Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2026-57031

Publication date:
09/07/2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters.<br /> <br /> On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers configured on static interfaces, ingress firewall filters are not enforced, so that neither protocol level nor upstream bandwidth limitation are in effect. <br /> <br /> <br /> This issue affects Junos OS on MX with MPC10/11, LC4800/9600/4802, and MX304:<br /> <br /> <br /> * 23.2 versions from 23.2R2-S1 before 23.2R2-S7,<br /> * 23.4 versions from 23.4R2 before 23.4R2-S7,<br /> * 24.2 versions before 24.2R2-S3,<br /> * 24.4 versions before 24.4R2-S2,<br /> * 25.2 versions before 25.2R2.
Severity CVSS v4.0: MEDIUM
Last modification:
09/07/2026

CVE-2026-57021

Publication date:
09/07/2026
An Out-of-bounds Write vulnerability in the http-gatekeeper (http-gk) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br /> <br /> If an SRX Series device is configured for remote-access VPN with pre-logon compliance check, a network-based attacker sending specifically formatted requests can trigger an out of bounds write leading to an http-gk process crash. This crash leads to unavailability of all services depending on the [ system services web-management ] configuration (like J-Web, remote access VPN and firewall authentication) until the process automatically restarts.<br /> <br /> This issue affects Junos OS on SRX Series:<br /> <br /> <br /> * 23.2 versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S8,<br /> * 24.2 versions before 24.2R2-S4,<br /> * 24.4 versions before 24.4R2-S4,<br /> * 25.2 versions before 25.2R2,<br /> * 25.4 versions before 25.4R1-S1, 25.4R2.
Severity CVSS v4.0: MEDIUM
Last modification:
09/07/2026

CVE-2026-57022

Publication date:
09/07/2026
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br /> <br /> When an affected device initiates a TCP connection to an attacker-controlled system that responds with a specific packet, this causes a PFE crash and restart, which affects all services until the system has automatically recovered.<br /> This issue can happen among others in the following scenarios: ALG, SSL proxy, UTM, RTLOG, AppQoE probing, AAMW, ICAP, URL filtering.<br /> <br /> This issue affects Junos OS on MX Series with SPC3, SRX5k Series with SPC3, SRX1600 Series, SRX2300 Series, SRX4000 Series, and vSRX Series:<br /> <br /> * all versions before 23.2R2-S4,<br /> * 23.4 versions before 23.4R2-S5,<br /> * 24.2 versions before 24.2R2.
Severity CVSS v4.0: HIGH
Last modification:
09/07/2026

CVE-2026-57023

Publication date:
09/07/2026
An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated, network-based attacker to cause a complete Denial of Service (DoS).<br /> <br /> When TCP proxy is engaged in a flow session, to support ALGs, Advanced Anti-Malware, ICAP or UTM, a TCP packet with specifically malformed TCP header will cause flow processing daemon (flowd) to crash and restart. This causes a complete service outage until the system has automatically recovered.<br /> <br /> <br /> <br /> This issue affects Junos OS on MX with SPC3, and SRX Series: <br /> <br /> <br /> <br /> * 23.4 versions before 23.4R2-S7, <br /> * 24.2 versions before 24.2R2-S4, <br /> * 24.4 versions before 24.4R2-S3,<br /> * 25.2 versions before 25.2R2.<br /> <br /> <br /> <br /> <br /> This issue does not affect releases before 23.4R1.
Severity CVSS v4.0: HIGH
Last modification:
09/07/2026

CVE-2026-57024

Publication date:
09/07/2026
A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br /> <br /> <br /> <br /> On an MX with SPC3 and SRX devices configured for VPN service, when a large number of VPN negotiations fail a peer index rollover will eventually occur. As a result, new peers are assigned index values that are already in use and the iked process starts to crash repeatedly. This results in failure to establish new VPN connections and rekeying existing ones. To restore service the system must be rebooted.<br /> Please note that the index value can&amp;#39;t be monitored, so customers should monitor tunnel up and down events and if a lot of events occur over an extended period of time it becomes likely that this issue occurs.<br /> <br /> To be exposed to this issue the system needs to run iked (vs. kmd which is not affected), which can be verified with:<br /> <br /> user@host&gt; show system processes extensive | match "KMD|IKED"<br /> This issue affects Junos OS on MX with SPC3, SRX Series:<br /> <br /> <br /> * all versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S6,<br /> * 24.2 versions before 24.2R2-S3,<br /> * 24.4 versions before 24.4R2-S4,<br /> * 25.2 versions before 25.2R1-S1.
Severity CVSS v4.0: MEDIUM
Last modification:
09/07/2026

CVE-2026-57025

Publication date:
09/07/2026
A Return of Pointer Value Outside of Expected Range vulnerability in the fileio library of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privilged attacker to cause a Denial-of-Service (DoS).<br /> <br /> On EX Series, QFX Series and MX Series a low-privileged attacker issuing a specific &amp;#39;show l2-learning&amp;#39; command will cause an l2ald crash which will lead to a temporary service impact for all layer 2 services until the process has automatically restarted.<br /> <br /> This issue affects EX Series, QFX Series, MX Series:<br /> Junos OS:<br /> <br /> <br /> * all versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S7,<br /> * 24.2 versions before 24.2R2,<br /> * 24.4 versions before 24.4R1-S2.<br /> <br /> <br /> <br /> Junos OS Evolved:<br /> * all versions before 23.2R2-S7-EVO,<br /> * 23.4 versions before 23.4R2-S8-EVO,<br /> * 24.2 versions before 24.2R2-EVO,<br /> * 24.4 versions before 24.4R1-S3-EVO.
Severity CVSS v4.0: MEDIUM
Last modification:
09/07/2026

CVE-2026-57026

Publication date:
09/07/2026
An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).If the SIP ALG is enabled on an affected device, the processing of a malformed SIP invite packet will cause a flow processing daemon (flowd) crash and restart. This leads to a complete service outage until the system has automatically recovered.<br /> <br /> <br /> <br /> This issue affects Junos OS on MX Series with SPC3 and SRX Series:<br /> <br /> <br /> * all versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S8,<br /> * 24.2 versions before 24.2R2-S5,<br /> * 24.4 versions before 24.4R2-S4,<br /> * 25.2 versions before 25.2R2,<br /> * 25.4 versions before 25.4R1-S2.
Severity CVSS v4.0: HIGH
Last modification:
09/07/2026

CVE-2026-55424

Publication date:
09/07/2026
Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a topic "featured link" was not sufficiently normalized and escaped before being rendered in the topic list, allowing a user who can set a featured link to inject JavaScript when default Content Security Policy protections were modified or disabled. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.
Severity CVSS v4.0: HIGH
Last modification:
09/07/2026

CVE-2026-55604

Publication date:
09/07/2026
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global `SessionStore` accepts caller-supplied `session_id` values without binding them to any authenticated principal or transport session. An attacker can enumerate active session IDs via `deepseek_sessions`, then reuse a victim-controlled `session_id` in `deepseek_chat` to retrieve and continue the victim&amp;#39;s conversation context. Version 1.7.0 contains a patch.
Severity CVSS v4.0: Pending analysis
Last modification:
09/07/2026

CVE-2026-55605

Publication date:
09/07/2026
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of `@arikusi/deepseek-mcp-server` exposes `POST /mcp` without any authentication: `createMcpExpressApp` is called without an `authProvider` and no middleware guards the route, so any network-reachable client can issue an unauthenticated `initialize` request and obtain a valid MCP session identifier. In reproduced testing against commit `5e1302171e99`, an unauthenticated client was able to initialize a session, enumerate tools, and invoke the local `deepseek_sessions` tool with no credentials. The same unauthenticated session also exposes `deepseek_chat`, whose handler uses the server-side `DEEPSEEK_API_KEY` when self-hosted deployments configure one. This issue applies to self-hosted HTTP mode, not the separately documented hosted BYOK endpoint in `README.md`, which expects an `Authorization: Bearer ...` header. Upstream self-hosted container assets enable HTTP mode by default (`Dockerfile`) and publish port `3000` (`docker-compose.yml`). Version 1.8.0 contains a patch for this issue.
Severity CVSS v4.0: Pending analysis
Last modification:
09/07/2026

CVE-2026-55689

Publication date:
09/07/2026
OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA&amp;#39;s OIDC authenticator skipped JWT audience validation when authn.method was set to oidc, authn.oidc.issuer was configured, and authn.oidc.audience was not set, allowing a token minted for an unrelated service by the same identity provider to authenticate to OpenFGA. This issue is fixed in 1.18.0.
Severity CVSS v4.0: Pending analysis
Last modification:
09/07/2026

CVE-2026-57019

Publication date:
09/07/2026
An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).<br /> <br /> <br /> When a specific packet is received from device in the same broadcast domain, an affected system calculates the packet size incorrectly. This causes further packet processing to fail, which triggers an FPC major error, resulting in a FPC reset impacting traffic until the FPC has automatically recovered.<br /> <br /> Affected scenarios are: MAP-T, or non-IP traffic encapsulated in IP (e.g. MPLS over GRE).<br /> <br /> When this issue happens the following logs can be observed:<br /> <br /> fpc CMError: /fpc/0/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_LI_INT_REG_UNROLL_TAIL_LENGTH_OVF (0x2205eb), scope: pfe, category: functional, severity: major, module: MQSS(0), type: LI: Unroll TAIL length overflow, oc_category: default<br /> fpc Performing action reset-fru for error /fpc/0/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_LI_INT_REG_UNROLL_TAIL_LENGTH_OVF (0x2205eb) in module: MQSS(0) with scope: pfe category: functional level: major, oc_category: default<br /> <br /> <br /> <br /> <br /> This issue affects Junos OS on MX Series:<br /> <br /> <br /> * all versions before 23.2R2-S6,<br /> * 23.4 versions before 23.4R2-S7,<br /> * 24.2 versions before 24.2R2-S4,<br /> * 24.4 versions before 24.4R2-S4,<br /> * 25.2 versions before 25.2R2.
Severity CVSS v4.0: HIGH
Last modification:
09/07/2026