Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2026-34119
Publication date:
02/04/2026
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing<br /> loop<br /> when appending segmented request bodies without<br /> continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input.  An attacker<br /> on the same network segment could trigger heap memory corruption conditions by<br /> sending crafted payloads that cause write operations beyond allocated buffer<br /> boundaries.  Successful exploitation<br /> causes a Denial-of-Service (DoS) condition, causing the device’s process to<br /> crash or become unresponsive.
Severity CVSS v4.0: HIGH
Last modification:
06/04/2026

CVE-2026-34118
Publication date:
02/04/2026
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input.  An attacker<br /> on the same network segment could trigger heap memory corruption conditions by<br /> sending crafted payloads that cause write operations beyond allocated buffer<br /> boundaries.  Successful exploitation<br /> causes a Denial-of-Service (DoS) condition, causing the device’s process to<br /> crash or become unresponsive.
Severity CVSS v4.0: HIGH
Last modification:
06/04/2026

CVE-2026-33271
Publication date:
02/04/2026
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.
Severity CVSS v4.0: Pending analysis
Last modification:
20/04/2026

CVE-2026-28728
Publication date:
02/04/2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
Severity CVSS v4.0: Pending analysis
Last modification:
20/04/2026

CVE-2026-32762
Publication date:
02/04/2026
Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21 and 3.2.0 to before 3.2.6, Rack::Utils.forwarded_values parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons, a header can be interpreted by Rack as multiple Forwarded directives rather than as a single quoted for value. In deployments where an upstream proxy, WAF, or intermediary validates or preserves quoted Forwarded values differently, this discrepancy can allow an attacker to smuggle host, proto, for, or by parameters through a single header value. This issue has been patched in versions 3.1.21 and 3.2.6.
Severity CVSS v4.0: Pending analysis
Last modification:
21/04/2026

CVE-2026-27774
Publication date:
02/04/2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
Severity CVSS v4.0: Pending analysis
Last modification:
20/04/2026

CVE-2026-26962
Publication date:
02/04/2026
Rack is a modular Ruby web server interface. From version 3.2.0 to before version 3.2.6, Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an obs-fold sequence, Rack preserves the embedded CRLF in parsed parameter values such as filename or name instead of removing the folded line break during unfolding. As a result, applications that later reuse those parsed values in HTTP response headers may be vulnerable to downstream header injection or response splitting. This issue has been patched in version 3.2.6.
Severity CVSS v4.0: Pending analysis
Last modification:
21/04/2026

CVE-2026-5353
Publication date:
02/04/2026
A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function ping_test of the file /setup.cgi. Performing a manipulation of the argument c4_IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website&amp;#39;s product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-5354
Publication date:
02/04/2026
A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn_connect of the file /setup.cgi. Executing a manipulation of the argument policy_name can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website&amp;#39;s product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-5355
Publication date:
02/04/2026
A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpn_drop of the file /setup.cgi. The manipulation of the argument policy_name leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website&amp;#39;s product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-5360
Publication date:
02/04/2026
A vulnerability has been found in Free5GC 4.2.0. The affected element is an unknown function of the component aper. Such manipulation leads to type confusion. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is described as difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 26205eb01705754b7b902ad6c4b613c96c881e29. It is best practice to apply a patch to resolve this issue.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026

CVE-2026-5352
Publication date:
02/04/2026
A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdb_list leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website&amp;#39;s product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.
Severity CVSS v4.0: LOW
Last modification:
29/04/2026
Subscribe to Vulnerabilities