Blog de Ciberseguridad y Tecnología

artículos recientes

Vulnerabilidades 18 Jun 2026 · 02:16

CVE-2026-45247: Deserialización en Mirasvit Full Page Cache Warmer permite RCE no autenticado

Análisis técnico del CVE-2026-45247 en Mirasvit Full Page Cache Warmer: deserialización PHP insegura que permite RCE sin autenticación. Mitigaciones incluidas.

cve-2026-45247cvevulnerabilidadmirasvitseguridad

leer más 5 min

CVE-2026-48907

Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the

Widget Factory · 2026-06-16

CVE-2026-54420

LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access on a shar

LiteSpeed · 2026-06-15

CVE-2026-20262

Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file

Cisco · 2026-06-15

CVE-2026-35273

Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated at

Oracle · 2026-06-12

CVE-2026-10520

Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to

Ivanti · 2026-06-11

ver todos →

CIBERPLANETA