Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2022-50722
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: ipu3-imgu: Fix NULL pointer dereference in active selection access<br /> <br /> What the IMGU driver did was that it first acquired the pointers to active<br /> and try V4L2 subdev state, and only then figured out which one to use.<br /> <br /> The problem with that approach and a later patch (see Fixes: tag) is that<br /> as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is<br /> now an attempt to dereference that.<br /> <br /> Fix this.<br /> <br /> Also rewrap lines a little.
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2022-50723
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bnxt_en: fix memory leak in bnxt_nvm_test()<br /> <br /> Free the kzalloc&amp;#39;ed buffer before returning in the success path.
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2022-50712
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> devlink: hold region lock when flushing snapshots<br /> <br /> Netdevsim triggers a splat on reload, when it destroys regions<br /> with snapshots pending:<br /> <br /> WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlink_region_snapshot_del+0x12e/0x140<br /> CPU: 1 PID: 787 Comm: devlink Not tainted 6.1.0-07460-g7ae9888d6e1c #580<br /> RIP: 0010:devlink_region_snapshot_del+0x12e/0x140<br /> Call Trace:<br /> <br /> devl_region_destroy+0x70/0x140<br /> nsim_dev_reload_down+0x2f/0x60 [netdevsim]<br /> devlink_reload+0x1f7/0x360<br /> devlink_nl_cmd_reload+0x6ce/0x860<br /> genl_family_rcv_msg_doit.isra.0+0x145/0x1c0<br /> <br /> This is the locking assert in devlink_region_snapshot_del(),<br /> we&amp;#39;re supposed to be holding the region-&gt;snapshot_lock here.
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2022-50713
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> clk: visconti: Fix memory leak in visconti_register_pll()<br /> <br /> @pll-&gt;rate_table has allocated memory by kmemdup(), if clk_hw_register()<br /> fails, it should be freed, otherwise it will cause memory leak issue,<br /> this patch fixes it.
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2025-68729
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: ath12k: Fix MSDU buffer types handling in RX error path<br /> <br /> Currently, packets received on the REO exception ring from<br /> unassociated peers are of MSDU buffer type, while the driver expects<br /> link descriptor type packets. These packets are not parsed further due<br /> to a return check on packet type in ath12k_hal_desc_reo_parse_err(),<br /> but the associated skb is not freed. This may lead to kernel<br /> crashes and buffer leaks.<br /> <br /> Hence to fix, update the RX error handler to explicitly drop<br /> MSDU buffer type packets received on the REO exception ring.<br /> This prevents further processing of invalid packets and ensures<br /> stability in the RX error handling path.<br /> <br /> Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2025-68730
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()<br /> <br /> Don&amp;#39;t add BO to the vdev-&gt;bo_list in ivpu_gem_create_object().<br /> When failure happens inside drm_gem_shmem_create(), the BO is not<br /> fully created and ivpu_gem_bo_free() callback will not be called<br /> causing a deleted BO to be left on the list.
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2025-68731
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array()<br /> <br /> The unpublished smatch static checker reported a warning.<br /> <br /> drivers/accel/amdxdna/aie2_pci.c:904 aie2_query_ctx_status_array()<br /> warn: potential user controlled sizeof overflow<br /> &amp;#39;args-&gt;num_element * args-&gt;element_size&amp;#39; &amp;#39;1-u32max(user) * 1-u32max(user)&amp;#39;<br /> <br /> Even this will not cause a real issue, it is better to put a reasonable<br /> limitation for element_size and num_element. Add condition to make sure<br /> the input element_size
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2025-68734
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe()<br /> <br /> In hfcsusb_probe(), the memory allocated for ctrl_urb gets leaked when<br /> setup_instance() fails with an error code. Fix that by freeing the urb<br /> before freeing the hw structure. Also change the error paths to use the<br /> goto ladder style.<br /> <br /> Compile tested only. Issue found using a prototype static analysis tool.
Severity CVSS v4.0: Pending analysis
Last modification:
29/12/2025

CVE-2025-68727
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ntfs3: Fix uninit buffer allocated by __getname()<br /> <br /> Fix uninit errors caused after buffer allocation given to &amp;#39;de&amp;#39;; by<br /> initializing the buffer with zeroes. The fix was found by using KMSAN.
Severity CVSS v4.0: Pending analysis
Last modification:
19/01/2026

CVE-2025-68728
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ntfs3: fix uninit memory after failed mi_read in mi_format_new<br /> <br /> Fix a KMSAN un-init bug found by syzkaller.<br /> <br /> ntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be<br /> uptodate. We do not bring the buffer uptodate before setting it as<br /> uptodate. If the buffer were to not be uptodate, it could mean adding a<br /> buffer with un-init data to the mi record. Attempting to load that record<br /> will trigger KMSAN.<br /> <br /> Avoid this by setting the buffer as uptodate, if it’s not already, by<br /> overwriting it.
Severity CVSS v4.0: Pending analysis
Last modification:
19/01/2026

CVE-2025-68732
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> gpu: host1x: Fix race in syncpt alloc/free<br /> <br /> Fix race condition between host1x_syncpt_alloc()<br /> and host1x_syncpt_put() by using kref_put_mutex()<br /> instead of kref_put() + manual mutex locking.<br /> <br /> This ensures no thread can acquire the<br /> syncpt_mutex after the refcount drops to zero<br /> but before syncpt_release acquires it.<br /> This prevents races where syncpoints could<br /> be allocated while still being cleaned up<br /> from a previous release.<br /> <br /> Remove explicit mutex locking in syncpt_release<br /> as kref_put_mutex() handles this atomically.
Severity CVSS v4.0: Pending analysis
Last modification:
19/01/2026

CVE-2025-68733
Publication date:
24/12/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> smack: fix bug: unprivileged task can create labels<br /> <br /> If an unprivileged task is allowed to relabel itself<br /> (/smack/relabel-self is not empty),<br /> it can freely create new labels by writing their<br /> names into own /proc/PID/attr/smack/current<br /> <br /> This occurs because do_setattr() imports<br /> the provided label in advance,<br /> before checking "relabel-self" list.<br /> <br /> This change ensures that the "relabel-self" list<br /> is checked before importing the label.
Severity CVSS v4.0: Pending analysis
Last modification:
19/01/2026
Subscribe to Vulnerabilities