Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Vulnerabilidades

Con el objetivo de informar, advertir y ayudar a los profesionales sobre las últimas vulnerabilidades de seguridad en sistemas tecnológicos, ponemos a disposición de los usuarios interesados en esta información una base de datos con información en castellano sobre cada una de las últimas vulnerabilidades documentadas y conocidas.

Este repositorio con más de 75.000 registros esta basado en la información de NVD (National Vulnerability Database) – en función de un acuerdo de colaboración – por el cual desde INCIBE realizamos la traducción al castellano de la información incluida. En ocasiones este listado mostrará vulnerabilidades que aún no han sido traducidas debido a que se recogen en el transcurso del tiempo en el que el equipo de INCIBE realiza el proceso de traducción.

Se emplea el estándar de nomenclatura de vulnerabilidades CVE (Common Vulnerabilities and Exposures), con el fin de facilitar el intercambio de información entre diferentes bases de datos y herramientas. Cada una de las vulnerabilidades recogidas enlaza a diversas fuentes de información así como a parches disponibles o soluciones aportadas por los fabricantes y desarrolladores. Es posible realizar búsquedas avanzadas teniendo la opción de seleccionar diferentes criterios como el tipo de vulnerabilidad, fabricante, tipo de impacto entre otros, con el fin de acortar los resultados.

Mediante suscripción RSS o Boletines podemos estar informados diariamente de las últimas vulnerabilidades incorporadas al repositorio.

CVE-2026-36607

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint (code=10), which lacks the rate limiting applied to the login endpoint (code=7). An attacker on the adjacent network can attempt unlimited passwords without triggering account lockout.
Gravedad CVSS v3.1: ALTA
Última modificación:
04/06/2026

CVE-2026-36608

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP (192.168.1.1) or localhost (127.0.0.1) as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the internet with a single SOAP request.
Gravedad CVSS v3.1: ALTA
Última modificación:
04/06/2026

CVE-2026-36602

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation.
Gravedad CVSS v3.1: MEDIA
Última modificación:
05/06/2026

CVE-2026-36603

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. UPnP is enabled by default through the admin interface, allowing any unauthenticated LAN device to create arbitrary port forwarding rules and access WAN traffic statistics.
Gravedad CVSS v3.1: ALTA
Última modificación:
05/06/2026

CVE-2026-20233

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed.<br /> <br /> This vulnerability existed because of insufficient validation of user input. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to follow a malicious link. A successful exploit could have allowed the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.
Gravedad CVSS v3.1: MEDIA
Última modificación:
08/06/2026

CVE-2026-36460

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** Dovestones Softwares ADPhonebook before v4.0.1.1 is vulnerable to a Cross Site Scripting vulnerability. The /Admin/Save API allows an authenticated admin user to store malicious JavaScript payloads in multiple configuration sections without proper input validation or output encoding.
Gravedad CVSS v3.1: MEDIA
Última modificación:
08/06/2026

CVE-2026-20230

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device.<br /> <br /> This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root.<br /> Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.<br /> Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.
Gravedad CVSS v3.1: ALTA
Última modificación:
01/07/2026

CVE-2025-71313

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> PCI: endpoint: Add missing NULL check for alloc_workqueue()<br /> <br /> alloc_workqueue() can return NULL on memory allocation failure. Without<br /> proper error checking, this may lead to a NULL pointer dereference when<br /> queue_work() is later called with the NULL workqueue pointer in<br /> epf_ntb_epc_init().<br /> <br /> Add a NULL check immediately after alloc_workqueue() and return -ENOMEM on<br /> failure to prevent the driver from loading with an invalid workqueue<br /> pointer.
Gravedad CVSS v3.1: MEDIA
Última modificación:
09/06/2026

CVE-2025-71314

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/panthor: Recover from panthor_gpu_flush_caches() failures<br /> <br /> We have seen a few cases where the whole memory subsystem is blocked<br /> and flush operations never complete. When that happens, we want to:<br /> <br /> - schedule a reset, so we can recover from this situation<br /> - in the reset path, we need to reset the pending_reqs so we can send<br /> new commands after the reset<br /> - if more panthor_gpu_flush_caches() operations are queued after<br /> the timeout, we skip them and return -EIO directly to avoid needless<br /> waits (the memory block won&amp;#39;t miraculously work again)<br /> <br /> Note that we drop the WARN_ON()s because these hangs can be triggered<br /> with buggy GPU jobs created by the UMD, and there&amp;#39;s no way we can<br /> prevent it. We do keep the error messages though.<br /> <br /> v2:<br /> - New patch<br /> <br /> v3:<br /> - Collect R-b<br /> - Explicitly mention the fact we dropped the WARN_ON()s in the commit<br /> message<br /> <br /> v4:<br /> - No changes
Gravedad CVSS v3.1: MEDIA
Última modificación:
09/06/2026

CVE-2026-20175

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks.<br /> <br /> This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device.
Gravedad CVSS v3.1: MEDIA
Última modificación:
04/06/2026

CVE-2019-25720

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.
Gravedad CVSS v4.0: ALTA
Última modificación:
17/06/2026

CVE-2026-6657

Fecha de publicación:
03/06/2026
Idioma:
Inglés
*** Pendiente de traducción *** A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the `allow_origin_pat` configuration is used. The issue arises from the use of `re.match()` for validating the `Origin` header, which only anchors at the start of the string. This allows attacker-controlled domains such as `trusted.example.com.evil.com` to pass validation against patterns intended to match `trusted.example.com`. The vulnerability affects multiple locations in the codebase, including CORS headers, WebSocket connections, referer validation, and login redirects, potentially enabling phishing attacks, arbitrary code execution, and unauthorized access to sensitive API responses.
Gravedad CVSS v3.1: ALTA
Última modificación:
30/06/2026