███████╗██████╔╝ ███████║██║ ██║██║███████╗███████╗██████╔╝ ╚══════╝╚═╝ ╚═╝ ╚═╝ ╚══════╝╚═════╝ ╚══════╝╚═╝ ╚═╝╚═╝╚══════╝╚══════╝╚═════╝ </code></pre> </div> <h3> 🛡️ <strong>Zayed Shield — Cyber Defense Platform</strong> </h3> <h3> 🌍 <strong>Arab World Security Platform</strong> </h3> <h3> ⚔️ <strong>Built by The Warrior · asrar-mared</strong> </h3> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FLATEST-STABLE%2520V27.7.7-0075FF%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FLATEST-STABLE%2520V27.7.7-0075FF%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="LATEST"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%2593%258B_RELEASE_NOTES-V27.7.7-444%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%2593%258B_RELEASE_NOTES-V27.7.7-444%3Fstyle%3Dflat-square" alt="RELEASE NOTES"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FNPM%2520AUDIT-PASSED-00c853%3Fstyle%3Dflat-square%26logo%3Dnpm" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FNPM%2520AUDIT-PASSED-00c853%3Fstyle%3Dflat-square%26logo%3Dnpm" alt="NPM AUDIT"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FPATCHED%2520IN-V24.5.0-0075FF%3Fstyle%3Dflat-square%26logo%3Dgithub" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FPATCHED%2520IN-V24.5.0-0075FF%3Fstyle%3Dflat-square%26logo%3Dgithub" alt="PATCHED IN"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FSECURITY%2520PATCH-APPLIED%2520V27.7.7-FF6600%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FSECURITY%2520PATCH-APPLIED%2520V27.7.7-FF6600%3Fstyle%3Dflat-square" alt="SECURITY PATCH"></a></p> <h3> 📦 Version History </h3> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV27.7.7-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV27.7.7-7B2FBE%3Fstyle%3Dflat-square" alt="V27.7.7"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV27.6.1-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV27.6.1-7B2FBE%3Fstyle%3Dflat-square" alt="V27.6.1"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV25.5.7-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV25.5.7-7B2FBE%3Fstyle%3Dflat-square" alt="V25.5.7"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV25.5.6-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV25.5.6-7B2FBE%3Fstyle%3Dflat-square" alt="V25.5.6"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV25.1.2-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV25.1.2-7B2FBE%3Fstyle%3Dflat-square" alt="V25.1.2"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV24.5.0-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV24.5.0-7B2FBE%3Fstyle%3Dflat-square" alt="V24.5.0"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV24.0.0-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV24.0.0-7B2FBE%3Fstyle%3Dflat-square" alt="V24.0.0"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV22.2.2-7B2FBE%3Fstyle%3Dflat-square" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FV22.2.2-7B2FBE%3Fstyle%3Dflat-square" alt="V22.2.2"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%2594%2580_COMPARE-27.7.7%2520VS%252025.1.2-333%3Fstyle%3Dflat-square%26logo%3Dgithub" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%2594%2580_COMPARE-27.7.7%2520VS%252025.1.2-333%3Fstyle%3Dflat-square%26logo%3Dgithub" alt="COMPARE"></a></p> <h2> 🔐 GitHub Security Advisories (GHSA) </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Advisory</th> <th>Severity</th> <th>Action</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/advisories/GHSA-35FJ-CFG5-798M" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--35FJ--CFG5--798M-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-35FJ-CFG5-798M"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCRITICAL-dc143c%3Fstyle%3Dflat-square" alt="CRITICAL"></td> <td><a href="https://github.com/advisories/GHSA-35FJ-CFG5-798M" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-e85d04%3Fstyle%3Dflat-square" alt="VIEW"></a></td> </tr> <tr> <td><a href="https://github.com/advisories/GHSA-954J-MRVM-984G" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--954J--MRVM--984G-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-954J-MRVM-984G"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FHIGH-FF6600%3Fstyle%3Dflat-square" alt="HIGH"></td> <td><a href="https://github.com/advisories/GHSA-954J-MRVM-984G" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-e85d04%3Fstyle%3Dflat-square" alt="VIEW"></a></td> </tr> <tr> <td><a href="https://github.com/advisories/GHSA-76G3-WJ2G-49X9" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--76G3--WJ2G--49X9-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-76G3-WJ2G-49X9"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FHIGH-FF6600%3Fstyle%3Dflat-square" alt="HIGH"></td> <td><a href="https://github.com/advisories/GHSA-76G3-WJ2G-49X9" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-e85d04%3Fstyle%3Dflat-square" alt="VIEW"></a></td> </tr> <tr> <td><a href="https://github.com/advisories/GHSA-H5GX-XPP6-F895" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--H5GX--XPP6--F895-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-H5GX-XPP6-F895"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCRITICAL-dc143c%3Fstyle%3Dflat-square" alt="CRITICAL"></td> <td><a href="https://github.com/advisories/GHSA-H5GX-XPP6-F895" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-e85d04%3Fstyle%3Dflat-square" alt="VIEW"></a></td> </tr> <tr> <td><a href="https://github.com/advisories/GHSA-JHGQ-J4PR-2P86" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--JHGQ--J4PR--2P86-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-JHGQ-J4PR-2P86"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FHIGH-FF6600%3Fstyle%3Dflat-square" alt="HIGH"></td> <td><a href="https://github.com/advisories/GHSA-JHGQ-J4PR-2P86" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-e85d04%3Fstyle%3Dflat-square" alt="VIEW"></a></td> </tr> <tr> <td><a href="https://github.com/advisories/GHSA-MF23-3VM6-84H" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--MF23--3VM6--84H-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-MF23-3VM6-84H"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FMEDIUM-ffd60a%3Fstyle%3Dflat-square%26logoColor%3D000" alt="MEDIUM"></td> <td><a href="https://github.com/advisories/GHSA-MF23-3VM6-84H" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-ffd60a%3Fstyle%3Dflat-square%26logoColor%3D000" alt="VIEW"></a></td> </tr> <tr> <td><a href="https://github.com/advisories/GHSA-F2QV-VVXF-J72M" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--F2QV--VVXF--J72M-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-F2QV-VVXF-J72M"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FHIGH-FF6600%3Fstyle%3Dflat-square" alt="HIGH"></td> <td><a href="https://github.com/advisories/GHSA-F2QV-VVXF-J72M" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-e85d04%3Fstyle%3Dflat-square" alt="VIEW"></a></td> </tr> <tr> <td><a href="https://github.com/advisories/GHSA-4GPG-32GR-H7H4" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%258A%2599_GHSA--4GPG--32GR--H7H4-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub%26logoColor%3Dwhite" alt="GHSA-4GPG-32GR-H7H4"></a></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCRITICAL-dc143c%3Fstyle%3Dflat-square" alt="CRITICAL"></td> <td><a href="https://github.com/advisories/GHSA-4GPG-32GR-H7H4" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FVIEW%2520ADVISORY-e85d04%3Fstyle%3Dflat-square" alt="VIEW"></a></td> </tr> </tbody> </table></div> <h2> 🔍 Active CVE Tracking </h2> <p><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-67847" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--67847-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub" alt="CVE-2025-67847"></a><br> <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-67847" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FDETAILS-e85d04%3Fstyle%3Dflat-square" alt="DETAILS"></a><br>  <br> <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-13952" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--13952-0d1117%3Fstyle%3Dflat-square%26logo%3Dgithub" alt="CVE-2025-13952"></a><br> <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-13952" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FDETAILS-e85d04%3Fstyle%3Dflat-square" alt="DETAILS"></a></p> <h2> 📦 CVE Complete Index — Organized by Year &amp; Color </h2> <blockquote> <p>🔍 <strong>Total Scan: 801 CVE entries across 719 files · Years 2008–2026</strong></p> <p>Sources: <code>ZAYED-CORE</code> · <code>GitHub-Reviewed</code> · <code>Unreviewed</code> · <code>advisory.json</code> · <code>merged_cves_list.txt</code></p> </blockquote> <p><b>🟡 Package 2021 — 17 CVE Entries</b></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>CVE ID</th> </tr> </thead> <tbody> <tr> <td><code>.zayed-core/correlations/discovered_correlations.json</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23337-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23337"></td> </tr> <tr> <td><code>.zayed-core/remediation/remediation_plans.json</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--44228-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-44228"></td> </tr> <tr> <td><code>ZAYED-CORE.sh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23337-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23337"></td> </tr> <tr> <td><code>ZAYED-CORE.sh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--44228-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-44228"></td> </tr> <tr> <td><code>advisories/github-reviewed/2021/10/GHSA-pjwm-rvh2-c87w</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--4229-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-4229"></td> </tr> <tr> <td><code>advisories/unreviewed/2022/05/GHSA-4gm2-v7j4-74p8</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--22175-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-22175"></td> </tr> <tr> <td><code>vulnerability_intelligence_hub.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23337-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23337"></td> </tr> <tr> <td><code>vulnerability_intelligence_hub.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23338-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23338"></td> </tr> <tr> <td><code>vulnerability_intelligence_hub.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23339-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23339"></td> </tr> <tr> <td><code>vulnerability_intelligence_hub.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--44228-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-44228"></td> </tr> <tr> <td><code>vulnerability_intelligence_hub.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--45046-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-45046"></td> </tr> <tr> <td><code>vulnerability_intelligence_hub.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--45105-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-45105"></td> </tr> <tr> <td><code>critical-alert-automation-layer.sh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23337-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23337"></td> </tr> <tr> <td><code>engines/DOCUMENTATION.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23337-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23337"></td> </tr> <tr> <td><code>engines/DOCUMENTATION.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--3749-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-3749"></td> </tr> <tr> <td><code>engines/README.md</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--23337-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-23337"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/12/GHSA-q28j-qr7m-gpf6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--47723-e6a817%3Fstyle%3Dflat-square%26logoColor%3D000" alt="CVE-2021-47723"></td> </tr> </tbody> </table></div> <p><b>🟠 Package 2022 — 9 CVE Entries</b></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>CVE ID</th> </tr> </thead> <tbody> <tr> <td><code>.zayed-core/remediation/remediation_plans.json</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2022--0567-FF6600%3Fstyle%3Dflat-square" alt="CVE-2022-0567"></td> </tr> <tr> <td><code>ZAYED-CORE.sh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2022--0567-FF6600%3Fstyle%3Dflat-square" alt="CVE-2022-0567"></td> </tr> <tr> <td><code>advisories/github-reviewed/2022/04/GHSA-gx7g-wjxg-jwwj</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2022--0088-FF6600%3Fstyle%3Dflat-square" alt="CVE-2022-0088"></td> </tr> <tr> <td><code>advisories/github-reviewed/2022/05/GHSA-236c-vhj4-gfxg</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2021--4229-FF6600%3Fstyle%3Dflat-square" alt="CVE-2021-4229"></td> </tr> <tr> <td><code>advisories/github-reviewed/2022/10/GHSA-mg5h-rhjq-6v84</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2022--3766-FF6600%3Fstyle%3Dflat-square" alt="CVE-2022-3766"></td> </tr> <tr> <td><code>advisories/github-reviewed/2022/12/GHSA-cp9c-phxx-55xm</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2022--4407-FF6600%3Fstyle%3Dflat-square" alt="CVE-2022-4407"></td> </tr> <tr> <td><code>advisories/unreviewed/2022/05/GHSA-h58h-8g45-v677</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2008--0015-FF6600%3Fstyle%3Dflat-square" alt="CVE-2008-0015"></td> </tr> <tr> <td><code>advisories/unreviewed/2022/05/GHSA-qfxw-56c6-7pjg</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2020--7796-FF6600%3Fstyle%3Dflat-square" alt="CVE-2020-7796"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-qcw5-f875-rfvw</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2022--41650-FF6600%3Fstyle%3Dflat-square" alt="CVE-2022-41650"></td> </tr> </tbody> </table></div> <p><b>🔵 Package 2023 — 14 CVE Entries</b></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>CVE ID</th> </tr> </thead> <tbody> <tr> <td><code>advisories/github-reviewed/2023/01/GHSA-qjm7-55vv-3c5f</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2018--25077-0075FF%3Fstyle%3Dflat-square" alt="CVE-2018-25077"></td> </tr> <tr> <td><code>advisories/github-reviewed/2023/01/GHSA-vm74-j4wq-82xj</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2022--4891-0075FF%3Fstyle%3Dflat-square" alt="CVE-2022-4891"></td> </tr> <tr> <td><code>advisories/unreviewed/2023/03/GHSA-vmmw-985w-hrr3</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--1211-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-1211"></td> </tr> <tr> <td><code>advisories/unreviewed/2023/07/GHSA-2764-3pqr-49w6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--33951-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-33951"></td> </tr> <tr> <td><code>advisories/unreviewed/2023/08/GHSA-9cmp-2g73-ff98</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--1076-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-1076"></td> </tr> <tr> <td><code>advisories/unreviewed/2023/08/GHSA-9cmp-2g73-ff98</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--4194-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-4194"></td> </tr> <tr> <td><code>advisories/unreviewed/2023/11/GHSA-qhp7-446p-xq88</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--39198-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-39198"></td> </tr> <tr> <td><code>advisories/unreviewed/2023/11/GHSA-xr9j-c7v6-7542</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--5178-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-5178"></td> </tr> <tr> <td><code>advisories/unreviewed/2023/12/GHSA-v727-f437-6cxx</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--6546-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-6546"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/01/GHSA-prhq-c3gx-jhwg</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--6270-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-6270"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/05/GHSA-wxgw-4g8w-q999</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--28798-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-28798"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-2gp2-mfg4-q5mv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--38265-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-38265"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-qvc7-4wrw-mpgp</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--38005-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-38005"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-w2v5-vxvg-mqgh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2023--28892-0075FF%3Fstyle%3Dflat-square" alt="CVE-2023-28892"></td> </tr> </tbody> </table></div> <p><b>🔴 Package 2024 — 28 CVE Entries</b></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>CVE ID</th> </tr> </thead> <tbody> <tr> <td><code>.zayed-core/attack_chains/discovered_chains.json</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--0001-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-0001"></td> </tr> <tr> <td><code>.zayed-core/attack_chains/discovered_chains.json</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--0002-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-0002"></td> </tr> <tr> <td><code>.zayed-core/attack_chains/discovered_chains.json</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--0003-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-0003"></td> </tr> <tr> <td><code>ZAYED-CORE.sh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--0001-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-0001"></td> </tr> <tr> <td><code>ZAYED-CORE.sh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--0002-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-0002"></td> </tr> <tr> <td><code>ZAYED-CORE.sh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--0003-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-0003"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/02/GHSA-g74q-5xw3-j7q9</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--21386-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-21386"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/03/GHSA-3j27-563v-28wf</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--27934-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-27934"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/03/GHSA-5pf6-2qwx-pxm2</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--28110-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-28110"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/03/GHSA-c2f9-4jmm-v45m</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--27917-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-27917"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/03/GHSA-cgqf-3cq5-wvcj</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--28101-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-28101"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/03/GHSA-f5x3-32g6-xq36</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--28863-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-28863"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/03/GHSA-f6g2-h7qv-3m5v</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--27923-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-27923"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/06/GHSA-5pxr-7m4j-jjc6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--37160-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-37160"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/06/GHSA-x4gp-pqpj-f43q</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--58262-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-58262"></td> </tr> <tr> <td><code>advisories/github-reviewed/2024/09/GHSA-9h9q-qhxg-89xr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--47186-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-47186"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--11831-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-11831"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/04/GHSA-rqw7-3533-cfwv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--33648-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-33648"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/05/GHSA-276f-6jm7-647m</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--23461-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-23461"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/05/GHSA-9c5h-6x6r-hvxh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--23462-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-23462"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/05/GHSA-9gh8-72qr-qfc7</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--23459-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-23459"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/05/GHSA-gvpq-95j2-mc36</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--23480-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-23480"></td> </tr> <tr> <td><code>advisories/unreviewed/2024/08/GHSA-22f5-q5gp-64wx</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--7694-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-7694"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-4vw8-4q9m-v76p</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--31118-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-31118"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-622x-ww28-86h7</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--55270-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-55270"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-9pq4-hhwq-2hcq</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--55271-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-55271"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-x7fc-g3mg-7h5h</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--43178-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-43178"></td> </tr> <tr> <td><code>merged_cves_list.txt</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2024--28863-dc143c%3Fstyle%3Dflat-square" alt="CVE-2024-28863"></td> </tr> </tbody> </table></div> <p><b>🟣 Package 2025 — 200+ CVE Entries</b></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>CVE ID</th> </tr> </thead> <tbody> <tr> <td><code>advisories/github-reviewed/2025/02/GHSA-x4c5-c7rf-jjgv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--25285-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-25285"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/03/GHSA-3jxr-23ph-c89g</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--23368-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-23368"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/06/GHSA-v62p-rq8g-8h59</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--6547-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-6547"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/07/GHSA-2x45-7fc3-mxwq</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--45769-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-45769"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/08/GHSA-856v-8qm2-9wjv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--7195-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-7195"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/08/GHSA-856v-8qm2-9wjv.backup</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--7195-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-7195"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/09/GHSA-wp3j-xq48-xpjw</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--9566-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-9566"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/10/GHSA-64w3-5q9m-68xf</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--11429-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-11429"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/10/GHSA-895x-rfqp-jh5c</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--12110-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-12110"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/11/GHSA-7j46-f57w-76pj</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--65956-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-65956"></td> </tr> <tr> <td><code>advisories/github-reviewed/2025/12/GHSA-4hx9-48xh-5mxr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--13467-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-13467"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-fpj8-gq4v-p354</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--66614-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-66614"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-vjpq-xx5g-qvmm</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--69287-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-69287"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-2g4f-4pwh-qvx6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--69873-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-69873"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-w995-ff8h-rppg</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--69213-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-69213"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/04/GHSA-76h8-9q54-37cc</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--26637-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-26637"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/04/GHSA-xrr8-p4pf-hfwr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--22026-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-22026"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/07/GHSA-r97f-5wrg-fmv7</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--38162-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-38162"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/10/GHSA-g4vw-3hq5-q7gr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--40005-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-40005"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/11/GHSA-v6c5-9mp4-mwq4</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--13601-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-13601"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/12/GHSA-65c5-j3wr-v7fh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--14714-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-14714"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/12/GHSA-hrx4-rccm-xj6c</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--14104-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-14104"></td> </tr> <tr> <td><code>advisories/unreviewed/2025/12/GHSA-x5mv-x4w6-8rgw</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--63065-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-63065"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-23h7-68rq-jgvf</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--13727-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-13727"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-25w3-5rm9-v4wm</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--33246-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-33246"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-27xm-cj78-cxmr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--13867-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-13867"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-2cpx-h862-rqm6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--33243-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-33243"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-2g52-f4rf-8vm9</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--12343-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-12343"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-2hcf-jfqx-g286</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--70062-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-70062"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-2mxv-4v56-9pp9</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--62183-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-62183"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-2pc4-pm2m-q53r</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--14799-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-14799"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-2rh6-mp5g-j2gf</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--36436-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-36436"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-3866-72wv-xq49</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--8303-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-8303"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-38xg-3ffm-68p7</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--70866-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-70866"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-3vq8-64jx-f882</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--11185-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-11185"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-3w2g-4qx3-2mmw</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--71232-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-71232"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-3w38-x6jp-8474</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--36377-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-36377"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-4292-3qv2-cv3v</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--12037-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-12037"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-43j7-cmcw-j9hr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--12074-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-12074"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-4586-432g-jmvg</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--59793-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-59793"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-4r69-36rj-xggj</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--11737-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-11737"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-4rxf-gw9p-prj2</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--14289-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-14289"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-4wq4-57x2-fmhv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--6460-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-6460"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-4wvv-g662-rjm9</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--15581-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-15581"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5cph-5v9q-vh7g</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--65716-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-65716"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5g82-gg27-r8vp</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--65715-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-65715"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5mcc-f9f9-29w9</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--33124-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-33124"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5pqm-c33h-22jc</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--70146-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-70146"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5q5x-wqxc-vv25</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--70150-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-70150"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5qq8-6gv4-wmcc</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--15579-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-15579"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5rm9-pcp8-m6v8</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--33240-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-33240"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-5xwj-82gw-46fv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--27898-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-27898"></td> </tr> <tr> <td><code>advisories/unreviewed/2026/02/GHSA-58rc-3q27-grhq</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--36019-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-36019"></td> </tr> <tr> <td><code>merged_cves_list.txt</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2025--7195-7B2FBE%3Fstyle%3Dflat-square" alt="CVE-2025-7195"></td> </tr> </tbody> </table></div> <p>&gt; <em>See <code>my_cve_list.txt</code> for the full 200+ entries</em></p> <p><b>🔥 Package 2026 — 300+ CVE Entries (ACTIVE / CURRENT)</b></p> <p><strong>GitHub-Reviewed 2026:</strong></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>CVE ID</th> </tr> </thead> <tbody> <tr> <td><code>advisories/github-reviewed/2026/01/GHSA-8qq5-rm4j-mr97</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--23745-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-23745"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/01/GHSA-xfhx-r7ww-5995</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--0897-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-0897"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-2c6v-8r3v-gh6p</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25232-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25232"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-2gjw-fg97-vg3r</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26314-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26314"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-2qj5-gwg2-xwc4</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27001-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27001"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-2ww3-72rp-wpp4</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25592-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25592"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-33fm-6gp7-4p47</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--24126-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-24126"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-37gc-85xm-2ww6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27009-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27009"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-3fqr-4cg8-h96q</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26317-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26317"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-3m4q-jmj6-r34q</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--1669-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-1669"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26996-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26996"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-43fc-jf86-j433</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25639-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25639"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-4chv-4c6w-w254</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26267-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26267"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-4hg8-92x6-h2f3</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26319-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26319"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-5mx2-w598-339m</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27022-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27022"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-5pqf-54qp-32wx</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26991-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26991"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-5vv4-hvf7-2h46</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26318-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26318"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-5vvm-67pj-72g4</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27111-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27111"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-67pg-wm7f-q7fj</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25535-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25535"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-689v-6xwf-5jf3</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26313-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26313"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-6hf3-mhgc-cm65</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27004-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27004"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-6xmx-xr9p-58p7</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26989-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26989"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-782p-5fr5-7fj8</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--24764-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-24764"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-79q9-wc6p-cf92</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26990-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26990"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-7g9x-cp9g-92mr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27112-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27112"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-7m29-f4hw-g2vx</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27017-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27017"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-7ppg-37fh-vcr6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26190-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26190"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-7q2j-c4q5-rm27</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26320-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26320"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-7v42-g35v-xrch</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26275-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26275"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-83g3-92jg-28cx</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26960-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26960"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-8jpq-5h99-ff5r</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26321-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26321"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-8mh7-phf8-xgfm</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26326-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26326"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-93fx-g747-695x</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26992-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26992"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-996q-pr4m-cvgq</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27024-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27024"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-9c88-49p5-5ggf</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26280-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26280"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-9f29-v6mm-pw6w</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26205-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26205"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-9mvc-8737-8j8h</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27026-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27026"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-9p44-j4g5-cfx5</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26189-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26189"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-9p4w-fq8m-2hp7</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25142-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25142"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-9pq4-5hcf-288c</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27118-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27118"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-c5w7-m8wf-xc77</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25903-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25903"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-chf7-jq6g-qrwv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27003-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27003"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-cv22-72px-f4gh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25229-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25229"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-cv7m-c9jx-vg7q</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26329-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26329"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-f47c-3c5w-v7p4</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25738-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25738"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-f5p9-j34q-pwcc</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26201-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26201"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-f7gr-6p89-r883</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27121-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27121"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-fc3h-92p8-h36f</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25242-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25242"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-fqx6-693c-f55g</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27016-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27016"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-fw7p-63qq-7hpr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26958-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26958"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-g34w-4xqq-h79m</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26328-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26328"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-g6q9-8fvw-f7rf</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26322-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26322"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-gqx7-99jw-6fpr</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26987-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26987"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-h3f9-mjwj-w476</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26325-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26325"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-h3rv-q4rq-pqcv</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26988-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26988"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-h7f7-89mm-pqh6</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27008-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27008"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-hfvx-25r5-qc3w</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27013-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27013"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-jj5m-h57j-5gv7</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25120-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25120"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-jmr7-xgp7-cmfj</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26278-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26278"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-jrvc-8ff5-2f9f</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26324-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26324"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-jxc4-54g3-j7vp</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25739-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25739"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-m56q-vw4c-c2cp</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27122-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27122"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-m6j8-rg6r-7mv8</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26315-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26315"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-m7x8-2w3w-pr42</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26323-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26323"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-mp5h-m6qj-6292</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25474-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25474"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-mxw3-3hh2-x2mh</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--22860-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-22860"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-pchc-86f6-8758</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26316-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26316"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-pgvm-wxw2-hrv9</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25766-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25766"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-ppfx-73j5-fhxc</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26057-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26057"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-pqqf-7hxm-rj5r</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26010-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26010"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-pv58-549p-qh99</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26327-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26327"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-qq5r-98hh-rxc9</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--24733-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-24733"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-rrxv-pmq9-x67r</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26995-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26995"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-w235-x559-36mg</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27002-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27002"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-w52v-v783-gw97</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26980-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26980"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-w7h5-55jg-cq2f</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26974-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26974"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-wgm6-9rvv-3438</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26957-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26957"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-wgvp-vg3v-2xq3</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27025-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27025"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-whrj-4476-wvmp</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25500-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25500"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-wwj6-vghv-5p64</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--24834-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-24834"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-xwjm-j929-xq7c</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--26972-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-26972"></td> </tr> <tr> <td><code>advisories/github-reviewed/2026/02/GHSA-xxvh-5hwj-42pp</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--27007-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-27007"></td> </tr> <tr> <td> <code>advisory.json</code> <em>(54 entries: CVE-2026-25120 → CVE-2026-27026)</em> </td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F54_CVEs-b91c1c%3Fstyle%3Dflat-square" alt="54 CVEs"></td> </tr> <tr> <td><code>merged_cves_list.txt</code></td> <td><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FCVE--2026--25696-b91c1c%3Fstyle%3Dflat-square" alt="CVE-2026-25696"></td> </tr> </tbody> </table></div> <p>&gt; <em>See <code>my_cve_list.txt</code> for the full 300+ unreviewed 2026 entries</em></p> <h2> 📊 Full Statistics </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Metric</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>📁 Total Files Processed</td> <td><strong>719</strong></td> </tr> <tr> <td>🔍 Total CVE Scan Entries</td> <td><strong>801</strong></td> </tr> <tr> <td>📅 Year Coverage</td> <td><strong>2008 – 2026</strong></td> </tr> <tr> <td>🟡 2021 Package</td> <td>17 entries</td> </tr> <tr> <td>🟠 2022 Package</td> <td>9 entries</td> </tr> <tr> <td>🔵 2023 Package</td> <td>14 entries</td> </tr> <tr> <td>🔴 2024 Package</td> <td>28 entries</td> </tr> <tr> <td>🟣 2025 Package</td> <td>200+ entries</td> </tr> <tr> <td>🔥 2026 Package</td> <td>300+ entries</td> </tr> </tbody> </table></div> <h2> 🔧 Core Project Files </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>File</th> <th>CVEs</th> </tr> </thead> <tbody> <tr> <td><code>ZAYED-CORE.sh</code></td> <td>CVE-2021-23337 · CVE-2021-44228 · CVE-2022-0567 · CVE-2024-0001/02/03</td> </tr> <tr> <td><code>advisory.json</code></td> <td>54 CVEs (2026-25120 → 27026)</td> </tr> <tr> <td><code>vulnerability_intelligence_hub.md</code></td> <td>7 CVEs (2021 series + 2026-0001)</td> </tr> <tr> <td><code>engines/DOCUMENTATION.md</code></td> <td>CVE-2021-23337 · CVE-2021-3749</td> </tr> <tr> <td><code>automated_incident_response_engine.md</code></td> <td>CVE-2026-0001</td> </tr> <tr> <td><code>realtime_alert_dispatcher.md</code></td> <td>CVE-2026-0001</td> </tr> <tr> <td><code>merged_cves_list.txt</code></td> <td>CVE-2024-28863 · CVE-2025-7195 · CVE-2026-25696</td> </tr> </tbody> </table></div> <h2> ⚔️ The Warrior </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> █████╗ ███████╗██████╗ █████╗ ██████╗ ███╗ ███╗ █████╗ ██████╗ ███████╗██████╗ ██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔══██╗ ████╗ ████║██╔══██╗██╔══██╗██╔════╝██╔══██╗ ███████║███████╗██████╔╝███████║██████╔╝ ██╔████╔██║███████║██████╔╝█████╗ ██║ ██║ ██╔══██║╚════██║██╔══██╗██╔══██║██╔══██╗ ██║╚██╔╝██║██╔══██║██╔══██╗██╔══╝ ██║ ██║ ██║ ██║███████║██║ ██║██║ ██║██║ ██║ ██║ ╚═╝ ██║██║ ██║██║ ██║███████╗██████╔╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝╚═════╝ </code></pre> </div> <p>&gt; <em>"The warrior hunting vulnerabilities makes history from a small Samsung phone."</em><br> &gt; <br> &gt; — <strong>asrar-mared</strong> 🇦🇪</p> <p><strong>🌍 Arab World Security Platform · Zayed Shield Cyber Defense</strong></p> <p><a href="https://github.com/asrar-r" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FGitHub-asrar--mared-0d1117%3Fstyle%3Dfor-the-badge%26logo%3Dgithub" alt="asrar-mared"></a><br> <a href="mailto:nike49424@gmail.com"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FEmail-nike49424%2540gmail.com-EA4335%3Fstyle%3Dfor-the-badge%26logo%3Dgmail" alt="Email"></a><br> <a href="mailto:nike49424@proton.me"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FProtonMail-nike49424%2540proton.me-6D4AFF%3Fstyle%3Dfor-the-badge%26logo%3Dprotonmail" alt="ProtonMail"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%259B%25A1%25EF%25B8%258F_ZAYED_SHIELD-Cyber_Defense_Platform-0d1117%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%259B%25A1%25EF%25B8%258F_ZAYED_SHIELD-Cyber_Defense_Platform-0d1117%3Fstyle%3Dfor-the-badge" alt="Zayed Shield"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%259A%2594%25EF%25B8%258F_BUILT_BY-asrar--mared-e85d04%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25E2%259A%2594%25EF%25B8%258F_BUILT_BY-asrar--mared-e85d04%3Fstyle%3Dfor-the-badge" alt="Built by Warrior"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%258C%258D_ARAB_WORLD-Security_Platform-dc143c%3Fstyle%3Dfor-the-badge" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2F%25F0%259F%258C%258D_ARAB_WORLD-Security_Platform-dc143c%3Fstyle%3Dfor-the-badge" alt="Arab World"></a></p> <p><em>📅 Last Updated: February 2026 · 🔍 Scan: 801 entries · 📁 Files: 719</em></p> 🎖️المحارب الرقمي🎖️ Fri, 20 Feb 2026 03:08:03 +0000 https://forem.com/asrarmared/contributing-to-zayed-shield-4kgi https://forem.com/asrarmared/contributing-to-zayed-shield-4kgi <h1> Contributing to Zayed Shield </h1> <p>Thank you for your interest in contributing to Zayed Shield. This document provides guidelines for contributing to this project.</p> <h2> Table of Contents </h2> <ul> <li>Code of Conduct</li> <li>Getting Started</li> <li>How to Contribute</li> <li>Development Process</li> <li>Pull Request Guidelines</li> <li>Coding Standards</li> <li>Testing Requirements</li> <li>Documentation</li> <li>Community</li> </ul> <h2> Code of Conduct </h2> <blockquote> <p><em>"The best way to find yourself is to lose yourself in the service of others."</em> — Mahatma Gandhi</p> </blockquote> <p>We are committed to fostering an inclusive and respectful community. All contributors are expected to:</p> <ul> <li>Treat everyone with respect and kindness</li> <li>Welcome diverse perspectives and experiences</li> <li>Accept constructive criticism gracefully</li> <li>Focus on what is best for the community</li> <li>Show empathy towards other community members</li> </ul> <p>By participating in this project, you agree to abide by these principles.</p> <h2> Getting Started </h2> <h3> Prerequisites </h3> <p>Before contributing, ensure you have:</p> <ul> <li>Git installed on your system</li> <li>A GitHub account</li> <li>Basic understanding of the project's technology stack</li> <li>Familiarity with our <a href="//SECURITY.md">Security Policy</a> </li> </ul> <h3> Setting Up Your Development Environment </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Fork the repository on GitHub</span> <span class="c"># Clone your fork</span> git clone https://github.com/YOUR-USERNAME/Zayed-Shield.git <span class="c"># Navigate to the project directory</span> <span class="nb">cd </span>Zayed-Shield <span class="c"># Add the original repository as upstream</span> git remote add upstream https://github.com/asrar-mared/Zayed-Shield.git <span class="c"># Install dependencies</span> ./scripts/setup.sh </code></pre> </div> <h2> How to Contribute </h2> <h3> Ways to Contribute </h3> <p>We welcome contributions in many forms:</p> <p><strong>Code Contributions</strong></p> <ul> <li>Bug fixes</li> <li>New features</li> <li>Performance improvements</li> <li>Code refactoring</li> </ul> <p><strong>Non-Code Contributions</strong></p> <ul> <li>Documentation improvements</li> <li>Bug reports</li> <li>Feature suggestions</li> <li>Testing and quality assurance</li> <li>Translations</li> <li>Community support</li> </ul> <h3> Finding Issues to Work On </h3> <ul> <li>Browse our <a href="https://github.com/asrar-mared/Zayed-Shield/issues" rel="noopener noreferrer">issue tracker</a> </li> <li>Look for issues labeled <code>good first issue</code> or <code>help wanted</code> </li> <li>Check our <a href="https://github.com/asrar-mared/Zayed-Shield/projects" rel="noopener noreferrer">project roadmap</a> </li> </ul> <h2> Development Process </h2> <h3> Creating a Branch </h3> <p>Always create a new branch for your work:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Update your local main branch</span> git checkout main git pull upstream main <span class="c"># Create a new branch</span> git checkout <span class="nt">-b</span> feature/your-feature-name </code></pre> </div> <p><strong>Branch Naming Convention:</strong></p> <ul> <li> <code>feature/</code> - New features</li> <li> <code>fix/</code> - Bug fixes</li> <li> <code>docs/</code> - Documentation changes</li> <li> <code>refactor/</code> - Code refactoring</li> <li> <code>test/</code> - Test improvements</li> </ul> <h3> Making Changes </h3> <ol> <li>Make your changes in logical commits</li> <li>Write clear, descriptive commit messages</li> <li>Test your changes thoroughly</li> <li>Update documentation as needed</li> </ol> <h3> Commit Message Guidelines </h3> <p>We follow the Conventional Commits specification:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>type(scope): brief description Detailed explanation of the change (optional) Fixes #123 </code></pre> </div> <p><strong>Types:</strong></p> <ul> <li> <code>feat</code> - A new feature</li> <li> <code>fix</code> - A bug fix</li> <li> <code>docs</code> - Documentation changes</li> <li> <code>style</code> - Code style changes (formatting, etc.)</li> <li> <code>refactor</code> - Code refactoring</li> <li> <code>test</code> - Adding or updating tests</li> <li> <code>chore</code> - Maintenance tasks</li> </ul> <p><strong>Example:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>feat(security): add enhanced encryption module Implements AES-256 encryption for sensitive data storage. This improves overall security posture of the application. Fixes #456 </code></pre> </div> <h2> Pull Request Guidelines </h2> <h3> Before Submitting </h3> <ul> <li>[ ] Code follows project style guidelines</li> <li>[ ] All tests pass locally</li> <li>[ ] New tests added for new functionality</li> <li>[ ] Documentation updated</li> <li>[ ] Commits are clean and well-organized</li> <li>[ ] Branch is up to date with main</li> </ul> <h3> Submitting Your Pull Request </h3> <ol> <li>Push your branch to your fork: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> git push origin feature/your-feature-name </code></pre> </div> <ol> <li><p>Navigate to the <a href="https://github.com/asrar-mared/Zayed-Shield" rel="noopener noreferrer">repository</a></p></li> <li><p>Click "New Pull Request"</p></li> <li><p>Fill out the PR template completely</p></li> <li><p>Request review from maintainers</p></li> </ol> <h3> Pull Request Template </h3> <div class="highlight js-code-highlight"> <pre class="highlight markdown"><code><span class="gu">## Description</span> [Clear description of what this PR does] <span class="gu">## Type of Change</span> <span class="p">-</span> [ ] Bug fix <span class="p">-</span> [ ] New feature <span class="p">-</span> [ ] Breaking change <span class="p">-</span> [ ] Documentation update <span class="gu">## Testing</span> [Describe the testing you've performed] <span class="gu">## Checklist</span> <span class="p">-</span> [ ] Code follows style guidelines <span class="p">-</span> [ ] Self-review completed <span class="p">-</span> [ ] Tests added/updated <span class="p">-</span> [ ] Documentation updated <span class="p">-</span> [ ] No new warnings introduced <span class="gu">## Related Issues</span> Fixes #(issue number) </code></pre> </div> <h3> Review Process </h3> <ol> <li>Maintainers will review your PR</li> <li>Feedback will be provided constructively</li> <li>Make requested changes if needed</li> <li>Once approved, a maintainer will merge</li> </ol> <p><strong>Average review time:</strong> 2-5 business days</p> <h2> Coding Standards </h2> <h3> General Principles </h3> <blockquote> <p><em>"Quality is not an act, it is a habit."</em> — Aristotle</p> </blockquote> <ul> <li>Write clean, readable code</li> <li>Follow language-specific best practices</li> <li>Keep functions small and focused</li> <li>Use meaningful variable names</li> <li>Comment complex logic</li> <li>Handle errors appropriately</li> </ul> <h3> Style Guidelines </h3> <p><strong>Python</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Follow PEP 8 # Use type hints </span><span class="k">def</span> <span class="nf">calculate_hash</span><span class="p">(</span><span class="n">data</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> <span class="sh">"""</span><span class="s"> Calculate SHA-256 hash of input data. Args: data: Input string to hash Returns: Hexadecimal hash string </span><span class="sh">"""</span> <span class="k">return</span> <span class="n">hashlib</span><span class="p">.</span><span class="nf">sha256</span><span class="p">(</span><span class="n">data</span><span class="p">.</span><span class="nf">encode</span><span class="p">()).</span><span class="nf">hexdigest</span><span class="p">()</span> </code></pre> </div> <p><strong>JavaScript</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Use modern ES6+ syntax</span> <span class="c1">// Follow Airbnb style guide</span> <span class="kd">const</span> <span class="nx">processData</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">data</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">validateData</span><span class="p">(</span><span class="nx">data</span><span class="p">);</span> <span class="k">return</span> <span class="nx">result</span><span class="p">;</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">logger</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Data processing failed</span><span class="dl">'</span><span class="p">,</span> <span class="nx">error</span><span class="p">);</span> <span class="k">throw</span> <span class="nx">error</span><span class="p">;</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <p><strong>Shell Scripts</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># Use descriptive variable names</span> <span class="c"># Add error handling</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="nb">readonly </span><span class="nv">SCRIPT_DIR</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">cd</span> <span class="s2">"</span><span class="si">$(</span><span class="nb">dirname</span> <span class="s2">"</span><span class="k">${</span><span class="nv">BASH_SOURCE</span><span class="p">[0]</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span><span class="s2">"</span> <span class="o">&amp;&amp;</span> <span class="nb">pwd</span><span class="si">)</span><span class="s2">"</span> </code></pre> </div> <h2> Testing Requirements </h2> <h3> Test Coverage </h3> <p>We maintain high standards for code quality:</p> <ul> <li>Unit tests for all new functions</li> <li>Integration tests for features</li> <li>Minimum 80% code coverage</li> <li>All tests must pass before merge</li> </ul> <h3> Running Tests </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Run all tests</span> make <span class="nb">test</span> <span class="c"># Run specific test suite</span> pytest tests/unit/ <span class="c"># Run with coverage</span> pytest <span class="nt">--cov</span><span class="o">=</span>src tests/ <span class="c"># Run linting</span> make lint </code></pre> </div> <h3> Writing Tests </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">pytest</span> <span class="k">def</span> <span class="nf">test_hash_calculation</span><span class="p">():</span> <span class="sh">"""</span><span class="s">Test hash calculation produces expected output.</span><span class="sh">"""</span> <span class="n">input_data</span> <span class="o">=</span> <span class="sh">"</span><span class="s">test string</span><span class="sh">"</span> <span class="n">expected</span> <span class="o">=</span> <span class="sh">"</span><span class="s">d5579c46dfcc7f18207013e65b44e4cb4e2c2298f4ac457ba8f82743f31e930b</span><span class="sh">"</span> <span class="n">result</span> <span class="o">=</span> <span class="nf">calculate_hash</span><span class="p">(</span><span class="n">input_data</span><span class="p">)</span> <span class="k">assert</span> <span class="n">result</span> <span class="o">==</span> <span class="n">expected</span> </code></pre> </div> <h2> Documentation </h2> <blockquote> <p><em>"Documentation is a love letter that you write to your future self."</em> — Damian Conway</p> </blockquote> <h3> What to Document </h3> <ul> <li>New features and APIs</li> <li>Configuration options</li> <li>Installation procedures</li> <li>Usage examples</li> <li>Troubleshooting guides</li> </ul> <h3> Documentation Standards </h3> <ul> <li>Use clear, concise language</li> <li>Include code examples</li> <li>Keep documentation up to date</li> <li>Use proper markdown formatting</li> </ul> <h3> Example Documentation </h3> <div class="highlight js-code-highlight"> <pre class="highlight markdown"><code><span class="gu">## Function: validateInput</span> Validates user input against security requirements. <span class="gu">### Parameters</span> <span class="p"> -</span> <span class="sb">`input`</span> (string): The input string to validate <span class="p">-</span> <span class="sb">`options`</span> (object): Validation options <span class="p"> -</span> <span class="sb">`maxLength`</span> (number): Maximum allowed length <span class="p"> -</span> <span class="sb">`allowSpecialChars`</span> (boolean): Allow special characters <span class="gu">### Returns</span> <span class="sb">`boolean`</span>: True if validation passes, false otherwise <span class="gu">### Example</span> <span class="se">\`\`\`</span>javascript const isValid = validateInput(userInput, { maxLength: 100, allowSpecialChars: false }); <span class="se">\`\`\`</span> <span class="gu">### Throws</span> <span class="p"> -</span> <span class="sb">`ValidationError`</span>: If input format is invalid </code></pre> </div> <h2> Community </h2> <h3> Communication Channels </h3> <ul> <li> <strong>GitHub Issues</strong> - Bug reports and feature requests</li> <li> <strong>GitHub Discussions</strong> - General questions and discussions</li> <li> <strong>Pull Requests</strong> - Code review and collaboration</li> </ul> <h3> Getting Help </h3> <p>If you need assistance:</p> <ol> <li>Check existing documentation</li> <li>Search closed issues</li> <li>Ask in GitHub Discussions</li> <li>Open a new issue with details</li> </ol> <h3> Recognition </h3> <p>We value all contributions and recognize contributors in:</p> <ul> <li>Release notes</li> <li>Project README</li> <li>Annual contributor highlights</li> </ul> <h2> Thank You </h2> <blockquote> <p><em>"Alone we can do so little; together we can do so much."</em> — Helen Keller</p> </blockquote> <p>Your contributions make this project better for everyone. We appreciate your time and effort in helping improve Zayed Shield.</p> <p><strong>Happy Contributing! 🚀</strong></p> <h2> Additional Resources </h2> <ul> <li><a href="https://github.com/asrar-mared/Zayed-Shield/wiki" rel="noopener noreferrer">Project Documentation</a></li> <li><a href="//SECURITY.md">Security Policy</a></li> <li><a href="//CODE_OF_CONDUCT.md">Code of Conduct</a></li> <li><a href="https://dev.toLICENSE">License</a></li> </ul> <p><strong>Zayed Shield</strong> - Built with dedication by contributors worldwide</p> <p>Made with ❤️ in UAE 🇦🇪</p> community github opensource softwareengineering