Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2026-1284
Publication date:
26/01/2026
An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS 2025 through Release SOLIDWORKS 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
Severity CVSS v4.0: Pending analysis
Last modification:
26/01/2026

CVE-2026-1283
Publication date:
26/01/2026
A Heap-based Buffer Overflow vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS 2025 through Release SOLIDWORKS 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
Severity CVSS v4.0: Pending analysis
Last modification:
26/01/2026

CVE-2016-15057
Publication date:
26/01/2026
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command (&amp;#39;Command Injection&amp;#39;) vulnerability in Apache Continuum.<br /> <br /> This issue affects Apache Continuum: all versions.<br /> <br /> Attackers with access to the installations REST API can use this to invoke arbitrary commands on the server.<br /> <br /> As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.<br /> <br /> NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity CVSS v4.0: Pending analysis
Last modification:
26/01/2026

CVE-2026-24656
Publication date:
26/01/2026
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter.<br /> <br /> <br /> The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed.<br /> It means that the log socket collector is vulnerable to deserialization of untrusted data, eventually causing DoS.<br /> <br /> <br /> NB: Decanter log socket collector is not installed by default. Users who have not installed Decanter log socket are not impacted by this issue.<br /> <br /> This issue affects Apache Karaf Decanter before 2.12.0.<br /> <br /> Users are recommended to upgrade to version 2.12.0, which fixes the issue.
Severity CVSS v4.0: Pending analysis
Last modification:
26/01/2026

CVE-2025-59103
Publication date:
26/01/2026
The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users with hardcoded and weak passwords that can be used to access the devices via SSH. The passwords can be also guessed very easily. The password of at least one user is set to a random value after the first deployment, with the restriction that the password is only randomized if the configured date is prior to 2022. Therefore, under certain circumstances, the passwords are not randomized. For example, if the clock is never set on the device, the battery of the clock module has been changed, the Access Manager has been factory reset and has not received a time yet.
Severity CVSS v4.0: CRITICAL
Last modification:
26/01/2026

CVE-2025-59104
Publication date:
26/01/2026
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint (or use the 6-Pin tag-connect cable). Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through this vulnerability.
Severity CVSS v4.0: HIGH
Last modification:
26/01/2026

CVE-2025-59105
Publication date:
26/01/2026
With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and read, in order to gain SSH root access on the Linux-based K7 model. On the Windows CE based K5 model, the password for the Access Manager can additionally be read in plain text from the stored SQLite database.
Severity CVSS v4.0: HIGH
Last modification:
26/01/2026

CVE-2025-59106
Publication date:
26/01/2026
The binary serving the web server and executing basically all actions launched from the Web UI is running with root privileges. This is against the least privilege principle. If an attacker is able to execute code on the system via other vulnerabilities it is possible to directly execute commands with highest privileges.
Severity CVSS v4.0: Pending analysis
Last modification:
26/01/2026

CVE-2025-59107
Publication date:
26/01/2026
Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be extracted. This password was valid for multiple observed firmware versions.
Severity CVSS v4.0: HIGH
Last modification:
26/01/2026

CVE-2025-59108
Publication date:
26/01/2026
By default, the password for the Access Manager&amp;#39;s web interface, is set to &amp;#39;admin&amp;#39;. In the tested version changing the password was not enforced.
Severity CVSS v4.0: CRITICAL
Last modification:
26/01/2026

CVE-2025-59109
Publication date:
26/01/2026
The dormakaba registration units 9002 (PIN Pad Units) have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an attacker is easily able to remove the device, install a hardware implant which connects to the UART and exfiltrates the data exposed via UART to another system (e.g. via WiFi).
Severity CVSS v4.0: MEDIUM
Last modification:
26/01/2026

CVE-2025-59096
Publication date:
26/01/2026
The default password for the extended admin user mode in the application U9ExosAdmin.exe ("Kaba 9300 Administration") is hard-coded in multiple locations as well as documented in the locally stored user documentation.
Severity CVSS v4.0: MEDIUM
Last modification:
26/01/2026
Subscribe to Vulnerabilities