Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Vulnerabilidades

Con el objetivo de informar, advertir y ayudar a los profesionales sobre las últimas vulnerabilidades de seguridad en sistemas tecnológicos, ponemos a disposición de los usuarios interesados en esta información una base de datos con información en castellano sobre cada una de las últimas vulnerabilidades documentadas y conocidas.

Este repositorio con más de 75.000 registros esta basado en la información de NVD (National Vulnerability Database) – en función de un acuerdo de colaboración – por el cual desde INCIBE realizamos la traducción al castellano de la información incluida. En ocasiones este listado mostrará vulnerabilidades que aún no han sido traducidas debido a que se recogen en el transcurso del tiempo en el que el equipo de INCIBE realiza el proceso de traducción.

Se emplea el estándar de nomenclatura de vulnerabilidades CVE (Common Vulnerabilities and Exposures), con el fin de facilitar el intercambio de información entre diferentes bases de datos y herramientas. Cada una de las vulnerabilidades recogidas enlaza a diversas fuentes de información así como a parches disponibles o soluciones aportadas por los fabricantes y desarrolladores. Es posible realizar búsquedas avanzadas teniendo la opción de seleccionar diferentes criterios como el tipo de vulnerabilidad, fabricante, tipo de impacto entre otros, con el fin de acortar los resultados.

Mediante suscripción RSS o Boletines podemos estar informados diariamente de las últimas vulnerabilidades incorporadas al repositorio.

CVE-2026-33655

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0-alpha.1, the default SSRF protection configuration did not apply IP filtering to hostnames; with ApplyIPFilterForDomain disabled by default, URL validation checked domain allow/block rules but did not resolve a hostname and validate the resolved IP address, allowing authenticated users to configure Webhook, Bark, or Gotify notification URLs that point at an internal or metadata IP address. This issue is fixed in version 0.12.0-alpha.1.
Gravedad CVSS v3.1: ALTA
Última modificación:
09/07/2026

CVE-2026-57032

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service (DoS).<br /> <br /> If an attempt is made to subscribe to an unsupported telemetry sensor path on EX2300, EX3400, EX4000, EX4100 and EX4400 via gRPC, this causes the FPC to crash. This leads to a complete service outage until the module has automatically restarted. <br /> <br /> The following log message can be seen when this issue happens:<br /> <br /> agentd[]: AGENTD_RESOURCE_NOT_FOUND: No resource name found for <br /> <br /> <br /> This issue affects Junos OS on <br /> <br /> EX2300, EX3400, EX4000, EX4100 and EX4400<br /> <br /> devices:<br /> <br /> <br /> * all versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S8,<br /> * 24.2 versions before 24.2R2-S5,<br /> * 24.4 versions before 24.4R2.
Gravedad CVSS v4.0: ALTA
Última modificación:
09/07/2026

CVE-2026-57054

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** A Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreachable.<br /> <br /> <br /> <br /> If an MX Series device is configured with web filtering, and an attacker sends a request with a specifically formatted URL, this request will get forwarded despite the system being configured to block it. In turn, an attacker can access downstream resources that are expected to be unreachable.<br /> <br /> This issue affects Junos OS on MX Series:<br /> <br /> <br /> * all versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S8,<br /> * 24.2 versions before 24.2R2-S5,<br /> * 24.4 versions before 24.4R2-S4,<br /> * 25.2 versions before 25.2R2-S1,<br /> * 25.4 versions before 25.4R1-S2, 25.4R2.
Gravedad CVSS v4.0: MEDIA
Última modificación:
09/07/2026

CVE-2026-58122

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a spoofed X-Forwarded-For header with a loopback address. Attackers can exploit this bypass to perform server-side request forgery against internal services including cloud metadata endpoints, overwrite LLM provider configuration and API keys with attacker-controlled values, or initiate OAuth device-code flows to obtain persistent access tokens stored in auth.json.
Gravedad CVSS v4.0: CRÍTICA
Última modificación:
09/07/2026

CVE-2026-58123

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary shell commands by accessing the embedded terminal API endpoints without credentials. Attackers can create a session, attach a PTY shell, and write arbitrary commands through the terminal input endpoint to achieve full command execution as the server process user via four sequential unauthenticated HTTP requests.
Gravedad CVSS v4.0: CRÍTICA
Última modificación:
09/07/2026

CVE-2026-58143

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a forged POST request to the admin.php config update handler, which never invokes the application&amp;#39;s CSRF validation function. Attackers can disable the PFS module&amp;#39;s file extension whitelist by setting pfsfilecheck to 0, enabling any user with PFS access to upload and execute arbitrary PHP files on the server.
Gravedad CVSS v4.0: ALTA
Última modificación:
09/07/2026

CVE-2026-58144

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a folder with a crafted title containing script tags that are stored unescaped in the database and execute in the browser of any user who views the folder listing, including administrators.
Gravedad CVSS v4.0: MEDIA
Última modificación:
09/07/2026

CVE-2026-59828

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.
Gravedad CVSS v3.1: MEDIA
Última modificación:
09/07/2026

CVE-2026-57027

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).When sFlow is configured in a Virtual Chassis (VC) scenario with EX4100 Series or EX4400 Series devices, multicast traffic which is received on one VC member and sent out on another member leads to a memory leak and ultimately an FPC crash and restart.<br /> <br /> The leak can be monitored by watching the continuous increase of the buffer values in the output of:<br /> <br /> user@host&gt; show chassis fpc <br /> This issue affects Junos OS on EX4100 Series and EX4400:<br /> <br /> <br /> * all versions before 23.2R2-S7,<br /> * 23.4 versions before 23.4R2-S7,<br /> * 24.2 versions before 24.2R2-S4,<br /> * 24.4 versions before 24.4R2.
Gravedad CVSS v4.0: ALTA
Última modificación:
09/07/2026

CVE-2026-57028

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion.<br /> <br /> <br /> Due to an incorrect initialization, a process which should only be able to communicate internally within the device, can be reached over the network via an open port. This leads to unauthorized access to the license management.<br /> <br /> This issue affects all Junos OS Evolved versions before 23.2R2-EVO.
Gravedad CVSS v4.0: MEDIA
Última modificación:
09/07/2026

CVE-2026-57029

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service (DoS).<br /> <br /> <br /> When the reachability of an sFlow collector changes, the corresponding next-hop entry is updated. If this update occurs simultaneously with the sFlow thread accessing the next-hop data (which is outside the attackers control), it causes the evo-pfemand process to crash, impacting all traffic forwarding until the automatic process restart has completed.<br /> <br /> <br /> <br /> <br /> This issue affects Junos OS Evolved on QFX Series:<br /> <br /> <br /> * all 23.2 versions, <br /> * 23.4 versions before 23.4R2-S7-EVO,<br /> * 24.2 versions before 24.2R2-S5-EVO,<br /> * 24.4 versions before 24.4R2-S3-EVO,<br /> * 25.2 versions before 25.2R2-EVO.
Gravedad CVSS v4.0: MEDIA
Última modificación:
09/07/2026

CVE-2026-57030

Fecha de publicación:
09/07/2026
Idioma:
Inglés
*** Pendiente de traducción *** A Concurrent Execution using Shared Resource with Improper Synchronization (&amp;#39;Race Condition&amp;#39;) vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br /> <br /> As part of the stateful traffic processing on SRX Series devices flows are being established, and removed when not needed anymore. During the removal process the timeout of a flow should be set to 3 seconds and consequentially the flow should be removed shortly after. Due to a race condition occurring when setting the timeout there is a chance (the exact conditions are outside the attackers control) that the timeout is instead set to a very high value of larger than 10,000 seconds:<br /> <br /> <br /> <br /> user@host&gt; show security flow session | match timeout<br /> Session ID: 98784248524, Policy name: PROD-FLOW/4, HA State: Active, Timeout: 85250, Session State: Valid<br /> <br /> This will lead to an accumulation of flows which can be observed by an ever-increasing value of invalidated sessions in the output of &amp;#39;show security flow session summary&amp;#39;:<br /> <br /> user@host&gt; show security flow session summary | match invalid<br /> Invalidated sessions: 216931These sessions can&amp;#39;t be cleared manually with the &amp;#39;clear security flow session&amp;#39; command, which will either lead to forwarding to stop (and the system needs to be manually recovered with a reboot) or to a flowd core and automatic reboot.<br /> <br /> <br /> This issue affects Junos OS on SRX Series:<br /> <br /> <br /> * 24.2 versions before 24.2R2-S3,<br /> * 24.4 versions before 24.4R2-S1, 24.4R2-S2,<br /> * 25.2 versions before 25.2R1-S2, 25.2R2.<br /> <br /> <br /> <br /> <br /> This issue does not affect releases earlier than 24.2R1;
Gravedad CVSS v4.0: ALTA
Última modificación:
09/07/2026