CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

15
CVEs añadidos este mes
1622
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-48907 Widget Factory Joomla Content Editor 2026-06-16
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08
CVE-2026-50751 Check Point Security Gateway CRÍTICA 2026-06-08

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
LiteSpeed
2
Oracle
2
BerriAI
2
SolarWinds
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-48927 TeleMessage TM SGNL TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability… MEDIA 2025-07-01
CVE-2025-6543 Citrix NetScaler ADC and Gateway Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial … CRÍTICA 2025-06-30
CVE-2019-6693 Fortinet FortiOS Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitiv… MEDIA 2025-06-25
CVE-2024-0769 D-Link DIR-859 Router D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Reques… MEDIA 2025-06-25
CVE-2024-54085 AMI MegaRAC SPx AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful… CRÍTICA 2025-06-25
CVE-2023-0386 Linux Kernel Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the… ALTA 2025-06-17
CVE-2023-33538 TP-Link Multiple Routers TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the compon… ALTA 2025-06-16
CVE-2025-43200 Apple Multiple Products Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously cra… MEDIA 2025-06-16
CVE-2025-33053 Microsoft Windows Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execu… ALTA 2025-06-10
CVE-2025-24016 Wazuh Wazuh Server Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers. CRÍTICA 2025-06-10
CVE-2024-42009 Roundcube Webmail RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to st… CRÍTICA 2025-06-09
CVE-2025-32433 Erlang Erlang/OTP Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an… CRÍTICA 2025-06-09
CVE-2025-5419 Google Chromium V8 Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potenti… ALTA 2025-06-05
CVE-2025-21479 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corru… ALTA 2025-06-03
CVE-2025-21480 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corru… ALTA 2025-06-03
CVE-2025-27038 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption whil… ALTA 2025-06-03
CVE-2021-32030 ASUS Routers ASUS Lyra Mini and ASUS GT-AC2900 devices contain an improper authentication vulnerability that allows an attacker to g… CRÍTICA 2025-06-02
CVE-2025-3935 ConnectWise ScreenConnect ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState… ALTA 2025-06-02
CVE-2025-35939 Craft CMS Craft CMS Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow… MEDIA 2025-06-02
CVE-2024-56145 Craft CMS Craft CMS Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution… CRÍTICA 2025-06-02
CVE-2023-39780 ASUS RT-AX55 Routers ASUS RT-AX55 devices contain an OS command injection vulnerability that could allow a remote, authenticated attacker to… ALTA 2025-06-02
CVE-2025-4632 Samsung MagicINFO 9 Server Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as s… CRÍTICA 2025-05-22
CVE-2023-38950 ZKTeco BioTime ZKTeco BioTime contains a path traversal vulnerability in the iclock API that allows an unauthenticated attacker to rea… ALTA 2025-05-19
CVE-2024-27443 Synacor Zimbra Collaboration Suite (ZCS) Zimbra Collaboration contains a cross-site scripting (XSS) vulnerability in the CalendarInvite feature of the Zimbra we… MEDIA 2025-05-19
CVE-2025-27920 Srimax Output Messenger Srimax Output Messenger contains a directory traversal vulnerability that allows an attacker to access sensitive files … ALTA 2025-05-19
← Anterior Página 11 / 65 (1622 CVEs total) Siguiente →
[INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·  [INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·