Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2026-4324
Publication date:
17/03/2026
A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sort_by parameter of the /api/hosts/bootc_images API endpoint. This can lead to a Denial of Service (DoS) by triggering database errors, and potentially enable Boolean-based Blind SQL injection, which could allow an attacker to extract sensitive information from the database.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-3888
Publication date:
17/03/2026
Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2025-62320
Publication date:
17/03/2026
HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external resources included in that HTML, which can cause unexpected requests from the user’s browser.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-4271
Publication date:
17/03/2026
A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS).
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2025-31966
Publication date:
17/03/2026
HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-26929
Publication date:
17/03/2026
Apache Airflow versions 3.0.0 through 3.1.7 FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dag_id set to "~" (wildcard for all DAGs). As a result, version metadata of DAGs that the requester is not authorized to access is returned.<br /> <br /> <br /> Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-30911
Publication date:
17/03/2026
Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API&amp;#39;s Human-in-the-Loop (HITL) endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance.<br /> <br /> <br /> Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-28563
Publication date:
17/03/2026
Apache Airflow versions 3.1.0 through 3.1.7 /ui/dependencies endpoint returns the full DAG dependency graph without filtering by authorized DAG IDs. This allows an authenticated user with only DAG Dependencies permission to enumerate DAGs they are not authorized to view.<br /> <br /> <br /> Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-28779
Publication date:
17/03/2026
Apache Airflow versions 3.1.0 through 3.1.7 session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url.<br /> This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full session takeover without attacking Airflow itself.<br /> <br /> Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-23241
Publication date:
17/03/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> audit: add missing syscalls to read class<br /> <br /> The "at" variant of getxattr() and listxattr() are missing from the<br /> audit read class. Calling getxattrat() or listxattrat() on a file to<br /> read its extended attributes will bypass audit rules such as:<br /> <br /> -w /tmp/test -p rwa -k test_rwa<br /> <br /> The current patch adds missing syscalls to the audit read class.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-3632
Publication date:
17/03/2026
A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026

CVE-2026-3633
Publication date:
17/03/2026
A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not properly escaped during request line construction, potentially leading to HTTP request injection.
Severity CVSS v4.0: Pending analysis
Last modification:
17/03/2026
Subscribe to Vulnerabilities