CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

15
CVEs añadidos este mes
1622
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-48907 Widget Factory Joomla Content Editor 2026-06-16
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08
CVE-2026-50751 Check Point Security Gateway CRÍTICA 2026-06-08

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
LiteSpeed
2
Oracle
2
BerriAI
2
SolarWinds
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-24984 Microsoft Windows Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulner… MEDIA 2025-03-11
CVE-2025-24983 Microsoft Windows Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to … ALTA 2025-03-11
CVE-2025-26633 Microsoft Windows Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorize… ALTA 2025-03-11
CVE-2024-13161 Ivanti Endpoint Manager (EPM) Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated at… CRÍTICA 2025-03-10
CVE-2024-13160 Ivanti Endpoint Manager (EPM) Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated at… CRÍTICA 2025-03-10
CVE-2024-13159 Ivanti Endpoint Manager (EPM) Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated at… CRÍTICA 2025-03-10
CVE-2024-57968 Advantive VeraCore Advantive VeraCore contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to … CRÍTICA 2025-03-10
CVE-2025-25181 Advantive VeraCore Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execut… MEDIA 2025-03-10
CVE-2025-22226 VMware ESXi, Workstation, and Fusion VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HG… ALTA 2025-03-04
CVE-2025-22225 VMware ESXi VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges withi… ALTA 2025-03-04
CVE-2025-22224 VMware ESXi and Workstation VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an … CRÍTICA 2025-03-04
CVE-2024-50302 Linux Kernel The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory v… MEDIA 2025-03-04
CVE-2024-4885 Progress WhatsUp Gold Progress WhatsUp Gold contains a path traversal vulnerability that allows an unauthenticated attacker to achieve remote… CRÍTICA 2025-03-03
CVE-2018-8639 Microsoft Windows Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authent… ALTA 2025-03-03
CVE-2022-43769 Hitachi Vantara Pentaho Business Analytics (BA) Server Hitachi Vantara Pentaho BA Server contains a special element injection vulnerability that allows an attacker to inject … ALTA 2025-03-03
CVE-2022-43939 Hitachi Vantara Pentaho Business Analytics (BA) Server Hitachi Vantara Pentaho BA Server contains a use of non-canonical URL paths for authorization decisions vulnerability t… ALTA 2025-03-03
CVE-2023-20118 Cisco Small Business RV Series Routers Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management … MEDIA 2025-03-03
CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability that allows a remote authe… CRÍTICA 2025-02-25
CVE-2024-49035 Microsoft Partner Center Microsoft Partner Center contains an improper access control vulnerability that allows an attacker to escalate privileg… ALTA 2025-02-25
CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged a… ALTA 2025-02-24
CVE-2017-3066 Adobe ColdFusion Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code … CRÍTICA 2025-02-24
CVE-2025-24989 Microsoft Power Pages Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate… ALTA 2025-02-21
CVE-2025-0111 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enab… MEDIA 2025-02-20
CVE-2025-23209 Craft CMS Craft CMS Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately… ALTA 2025-02-20
CVE-2025-0108 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnera… CRÍTICA 2025-02-18
← Anterior Página 14 / 65 (1622 CVEs total) Siguiente →
[INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·  [INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·