Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2026-6983
Publication date:
25/04/2026
A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-6982
Publication date:
25/04/2026
A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.class.PHP of the component API Page Sort Endpoint. Executing a manipulation of the argument pages can lead to sql injection. The attack may be launched remotely. Upgrading to version 3.8.1 addresses this issue. It is suggested to upgrade the affected component. According to the researcher, "[t]he vendor explicitly stated they will not backport patches to the older affected versions."
Severity CVSS v4.0: MEDIUM
Last modification:
27/04/2026

CVE-2026-6981
Publication date:
25/04/2026
A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-6980
Publication date:
25/04/2026
A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repo_path of the file main.py. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: MEDIUM
Last modification:
29/04/2026

CVE-2026-6978
Publication date:
25/04/2026
A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-6979
Publication date:
25/04/2026
A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-6977
Publication date:
25/04/2026
A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: MEDIUM
Last modification:
29/04/2026

CVE-2026-31685
Publication date:
25/04/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfilter: ip6t_eui64: reject invalid MAC header for all packets<br /> <br /> `eui64_mt6()` derives a modified EUI-64 from the Ethernet source address<br /> and compares it with the low 64 bits of the IPv6 source address.<br /> <br /> The existing guard only rejects an invalid MAC header when<br /> `par-&gt;fragoff != 0`. For packets with `par-&gt;fragoff == 0`, `eui64_mt6()`<br /> can still reach `eth_hdr(skb)` even when the MAC header is not valid.<br /> <br /> Fix this by removing the `par-&gt;fragoff != 0` condition so that packets<br /> with an invalid MAC header are rejected before accessing `eth_hdr(skb)`.
Severity CVSS v4.0: Pending analysis
Last modification:
06/05/2026

CVE-2026-31684
Publication date:
25/04/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: sched: act_csum: validate nested VLAN headers<br /> <br /> tcf_csum_act() walks nested VLAN headers directly from skb-&gt;data when an<br /> skb still carries in-payload VLAN tags. The current code reads<br /> vlan-&gt;h_vlan_encapsulated_proto and then pulls VLAN_HLEN bytes without<br /> first ensuring that the full VLAN header is present in the linear area.<br /> <br /> If only part of an inner VLAN header is linearized, accessing<br /> h_vlan_encapsulated_proto reads past the linear area, and the following<br /> skb_pull(VLAN_HLEN) may violate skb invariants.<br /> <br /> Fix this by requiring pskb_may_pull(skb, VLAN_HLEN) before accessing and<br /> pulling each nested VLAN header. If the header still is not fully<br /> available, drop the packet through the existing error path.
Severity CVSS v4.0: Pending analysis
Last modification:
06/05/2026

CVE-2026-31683
Publication date:
25/04/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> batman-adv: avoid OGM aggregation when skb tailroom is insufficient<br /> <br /> When OGM aggregation state is toggled at runtime, an existing forwarded<br /> packet may have been allocated with only packet_len bytes, while a later<br /> packet can still be selected for aggregation. Appending in this case can<br /> hit skb_put overflow conditions.<br /> <br /> Reject aggregation when the target skb tailroom cannot accommodate the new<br /> packet. The caller then falls back to creating a new forward packet<br /> instead of appending.
Severity CVSS v4.0: Pending analysis
Last modification:
06/05/2026

CVE-2026-31682
Publication date:
25/04/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bridge: br_nd_send: linearize skb before parsing ND options<br /> <br /> br_nd_send() parses neighbour discovery options from ns-&gt;opt[] and<br /> assumes that these options are in the linear part of request.<br /> <br /> Its callers only guarantee that the ICMPv6 header and target address<br /> are available, so the option area can still be non-linear. Parsing<br /> ns-&gt;opt[] in that case can access data past the linear buffer.<br /> <br /> Linearize request before option parsing and derive ns from the linear<br /> network header.
Severity CVSS v4.0: Pending analysis
Last modification:
06/05/2026

CVE-2026-31681
Publication date:
25/04/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfilter: xt_multiport: validate range encoding in checkentry<br /> <br /> ports_match_v1() treats any non-zero pflags entry as the start of a<br /> port range and unconditionally consumes the next ports[] element as<br /> the range end.<br /> <br /> The checkentry path currently validates protocol, flags and count, but<br /> it does not validate the range encoding itself. As a result, malformed<br /> rules can mark the last slot as a range start or place two range starts<br /> back to back, leaving ports_match_v1() to step past the last valid<br /> ports[] element while interpreting the rule.<br /> <br /> Reject malformed multiport v1 rules in checkentry by validating that<br /> each range start has a following element and that the following element<br /> is not itself marked as another range start.
Severity CVSS v4.0: Pending analysis
Last modification:
06/05/2026
Subscribe to Vulnerabilities