Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Vulnerabilidades

Con el objetivo de informar, advertir y ayudar a los profesionales sobre las últimas vulnerabilidades de seguridad en sistemas tecnológicos, ponemos a disposición de los usuarios interesados en esta información una base de datos con información en castellano sobre cada una de las últimas vulnerabilidades documentadas y conocidas.

Este repositorio con más de 75.000 registros esta basado en la información de NVD (National Vulnerability Database) – en función de un acuerdo de colaboración – por el cual desde INCIBE realizamos la traducción al castellano de la información incluida. En ocasiones este listado mostrará vulnerabilidades que aún no han sido traducidas debido a que se recogen en el transcurso del tiempo en el que el equipo de INCIBE realiza el proceso de traducción.

Se emplea el estándar de nomenclatura de vulnerabilidades CVE (Common Vulnerabilities and Exposures), con el fin de facilitar el intercambio de información entre diferentes bases de datos y herramientas. Cada una de las vulnerabilidades recogidas enlaza a diversas fuentes de información así como a parches disponibles o soluciones aportadas por los fabricantes y desarrolladores. Es posible realizar búsquedas avanzadas teniendo la opción de seleccionar diferentes criterios como el tipo de vulnerabilidad, fabricante, tipo de impacto entre otros, con el fin de acortar los resultados.

Mediante suscripción RSS o Boletines podemos estar informados diariamente de las últimas vulnerabilidades incorporadas al repositorio.

CVE-2026-12797

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A security flaw has been discovered in BerriAI litellm up to 1.82.5. Affected is the function async_pre_call_hook of the file enterprise/enterprise_hooks/banned_keywords.py of the component Completions Interface. The manipulation of the argument prompt results in incorrect authorization. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure.
Gravedad CVSS v4.0: BAJA
Última modificación:
24/06/2026

CVE-2026-12796

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function get_redirect_response_from_openid of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.
Gravedad CVSS v4.0: BAJA
Última modificación:
24/06/2026

CVE-2026-12787

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This affects an unknown part of the component testConnection Endpoint. The manipulation of the argument jdbcUrl results in deserialization. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Gravedad CVSS v4.0: BAJA
Última modificación:
22/06/2026

CVE-2026-12788

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability was determined in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This vulnerability affects unknown code of the file /adpweb/a/base/barcodeDetail/import of the component XML Parser. This manipulation causes xml external entity reference. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Gravedad CVSS v4.0: BAJA
Última modificación:
22/06/2026

CVE-2026-12786

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Gravedad CVSS v4.0: ALTA
Última modificación:
22/06/2026

CVE-2026-12795

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Debug Flow. Executing a manipulation can lead to missing authentication. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.
Gravedad CVSS v4.0: MEDIA
Última modificación:
24/06/2026

CVE-2026-12789

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file components/ILIAS/Tracking/classes/class.ilTrQuery.php of the component Learning Progress Tracking. Such manipulation of the argument troup_table_nav leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. It is suggested to upgrade the affected component. This issue was independently identified and fixed internally by the vendor's own security team ahead of this report.
Gravedad CVSS v4.0: BAJA
Última modificación:
15/07/2026

CVE-2026-12784

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Gravedad CVSS v4.0: ALTA
Última modificación:
22/06/2026

CVE-2026-12782

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys of the component Kernel Driver. The manipulation results in improper access controls. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The affected component should be upgraded. The vendor explains: "We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists."
Gravedad CVSS v4.0: ALTA
Última modificación:
23/06/2026

CVE-2026-52911

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ksmbd: scope conn-&gt;binding slowpath to bound sessions only<br /> <br /> When the binding SESSION_SETUP sets conn-&gt;binding = true, the flag stays<br /> set after the call so that the global session lookup in<br /> ksmbd_session_lookup_all() can find the session, which was not added to<br /> conn-&gt;sessions. Because the flag is connection-wide, the global lookup<br /> path will also resolve any other session by id if asked.<br /> <br /> Tighten the global lookup so that the returned session must have this<br /> connection registered in its channel xarray (sess-&gt;ksmbd_chann_list).<br /> The channel entry is installed by the existing binding_session path in<br /> ntlm_authenticate()/krb5_authenticate() when a SESSION_SETUP completes<br /> successfully, so this condition is a strict equivalent of "this<br /> connection has been accepted as a channel of this session". Connections<br /> that have not bound to a given session cannot reach it via the global<br /> table.<br /> <br /> The existing conn-&gt;binding gate for entering the slowpath is preserved<br /> so that non-binding connections keep the fast-path-only behavior, and<br /> the session-&gt;state check is unchanged.
Gravedad CVSS v3.1: ALTA
Última modificación:
08/07/2026

CVE-2026-12781

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly available and might be used. You should upgrade the affected component. The vendor explains: "We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists."
Gravedad CVSS v4.0: ALTA
Última modificación:
22/06/2026

CVE-2026-12776

Fecha de publicación:
21/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. This affects an unknown part of the file /index.php?page=houses. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The vendor was contacted early about this disclosure but did not respond in any way.
Gravedad CVSS v4.0: BAJA
Última modificación:
22/06/2026