CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

15
CVEs añadidos este mes
1622
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-48907 Widget Factory Joomla Content Editor 2026-06-16
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08
CVE-2026-50751 Check Point Security Gateway CRÍTICA 2026-06-08

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
LiteSpeed
2
Oracle
2
BerriAI
2
SolarWinds
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-8088 RARLAB WinRAR RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could… ALTA 2025-08-12
CVE-2007-0671 Microsoft Office Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Ex… ALTA 2025-08-12
CVE-2013-3893 Microsoft Internet Explorer Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impac… ALTA 2025-08-12
CVE-2020-25078 D-Link DCS-2530L and DCS-2670L Devices D-Link DCS-2530L and DCS-2670L devices contains an unspecified vulnerability that could allow for remote administrator … ALTA 2025-08-05
CVE-2020-25079 D-Link DCS-2530L and DCS-2670L Devices D-Link DCS-2530L and DCS-2670L devices contains a command injection vulnerability in the cgi-bin/ddns_enc.cgi. The impa… ALTA 2025-08-05
CVE-2022-40799 D-Link DNR-322L D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow an authenticated att… ALTA 2025-08-05
CVE-2023-2533 PaperCut NG/MF PaperCut NG/MF contains a cross-site request forgery (CSRF) vulnerability, which, under specific conditions, could pote… ALTA 2025-07-28
CVE-2025-20337 Cisco Identity Services Engine Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due… CRÍTICA 2025-07-28
CVE-2025-20281 Cisco Identity Services Engine Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due… CRÍTICA 2025-07-28
CVE-2025-2775 SysAid SysAid On-Prem SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processin… CRÍTICA 2025-07-22
CVE-2025-2776 SysAid SysAid On-Prem SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL proces… CRÍTICA 2025-07-22
CVE-2025-6558 Google Chromium Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a … ALTA 2025-07-22
CVE-2025-54309 CrushFTP CrushFTP CrushFTP contains an unprotected alternate channel vulnerability. When the DMZ proxy feature is not used, mishandles AS… CRÍTICA 2025-07-22
CVE-2025-49704 Microsoft SharePoint Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code ov… ALTA 2025-07-22
CVE-2025-49706 Microsoft SharePoint Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform sp… MEDIA 2025-07-22
CVE-2025-53770 Microsoft SharePoint Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an … CRÍTICA 2025-07-20
CVE-2025-25257 Fortinet FortiWeb Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthor… CRÍTICA 2025-07-18
CVE-2025-47812 Wing FTP Server Wing FTP Server Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injectio… CRÍTICA 2025-07-14
CVE-2025-5777 Citrix NetScaler ADC and Gateway Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This… ALTA 2025-07-10
CVE-2019-9621 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery (SSRF) vulnerability via the ProxyServl… ALTA 2025-07-07
CVE-2019-5418 Rails Ruby on Rails Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combina… ALTA 2025-07-07
CVE-2016-10033 PHP PHPMailer PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, th… CRÍTICA 2025-07-07
CVE-2014-3931 Looking Glass Multi-Router Looking Glass (MRLG) Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause a… CRÍTICA 2025-07-07
CVE-2025-6554 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read… ALTA 2025-07-02
CVE-2025-48928 TeleMessage TM SGNL TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulner… MEDIA 2025-07-01
← Anterior Página 10 / 65 (1622 CVEs total) Siguiente →
[INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·  [INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·