Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-38551
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> virtio-net: fix recursived rtnl_lock() during probe()<br /> <br /> The deadlock appears in a stack trace like:<br /> <br /> virtnet_probe()<br /> rtnl_lock()<br /> virtio_config_changed_work()<br /> netdev_notify_peers()<br /> rtnl_lock()<br /> <br /> It happens if the VMM sends a VIRTIO_NET_S_ANNOUNCE request while the<br /> virtio-net driver is still probing.<br /> <br /> The config_work in probe() will get scheduled until virtnet_open() enables<br /> the config change notification via virtio_config_driver_enable().
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2025-8105
Publication date:
16/08/2025
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity CVSS v4.0: Pending analysis
Last modification:
15/04/2026

CVE-2025-8142
Publication date:
16/08/2025
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the &amp;#39;header_layout&amp;#39; parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity CVSS v4.0: Pending analysis
Last modification:
15/04/2026

CVE-2025-8143
Publication date:
16/08/2025
The Soledad theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pcsml_smartlists_h’ parameter in all versions up to, and including, 8.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity CVSS v4.0: Pending analysis
Last modification:
15/04/2026

CVE-2025-38548
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> hwmon: (corsair-cpro) Validate the size of the received input buffer<br /> <br /> Add buffer_recv_size to store the size of the received bytes.<br /> Validate buffer_recv_size in send_usb_cmd().
Severity CVSS v4.0: Pending analysis
Last modification:
07/01/2026

CVE-2025-38546
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> atm: clip: Fix memory leak of struct clip_vcc.<br /> <br /> ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to<br /> vcc-&gt;user_back.<br /> <br /> The code assumes that vcc_destroy_socket() passes NULL skb<br /> to vcc-&gt;push() when the socket is close()d, and then clip_push()<br /> frees clip_vcc.<br /> <br /> However, ioctl(ATMARPD_CTRL) sets NULL to vcc-&gt;push() in<br /> atm_init_atmarp(), resulting in memory leak.<br /> <br /> Let&amp;#39;s serialise two ioctl() by lock_sock() and check vcc-&gt;push()<br /> in atm_init_atmarp() to prevent memleak.
Severity CVSS v4.0: Pending analysis
Last modification:
07/01/2026

CVE-2025-38543
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/tegra: nvdec: Fix dma_alloc_coherent error check<br /> <br /> Check for NULL return value with dma_alloc_coherent, in line with<br /> Robin&amp;#39;s fix for vic.c in &amp;#39;drm/tegra: vic: Fix DMA API misuse&amp;#39;.
Severity CVSS v4.0: Pending analysis
Last modification:
07/01/2026

CVE-2025-38542
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: appletalk: Fix device refcount leak in atrtr_create()<br /> <br /> When updating an existing route entry in atrtr_create(), the old device<br /> reference was not being released before assigning the new device,<br /> leading to a device refcount leak. Fix this by calling dev_put() to<br /> release the old device reference before holding the new one.
Severity CVSS v4.0: Pending analysis
Last modification:
07/01/2026

CVE-2025-38544
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> rxrpc: Fix bug due to prealloc collision<br /> <br /> When userspace is using AF_RXRPC to provide a server, it has to preallocate<br /> incoming calls and assign to them call IDs that will be used to thread<br /> related recvmsg() and sendmsg() together. The preallocated call IDs will<br /> automatically be attached to calls as they come in until the pool is empty.<br /> <br /> To the kernel, the call IDs are just arbitrary numbers, but userspace can<br /> use the call ID to hold a pointer to prepared structs. In any case, the<br /> user isn&amp;#39;t permitted to create two calls with the same call ID (call IDs<br /> become available again when the call ends) and EBADSLT should result from<br /> sendmsg() if an attempt is made to preallocate a call with an in-use call<br /> ID.<br /> <br /> However, the cleanup in the error handling will trigger both assertions in<br /> rxrpc_cleanup_call() because the call isn&amp;#39;t marked complete and isn&amp;#39;t<br /> marked as having been released.<br /> <br /> Fix this by setting the call state in rxrpc_service_prealloc_one() and then<br /> marking it as being released before calling the cleanup function.
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2025-38545
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info<br /> <br /> While transitioning from netdev_alloc_ip_align() to build_skb(), memory<br /> for the "skb_shared_info" member of an "skb" was not allocated. Fix this<br /> by allocating "PAGE_SIZE" as the skb length, accounting for the packet<br /> length, headroom and tailroom, thereby including the required memory space<br /> for skb_shared_info.
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2025-38547
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps<br /> <br /> The AXP717 ADC channel maps is missing a sentinel entry at the end. This<br /> causes a KASAN warning.<br /> <br /> Add the missing sentinel entry.
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2025-38539
Publication date:
16/08/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> tracing: Add down_write(trace_event_sem) when adding trace event<br /> <br /> When a module is loaded, it adds trace events defined by the module. It<br /> may also need to modify the modules trace printk formats to replace enum<br /> names with their values.<br /> <br /> If two modules are loaded at the same time, the adding of the event to the<br /> ftrace_events list can corrupt the walking of the list in the code that is<br /> modifying the printk format strings and crash the kernel.<br /> <br /> The addition of the event should take the trace_event_sem for write while<br /> it adds the new event.<br /> <br /> Also add a lockdep_assert_held() on that semaphore in<br /> __trace_add_event_dirs() as it iterates the list.
Severity CVSS v4.0: Pending analysis
Last modification:
07/01/2026
Subscribe to Vulnerabilities