Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-39839
Publication date:
19/09/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> batman-adv: fix OOB read/write in network-coding decode<br /> <br /> batadv_nc_skb_decode_packet() trusts coded_len and checks only against<br /> skb-&gt;len. XOR starts at sizeof(struct batadv_unicast_packet), reducing<br /> payload headroom, and the source skb length is not verified, allowing an<br /> out-of-bounds read and a small out-of-bounds write.<br /> <br /> Validate that coded_len fits within the payload area of both destination<br /> and source sk_buffs before XORing.
Severity CVSS v4.0: Pending analysis
Last modification:
03/11/2025

CVE-2025-39841
Publication date:
19/09/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> scsi: lpfc: Fix buffer free/clear order in deferred receive path<br /> <br /> Fix a use-after-free window by correcting the buffer release sequence in<br /> the deferred receive path. The code freed the RQ buffer first and only<br /> then cleared the context pointer under the lock. Concurrent paths (e.g.,<br /> ABTS and the repost path) also inspect and release the same pointer under<br /> the lock, so the old order could lead to double-free/UAF.<br /> <br /> Note that the repost path already uses the correct pattern: detach the<br /> pointer under the lock, then free it after dropping the lock. The<br /> deferred path should do the same.
Severity CVSS v4.0: Pending analysis
Last modification:
03/11/2025

CVE-2025-39842
Publication date:
19/09/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ocfs2: prevent release journal inode after journal shutdown<br /> <br /> Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already<br /> been executed in ocfs2_dismount_volume(), so osb-&gt;journal must be NULL. <br /> Therefore, the following calltrace will inevitably fail when it reaches<br /> jbd2_journal_release_jbd_inode().<br /> <br /> ocfs2_dismount_volume()-&gt;<br /> ocfs2_delete_osb()-&gt;<br /> ocfs2_free_slot_info()-&gt;<br /> __ocfs2_free_slot_info()-&gt;<br /> evict()-&gt;<br /> ocfs2_evict_inode()-&gt;<br /> ocfs2_clear_inode()-&gt;<br /> jbd2_journal_release_jbd_inode(osb-&gt;journal-&gt;j_journal,<br /> <br /> Adding osb-&gt;journal checks will prevent null-ptr-deref during the above<br /> execution path.
Severity CVSS v4.0: Pending analysis
Last modification:
03/11/2025

CVE-2025-39837
Publication date:
19/09/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> platform/x86: asus-wmi: Fix racy registrations<br /> <br /> asus_wmi_register_driver() may be called from multiple drivers<br /> concurrently, which can lead to the racy list operations, eventually<br /> corrupting the memory and hitting Oops on some ASUS machines.<br /> Also, the error handling is missing, and it forgot to unregister ACPI<br /> lps0 dev ops in the error case.<br /> <br /> This patch covers those issues by introducing a simple mutex at<br /> acpi_wmi_register_driver() &amp; *_unregister_driver, and adding the<br /> proper call of asus_s2idle_check_unregister() in the error path.
Severity CVSS v4.0: Pending analysis
Last modification:
12/12/2025

CVE-2025-39840
Publication date:
19/09/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> audit: fix out-of-bounds read in audit_compare_dname_path()<br /> <br /> When a watch on dir=/ is combined with an fsnotify event for a<br /> single-character name directly under / (e.g., creating /a), an<br /> out-of-bounds read can occur in audit_compare_dname_path().<br /> <br /> The helper parent_len() returns 1 for "/". In audit_compare_dname_path(),<br /> when parentlen equals the full path length (1), the code sets p = path + 1<br /> and pathlen = 1 - 1 = 0. The subsequent loop then dereferences<br /> p[pathlen - 1] (i.e., p[-1]), causing an out-of-bounds read.<br /> <br /> Fix this by adding a pathlen &gt; 0 check to the while loop condition<br /> to prevent the out-of-bounds access.<br /> <br /> [PM: subject tweak, sign-off email fixes]
Severity CVSS v4.0: Pending analysis
Last modification:
12/12/2025

CVE-2025-57528
Publication date:
19/09/2025
An issue was discovered in Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01 allowing attackers to cause a denial of service via the funcname, funcpara1, funcpara2 parameters to the formSetCfm function (uri path: SetCfm).
Severity CVSS v4.0: Pending analysis
Last modification:
03/10/2025

CVE-2025-8532
Publication date:
19/09/2025
Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.
Severity CVSS v4.0: Pending analysis
Last modification:
30/09/2025

CVE-2025-8664
Publication date:
19/09/2025
Improper Neutralization of Input During Web Page Generation (XSS or &amp;#39;Cross-site Scripting&amp;#39;) vulnerability in Saysis Computer Systems Trade Ltd. Co. StarCities E-Municipality Management allows Cross-Site Scripting (XSS).This issue affects StarCities E-Municipality Management: before 20250825.
Severity CVSS v4.0: Pending analysis
Last modification:
19/09/2025

CVE-2025-10717
Publication date:
19/09/2025
A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: MEDIUM
Last modification:
19/09/2025

CVE-2025-10716
Publication date:
19/09/2025
A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: MEDIUM
Last modification:
19/09/2025

CVE-2025-58114
Publication date:
19/09/2025
Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice (Extension:CognitiveProcessDesigner) allows Cross-Site Scripting (XSS).This issue affects BlueSpice: from 5 through 5.1.1.
Severity CVSS v4.0: MEDIUM
Last modification:
22/09/2025

CVE-2025-57880
Publication date:
19/09/2025
Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension:BlueSpiceWhoIsOnline) allows Cross-Site Scripting (XSS).<br /> This issue affects BlueSpice: from 5 through 5.1.1.
Severity CVSS v4.0: MEDIUM
Last modification:
22/09/2025
Subscribe to Vulnerabilities