Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-47148
Publication date:
15/10/2025
When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Identity Provider (IdP), with single logout (SLO) enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity CVSS v4.0: HIGH
Last modification:
21/10/2025

CVE-2025-47150
Publication date:
15/10/2025
When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an increase in SNMP memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity CVSS v4.0: HIGH
Last modification:
21/10/2025

CVE-2025-9640
Publication date:
15/10/2025
A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vulnerability.
Severity CVSS v4.0: Pending analysis
Last modification:
26/11/2025

CVE-2025-10869
Publication date:
15/10/2025
Stored Cross-site Scripting (XSS) in Oct8ne Chatbot v2.3. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting a malicious payload through the creation of a transcript that is sent by email. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user, through /Data/SaveInteractions.
Severity CVSS v4.0: MEDIUM
Last modification:
30/10/2025

CVE-2025-55081
Publication date:
15/10/2025
In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of <br /> certain SSL/TLS client hello message: the ciphersuite length and <br /> compression method length. In case of an attacker-crafted message with <br /> values outside of the expected range, it could cause an out-of-bound <br /> read.
Severity CVSS v4.0: MEDIUM
Last modification:
27/10/2025

CVE-2025-55082
Publication date:
15/10/2025
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in _nx_secure_tls_process_clienthello() because of a missing validation of PSK length provided in the user message.
Severity CVSS v4.0: MEDIUM
Last modification:
21/10/2025

CVE-2025-11722
Publication date:
15/10/2025
The Woocommerce Category and Products Accordion Panel plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the &amp;#39;categoryaccordionpanel&amp;#39; shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity CVSS v4.0: Pending analysis
Last modification:
16/10/2025

CVE-2025-11728
Publication date:
15/10/2025
The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and unauthorized modification of data due to missing authentication and capability checks on the &amp;#39;return_payment&amp;#39; and &amp;#39;notice_payment&amp;#39; functions in all versions up to, and including, 6.0. This makes it possible for unauthenticated attackers to update WooCommerce orders to &amp;#39;failed&amp;#39; status, and update transaction IDs.
Severity CVSS v4.0: Pending analysis
Last modification:
16/10/2025

CVE-2025-9967
Publication date:
15/10/2025
The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.7. This is due to the plugin not properly validating a user&amp;#39;s identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user&amp;#39;s password to a one-time password if the attacker knows the user&amp;#39;s phone number
Severity CVSS v4.0: Pending analysis
Last modification:
16/10/2025

CVE-2025-11177
Publication date:
15/10/2025
The External Login plugin for WordPress is vulnerable to SQL Injection via the &amp;#39;log&amp;#39; parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database when a PostgreSQL or MSSQL database is configured as the external authentication database.
Severity CVSS v4.0: Pending analysis
Last modification:
16/10/2025

CVE-2025-11196
Publication date:
15/10/2025
The External Login plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.11.2 due to the &amp;#39;exlog_test_connection&amp;#39; AJAX action lacking capability checks or nonce validation. This makes it possible for authenticated attackers, with subscriber-level access and above, to query the configured external database and retrieve truncated usernames, email addresses, and password hashes via the diagnostic test results view.
Severity CVSS v4.0: Pending analysis
Last modification:
16/10/2025

CVE-2025-11365
Publication date:
15/10/2025
The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the &amp;#39;id&amp;#39; parameter of the &amp;#39;google_map&amp;#39; shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity CVSS v4.0: Pending analysis
Last modification:
16/10/2025
Subscribe to Vulnerabilities