// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1621

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-54420	LiteSpeed cPanel Plugin	ALTA	2026-06-15
CVE-2026-20262	Cisco Catalyst SD-WAN Manager	MEDIA	2026-06-15
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	CRÍTICA	2026-06-12
CVE-2026-10520	Ivanti Sentry	CRÍTICA	2026-06-11
CVE-2026-11645	Google Chromium V8	ALTA	2026-06-09
CVE-2026-7473	Arista Extensible Operating System	MEDIA	2026-06-09
CVE-2026-20245	Cisco Catalyst SD-WAN Manager	ALTA	2026-06-09
CVE-2026-42271	BerriAI LiteLLM	ALTA	2026-06-08
CVE-2026-50751	Check Point Security Gateway	CRÍTICA	2026-06-08
CVE-2026-28318	SolarWinds Serv-U	ALTA	2026-06-05

// top_vendors_afectados

Microsoft

16

Cisco

9

Apple

6

Ivanti

4

Google

4

Adobe

3

Synacor

3

LiteSpeed

2

Oracle

2

BerriAI

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2026-54420	LiteSpeed cPanel Plugin	LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FT…	ALTA	2026-06-15
CVE-2026-20262	Cisco Catalyst SD-WAN Manager	Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, r…	MEDIA	2026-06-15
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which co…	CRÍTICA	2026-06-12
CVE-2026-10520	Ivanti Sentry	Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a …	CRÍTICA	2026-06-11
CVE-2026-11645	Google Chromium V8	Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary c…	ALTA	2026-06-09
CVE-2026-7473	Arista Extensible Operating System	Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the …	MEDIA	2026-06-09
CVE-2026-20245	Cisco Catalyst SD-WAN Manager	Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability…	ALTA	2026-06-09
CVE-2026-42271	BerriAI LiteLLM	BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders o…	ALTA	2026-06-08
CVE-2026-50751	Check Point Security Gateway	Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow a…	CRÍTICA	2026-06-08
CVE-2026-28318	SolarWinds Serv-U	SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST reques…	ALTA	2026-06-05
CVE-2026-45247	Mirasvit Mirasvit Full Page Cache Warmer	Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthentic…	CRÍTICA	2026-06-03
CVE-2022-0492	Linux Kernel	Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgrou…	ALTA	2026-06-02
CVE-2025-48595	Android Framework	Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local …	ALTA	2026-06-02
CVE-2024-21182	Oracle WebLogic Server	Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access …	ALTA	2026-06-01
CVE-2026-0257	Palo Alto Networks PAN-OS	Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security rest…	CRÍTICA	2026-05-29
CVE-2026-48027	Nx Nx Console	Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be publi…	CRÍTICA	2026-05-27
CVE-2026-45321	TanStack TanStack	TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the np…	CRÍTICA	2026-05-27
CVE-2026-8398	Daemon Daemon Tools Lite	Daemon Tools contains an unspecified vulnerability that has a high impact on confidentiality, integrity, and availabili…	CRÍTICA	2026-05-27
CVE-2026-48172	LiteSpeed cPanel Plugin	LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, whi…	CRÍTICA	2026-05-26
CVE-2026-9082	Drupal Core	Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution …	MEDIA	2026-05-22
CVE-2025-34291	Langflow Langflow	Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined wi…	ALTA	2026-05-21
CVE-2026-34926	Trend Micro Apex One	Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated loc…	MEDIA	2026-05-21
CVE-2008-4250	Microsoft Windows	Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers t…	CRÍTICA	2026-05-20
CVE-2009-1537	Microsoft DirectX	Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in Di…	ALTA	2026-05-20
CVE-2009-3459	Adobe Acrobat and Reader	Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execu…	ALTA	2026-05-20

Página 1 / 65 (1621 CVEs total) Siguiente →