Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2026-3623

Publication date:
27/05/2026
IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root user’s password. Successful exploitation also enables modification or removal of system‑wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.
Severity CVSS v4.0: Pending analysis
Last modification:
02/06/2026

CVE-2026-38427

Publication date:
27/05/2026
An issue in fetch_jpg() in xdrv_10_scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16_t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read.
Severity CVSS v4.0: Pending analysis
Last modification:
27/05/2026

CVE-2026-3366

Publication date:
27/05/2026
IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system
Severity CVSS v4.0: Pending analysis
Last modification:
02/06/2026

CVE-2026-35090

Publication date:
27/05/2026
In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel. This vulnerability is independent of the telephone exchanges configuration. If remote access is disabled, calling with this caller ID will temporarily enable it.<br /> <br /> This issue was fixed in versions below:<br /> - IPL-256: version 6.61.0040<br /> - IPM-032: version 6.61.0040<br /> - CCT-1668: version 6.56.0430<br /> - MAC-6400: version 6.56.0430<br /> - CXS-0424: version 6.30.0510<br /> <br /> The issue STILL EXISTS in End-Of-Life telephone exchanges in versions 4.xx and below:<br /> - CCT-1668 (CCT1CPU)<br /> - MAC-6400<br /> - CXS-0424<br /> These products were discontinued in 2011 and 2012 and and will not receive updates. These products require a hardware update in order to receive a software update. The vendor recommends that users of these devices contact the their service department directly to determine the options for upgrading.
Severity CVSS v4.0: CRITICAL
Last modification:
27/05/2026

CVE-2026-38426

Publication date:
27/05/2026
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv_10_scripter.ino, fetch_jpg(), jpg_task.boundary[40], strcpy() function.
Severity CVSS v4.0: Pending analysis
Last modification:
27/05/2026

CVE-2026-36538

Publication date:
27/05/2026
Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying operating system.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-36539

Publication date:
27/05/2026
Netis AC1200 Router NC21 V4.0.1.4296 exposes a CGI endpoint /cgi-bin/skk_get.cgi that returns the entire router configuration as a JSON response with no authentication required. Any attacker on the LAN can send a single HTTP GET request and instantly retrieve administrator credentials, WiFi passwords, PPPoE credentials, DDNS credentials, and a full map of all connected devices.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-36540

Publication date:
27/05/2026
Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skk_set.cgi endpoint. The password and new_pwd_confirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by wrapping them in backticks (`) and encoding them in base64. Because the endpoint requires no authentication, any device on the LAN can achieve full Remote Code Execution on the router&amp;#39;s operating system with a single HTTP POST request.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-38422

Publication date:
27/05/2026
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmota_xdrv_driver/xdrv_10_scripter.ino, fetch_jpg() function.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2026

CVE-2026-36045

Publication date:
27/05/2026
picoclaw
Severity CVSS v4.0: Pending analysis
Last modification:
01/06/2026

CVE-2026-36044

Publication date:
27/05/2026
@pensar/apex
Severity CVSS v4.0: Pending analysis
Last modification:
03/06/2026

CVE-2026-35087

Publication date:
27/05/2026
Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command.<br /> <br /> <br /> This issue was fixed in versions below:<br /> - NCP: version 1.24.0250<br /> - IPx series: version 6.61.0040<br /> - CCT-1668: version 6.56.0430<br /> - MAC-6400: version 6.56.0430<br /> - CXS-0424: version 6.30.0510<br /> <br /> The issue STILL EXISTS in End-Of-Life telephone exchanges in versions 4.xx and below:<br /> - CCT-1668 (CCT1CPU)<br /> - MAC-6400<br /> - CXS-0424<br /> These products were discontinued in 2011 and 2012 and and will not receive updates. These products require a hardware update in order to receive a software update. The vendor recommends that users of these devices contact the their service department directly to determine the options for upgrading.
Severity CVSS v4.0: CRITICAL
Last modification:
27/05/2026