CWE-611: Improper Restriction of XML External Entity Reference

CVSS 10

Description
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

https://cwe.mitre.org/data/definitions/611.html

https://nvd.nist.gov/vuln/detail/CVE-2025-66516

Security
The following is an incomplete list of known and fixed Critical Vulnerabilities and Exposures (CVEs) and other vulnerabilities in Apache Tika or its dependencies. Please help us fill this in with more details.

https://tika.apache.org/security.html

Microsoft - December 2025 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2025-Dec

Múltiples vulnerabilidades en Endpoint Manager de Ivanti

Fecha 10/12/2025
Importancia 5 - Crítica

Recursos Afectados
Ivanti Endpoint Manager: versiones 2024 SU4 y anteriores.

Descripción
Ivanti ha publicado un aviso de seguridad informando sobre 4 vulnerabilidades: 1 de severidad crítica y 3 altas, que de ser explotas, podrían permitir a un atacante ejecutar código JavaScript de su elección, escribir archivos en el servidor o ejecutar código arbitrario.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-endpoint-manager-de-ivanti

Omisión de autenticación en el inicio de sesión SSO en productos de Fortinet

Fecha 10/12/2025
Importancia 5 - Crítica

Recursos Afectados
Las versiones de los siguientes productos están afectados:
FortiOS:
De 7.6.0 a 7.6.3;
De 7.4.0 a 7.4.8;
De 7.2.0 a 7.2.11;
De 7.0.0 a 7.0.17.
FortiProxy:
De 7.4.0 a 7.4.10;
De 7.2.0 a 7.2.14;
De 7.0.0 a 7.0.21.
FortiSwitchManager:
De 7.2.0 a 7.2.6
De 7.0.0 a 7.0.5.
FortiWeb:
8.0.0;
De 7.6.0 a 7.6.4;
De 7.4.0 a 7.4.9.

Descripción
Yonghui Han y Theo Leleu, del equipo de Seguridad de Productos de Fortinet, han reportado 1 vulnerabilidad de severidad crítica que de ser explotada, podría permitir a un atacante, no autenticado, evitar la autenticación de inicio de sesión SSO de FortiCloud a través de un mensaje SAML diseñado.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/omision-de-autenticacion-en-el-inicio-de-sesion-sso-en-productos-de-fortinet

Actualización de seguridad de SAP de diciembre de 2025

Fecha 10/12/2025
Importancia 5 - Crítica

Recursos Afectados
SAP Solution Manager, versión ST 720.
SAP Commerce Cloud, versiones HY_COM 2205, COM_CLOUD 2211 y COM_CLOUD 2211-JDK21.
SAP jConnect - SDK for ASE, versiones SYBASE_SOFTWARE_DEVELOPER_KIT 16.0.4 y 16.1.
SAP Web Dispatcher and Internet Communication Manager (ICM), versiones KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, WEBDISP 7.22_EXT, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93 y 9.16.
SAP NetWeaver (remote service for Xcelsius), versiones BI-BASE-E 7.50, BI-BASE-B 7.50, BI-IBC 7.50, BI-BASE-S 7.50 y BIWEBAPP 7.50.
SAP Business Objects, versiones ENTERPRISE 430, 2025 y 2027.
SAP Web Dispatcher, Internet Communication Manager and SAP Content Server, versiones KRNL64UC 7.53 y WEBDISP 7.53, 7.54, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, CONTSERV 7.53, 7.54, KERNEL 7.53 y 7.54.
SAP S/4 HANA Private Cloud (Financials General Ledger), versiones S4CORE 104, 105, 106, 107, 108 y 109.
SAP NetWeaver Internet Communication Framework, versiones SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 y SAP_BASIS 758.
Application Server ABAP, versiones KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.16 y 9.17.
SAP NetWeaver Enterprise Portal, versión EP-RUNTIME 7.50.
SAPUI5 framework (Markdown-it component), versiones SAP_UI 755, 756, 757 y 758.
SAP Enterprise Search for ABAP, versiones SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 y SAP_BASIS 816.
SAP BusinessObjects Business Intelligence Platform, versiones ENTERPRISE 430, 2025 y 2027.

Descripción
SAP ha publicado su boletín mensual en el que se incluyen 14 vulnerabilidades: 3 de severidad crítica, 5 de severidad alta y 6 de severidad media. Estas vulnerabilidades afectan a varios de sus productos y su explotación podría permitir a un atacante explotar vulnerabilidades de Cross-Site Scripting (XSS), falsificación de solicitudes del lado del servidor (SSRF), corrupción de memoria, denegación de servicio, exposición de datos sensibles, falta de comprobación de autenticación, falta de comprobación de autorización, inyección de código, revelación de información, deserialización, entre otras.


https://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-de-sap-de-diciembre-de-2025

Bypass en el método de autenticación del aplicativo Sistema de Información Tributario de GTT

Fecha 10/12/2025
Importancia 5 - Crítica

Recursos Afectados
Sistema de Información Tributario.

Descripción
INCIBE ha coordinado la publicación de una vulnerabilidad de severidad crítica que afecta al aplicativo del Sistema de Información Tributario de GTT, una solución tecnológica que da respuesta a la gestión tributaria integral en la Administración, la cual ha sido descubierta por Julian J. Menéndez de Hispasec.

A esta vulnerabilidad se le ha asignado el siguiente código, puntuación base CVSS v4.0, vector del CVSS y el tipo de vulnerabilidad CWE:

CVE-2025-13953: CVSS v4.0: 9.3 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N | CWE-290

Solución
La vulnerabilidad ha sido corregida deshabilitando el método de autenticación mediante Active Directory (LDAP). La vulnerabilidad ya no es explotable en estos momentos.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/bypass-en-el-metodo-de-autenticacion-del-aplicativo-sistema-de-informacion

Universal Boot Loader (U-Boot)

Release DateDecember 09, 2025
Alert CodeICSA-25-343-01

Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems

EXECUTIVE SUMMARY
CVSS v4 8.6
ATTENTION: Low attack complexity
Vendor: U-Boot
Equipment: U-Boot
Vulnerability: Improper Access Control for Volatile Memory Containing Boot Code

RISK EVALUATION
Successful exploitation of this vulnerability could result in arbitrary code execution.

https://www.cisa.gov/news-events/ics-advisories/icsa-25-343-01

Multiple India-based CCTV Cameras

Release DateDecember 09, 2025
Alert CodeICSA-25-343-03
Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems

EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/Low attack complexity
Vendor: D-Link (India Limited), Sparsh Securitech, Securus CCTV
Equipment: DCS-F5614-L1
Vulnerability: Missing Authentication for Critical Function

RISK EVALUATION
Successful exploitation of this vulnerability could result in information disclosure including capture of camera account credentials.

https://www.cisa.gov/news-events/ics-advisories/icsa-25-343-03

Windows Admin Center Elevation of Privilege Vulnerability New Recently updated

CVE-2025-64669
Security Vulnerability
Released: Dec 9, 2025
Last updated: Dec 11, 2025

Assigning CNA Microsoft
CVE.org link CVE-2025-64669 
Impact Elevation of Privilege
Max Severity Important
Weakness CWE-284: Improper Access Control
CVSS Source Microsoft
Metrics CVSS:3.1 7.8 / 6.8

https://msrc.microsoft.com/update-guide/es-es/vulnerability/CVE-2025-64669

Boletín de seguridad de Android: diciembre de 2025

Publicado el 1 de diciembre de 2025 | Actualizado el 17 de diciembre de 2025

https://source.android.com/docs/security/bulletin/2025-12-01

SonicWall SMA1000 appliance local privilege escalation vulnerability

Advisory ID SNWLID-2025-0019
First Published 2025-12-17
Last Updated 2025-12-17
Workaround true
Status Applicable
CVE CVE-2025-40602
CWE CWE-862, CWE-250
CVSS v3 6.6

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019

Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager

Advisory ID: cisco-sa-sma-attack-N9bf4
First Published: 2025 December 17 16:00 GMT
Version 1.0: Interim
Workarounds: No workarounds available
Cisco Bug IDs: CSCws36549

Vulnerable Products
This attack campaign affects Cisco Secure Email Gateway, both physical and virtual, and Cisco Secure Email and Web Manager appliances, both physical and virtual, when both of the following conditions are met:

The appliance is configured with the Spam Quarantine feature.
The Spam Quarantine feature is exposed to and reachable from the internet.
The Spam Quarantine feature is not enabled by default. Deployment guides for these products do not require this port to be directly exposed to the Internet.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4

WatchGuard Firebox iked Out of Bounds Write Vulnerability

Advisory ID WGSA-2025-00027
CVE CVE-2025-14733
Impact Critical Status Resolved
Product Family Firebox
Published Date 2025-12-18
Updated Date 2025-12-23
Workaround Available False
CVSS Score 9.3

Affected
This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3.

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027

CVE-2025-14847

CNA: MongoDB, Inc.
CVSS-B 8.7 HIGH

Description
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

https://nvd.nist.gov/vuln/detail/CVE-2025-14847

https://jira.mongodb.org/plugins/servlet/mobile#issue/SERVER-115508

https://www.bleepingcomputer.com/news/security/mongodb-warns-admins-to-patch-severe-rce-flaw-immediately/

CVE-2025-68613

Base Score: 9.9 CRITICAL

Description
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system.

https://nvd.nist.gov/vuln/detail/CVE-2025-68613

Múltiples vulnerabilidades en routers de D-Link
Fecha 30/12/2025
Importancia 4 - Alta
Recursos Afectados
D-Link DIR-600, hasta 2.15WWb02;
D-Link DSL-124 ME_1.00, todas las versiones.
Descripción
D-Link ha reportado 2 vulnerabilidades de severidad alta que afectan a diversos routers de la marca D-Link y que pueden hacer que un atacante obtenga información de la configuración del router y/o controle las acciones que pueda realizar el dispositivo.

https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-en-routers-de-d-link

Security Bulletin: Authentication bypass in IBM API Connect

Vulnerability Details
CVEID: CVE-2025-13915
DESCRIPTION: IBM API Connect could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application.
CWE: CWE-305: Authentication Bypass by Primary Weakness
CVSS Source: IBM
CVSS Base score: 9.8

https://www.ibm.com/support/pages/node/7255149

n8n Vulnerable to RCE via Arbitrary File Write

Impact
n8n is affected by an authenticated Remote Code Execution (RCE) vulnerability.

Under certain conditions, an authenticated user may be able to cause untrusted code to be executed by the n8n service. This could result in full compromise of the affected instance.

Both self-hosted and n8n Cloud instances are impacted.

Patches
The issue has been resolved in n8n version 1.121.3.

Workarounds
If upgrading is not immediately possible, administrators can reduce exposure by disabling the Git node and limiting access for untrusted users.

https://github.com/advisories/GHSA-v364-rw7m-3263

Boletín de seguridad de Android, enero de 2026

https://source.android.com/docs/security/bulletin/2026/2026-01-01

Parche urgente para Apex Central: Trend Micro resuelve vulnerabilidad crítica de ejecución remota

https://unaaldia.hispasec.com/2026/01/parche-urgente-para-apex-central-trend-micro-resuelve-vulnerabilidad-critica-de-ejecucion-remota.html?utm_source=rss&utm_medium=rss&utm_campaign=parche-urgente-para-apex-central-trend-micro-resuelve-vulnerabilidad-critica-de-ejecucion-remota

Unveiling VoidLink – A Stealthy, Cloud-Native Linux Malware Framework

https://research.checkpoint.com/2026/voidlink-the-cloud-native-malware-framework/