Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-67298
Publication date:
11/03/2026
An issue in ClasroomIO before v.0.2.6 allows a remote attacker to escalate privileges via the endpoints /api/verify and /rest/v1/profile
Severity CVSS v4.0: Pending analysis
Last modification:
11/03/2026

CVE-2026-3904
Publication date:
11/03/2026
Calling NSS-backed functions that support caching via nscd may call the <br /> nscd client side code and in the GNU C Library version 2.36 under high <br /> load on x86_64 systems, the client may call memcmp on inputs that are <br /> concurrently modified by other processes or threads and crash.<br /> <br /> <br /> <br /> <br /> The nscd client in the GNU C Library uses the memcmp function with <br /> inputs that may be concurrently modified by another thread, potentially <br /> resulting in spurious cache misses, which in itself is not a security <br /> issue.  However in the GNU C Library version 2.36 an optimized <br /> implementation of memcmp was introduced for x86_64 which could crash <br /> when invoked with such undefined behaviour, turning this into a <br /> potential crash of the nscd client and the application that uses it. <br /> This implementation was backported to the 2.35 branch, making the nscd <br /> client in that branch vulnerable as well.  Subsequently, the fix for <br /> this issue was backported to all vulnerable branches in the GNU C <br /> Library repository.<br /> <br /> <br /> It is advised that distributions that may have cherry-picked the memcpy <br /> SSE2 optimization in their copy of the GNU C Library, also apply the fix <br /> to avoid the potential crash in the nscd client.
Severity CVSS v4.0: Pending analysis
Last modification:
11/03/2026

CVE-2026-32061
Publication date:
11/03/2026
OpenClaw versions prior to 2026.2.17 contain a path traversal vulnerability in the $include directive resolution that allows reading arbitrary local files outside the config directory boundary. Attackers with config modification capabilities can exploit this by specifying absolute paths, traversal sequences, or symlinks to access sensitive files readable by the OpenClaw process user, including API keys and credentials.
Severity CVSS v4.0: MEDIUM
Last modification:
11/03/2026

CVE-2026-32062
Publication date:
11/03/2026
OpenClaw versions2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-call versions 2026.2.21 prior to 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold idle pre-authenticated sockets open to consume connection resources and degrade service availability for legitimate streams.
Severity CVSS v4.0: HIGH
Last modification:
11/03/2026

CVE-2026-3496
Publication date:
11/03/2026
The JetBooking plugin for WordPress is vulnerable to SQL Injection via the &amp;#39;check_in_date&amp;#39; parameter in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity CVSS v4.0: Pending analysis
Last modification:
11/03/2026

CVE-2026-32063
Publication date:
11/03/2026
OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a command injection vulnerability in systemd unit file generation where attacker-controlled environment values are not validated for CR/LF characters, allowing newline injection to break out of Environment= lines and inject arbitrary systemd directives. An attacker who can influence config.env.vars and trigger service install or restart can execute arbitrary commands with the privileges of the OpenClaw gateway service user.
Severity CVSS v4.0: MEDIUM
Last modification:
11/03/2026

CVE-2026-32059
Publication date:
11/03/2026
OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins validation for sort command fails to properly validate GNU long-option abbreviations, allowing attackers to bypass denied-flag checks via abbreviated options. Remote attackers can execute sort commands with abbreviated long options to skip approval requirements in allowlist mode.
Severity CVSS v4.0: HIGH
Last modification:
11/03/2026

CVE-2026-32060
Publication date:
11/03/2026
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in apply_patch that allows attackers to write or delete files outside the configured workspace directory. When apply_patch is enabled without filesystem sandbox containment, attackers can exploit crafted paths including directory traversal sequences or absolute paths to escape workspace boundaries and modify arbitrary files.
Severity CVSS v4.0: HIGH
Last modification:
11/03/2026

CVE-2026-3944
Publication date:
11/03/2026
A vulnerability was determined in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /att_add.php. This manipulation of the argument Name causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity CVSS v4.0: MEDIUM
Last modification:
11/03/2026

CVE-2026-3943
Publication date:
11/03/2026
A vulnerability was found in H3C ACG1000-AK230 up to 20260227. This affects an unknown part of the file /webui/?aaa_portal_auth_local_submit. The manipulation of the argument suffix results in command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: MEDIUM
Last modification:
11/03/2026

CVE-2026-3178
Publication date:
11/03/2026
The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the &amp;#39;name_directory_name&amp;#39; parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in versions 1.30.3 and 1.32.1.
Severity CVSS v4.0: Pending analysis
Last modification:
11/03/2026

CVE-2026-3783
Publication date:
11/03/2026
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer<br /> performs a redirect to a second URL, curl could leak that token to the second<br /> hostname under some circumstances.<br /> <br /> If the hostname that the first request is redirected to has information in the<br /> used .netrc file, with either of the `machine` or `default` keywords, curl<br /> would pass on the bearer token set for the first host also to the second one.
Severity CVSS v4.0: Pending analysis
Last modification:
11/03/2026
Subscribe to Vulnerabilities