Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2026-46236
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: rc: xbox_remote: heed DMA restrictions<br /> <br /> The buffer for IO must not be part of the device structure<br /> because that violates the DMA coherency rules.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-46239
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl<br /> <br /> Three control cases (AUTOGAIN, EXPOSURE_AUTO, ANALOGUE_GAIN) directly<br /> return without calling pm_runtime_put(), causing runtime PM reference<br /> count leaks.<br /> <br /> Change these cases from &amp;#39;return&amp;#39; to &amp;#39;ret = ... break&amp;#39; pattern to ensure<br /> pm_runtime_put() is always called before function exit.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-46241
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: mpc52xx: fix use-after-free on registration failure<br /> <br /> Make sure to disable and free the interrupts in case controller<br /> registration fails to avoid a potential use-after-free and resource<br /> leak.<br /> <br /> This issue was flagged by Sashiko when reviewing a controller<br /> deregistration fix.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-4377
Publication date:
28/05/2026
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.<br /> <br /> This issue was fixed in version 1.00B16CP.
Severity CVSS v4.0: MEDIUM
Last modification:
28/05/2026

CVE-2026-46237
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amdgpu/vcn3: Avoid overflow on msg bound check<br /> <br /> As pointed out by SDL, the previous condition may be vulnerable to<br /> overflow.<br /> <br /> (cherry picked from commit db00257ac9e4a51eb2515aaea161a019f7125e10)
Severity CVSS v4.0: Pending analysis
Last modification:
30/05/2026

CVE-2026-46238
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> batman-adv: stop caching unowned originator pointers in BAT IV<br /> <br /> BAT IV keeps the last-hop neighbor address in each neigh_node, but some<br /> paths also cache an originator pointer derived from a temporary lookup.<br /> That pointer is not owned by the neigh_node and may no longer refer to a<br /> live originator entry after purge handling runs.<br /> <br /> Stop storing the auxiliary originator pointer in the BAT IV neighbor<br /> state. When BAT IV needs the neighbor originator data, resolve it from<br /> the stored neighbor address and drop the reference again after use.<br /> <br /> [sven: avoid bonding logic for outgoing OGM]
Severity CVSS v4.0: Pending analysis
Last modification:
30/05/2026

CVE-2026-46240
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: iris: Fix use-after-free in iris_release_internal_buffers()<br /> <br /> The recent change in commit 1dabf00ee206 ("media: iris: gen1: Destroy<br /> internal buffers after FW releases") introduced a regression where<br /> session_release_buf() may free the buffer. The caller,<br /> iris_release_internal_buffers(), continued to access `buffer` after the<br /> call, leading to a potential use-after-free.<br /> <br /> Fix this by setting BUF_ATTR_PENDING_RELEASE before calling<br /> session_release_buf(), and reverting the flag if the call fails. This<br /> ensures no dereference occurs after potential freeing.
Severity CVSS v4.0: Pending analysis
Last modification:
30/05/2026

CVE-2026-46224
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation failure<br /> <br /> When drm_gpuvm_resv_object_alloc() fails, the pre-allocated storage bo<br /> is not freed. Add xe_bo_free(storage) before returning the error.<br /> <br /> xe_dma_buf_init_obj() calls xe_bo_init_locked(), which frees the bo on<br /> error. Therefore, xe_dma_buf_init_obj() must also free the bo on its own<br /> error paths. Otherwise, since xe_gem_prime_import() cannot distinguish<br /> whether the failure originated from xe_dma_buf_init_obj() or from<br /> xe_bo_init_locked(), it cannot safely decide whether the bo should be<br /> freed.<br /> <br /> Add comments documenting the ownership semantics: on success, ownership<br /> of storage is transferred to the returned drm_gem_object; on failure,<br /> storage is freed before returning.<br /> <br /> v2: Add comments to explain the free logic.<br /> <br /> (cherry picked from commit 78a6c5f899f22338bbf48b44fb8950409c5a69b9)
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-46225
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: rspi: fix controller deregistration<br /> <br /> Make sure to deregister the controller before releasing underlying<br /> resources like DMA during driver unbind.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-46226
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: fsl: fix controller deregistration<br /> <br /> Make sure to deregister the controller before releasing underlying<br /> resources like DMA during driver unbind.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-46228
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: ch341: fix devres lifetime<br /> <br /> USB drivers bind to USB interfaces and any device managed resources<br /> should have their lifetime tied to the interface rather than parent USB<br /> device. This avoids issues like memory leaks when drivers are unbound<br /> without their devices being physically disconnected (e.g. on probe<br /> deferral or configuration changes).<br /> <br /> Fix the controller and driver data lifetime so that they are released<br /> on driver unbind.<br /> <br /> Note that this also makes sure that the SPI controller is placed<br /> correctly under the USB interface in the device tree.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-46229
Publication date:
28/05/2026
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure<br /> <br /> KFD VRAM allocations set AMDGPU_GEM_CREATE_VRAM_WIPE_ON_RELEASE<br /> but not AMDGPU_GEM_CREATE_VRAM_CLEARED, leaving freshly allocated<br /> VRAM with stale data from prior use observable by compute kernels.<br /> <br /> The GEM ioctl path already sets VRAM_CLEARED for all userspace<br /> allocations via amdgpu_gem_create_ioctl() and<br /> amdgpu_mode_dumb_create(). The KFD path was missing this flag,<br /> allowing stale page table remnants to leak into user buffers.<br /> <br /> This causes crashes in RCCL P2P transport where non-zero data in<br /> ptrExchange/head/tail fields corrupts the protocol handshake.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026
Subscribe to Vulnerabilities