CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

16
CVEs añadidos este mes
1623
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-20253 Splunk Enterprise CRÍTICA 2026-06-18
CVE-2026-48907 Widget Factory Joomla Content Editor CRÍTICA 2026-06-16
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
LiteSpeed
2
Oracle
2
BerriAI
2
SolarWinds
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-21334 Microsoft Windows Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacke… ALTA 2025-01-14
CVE-2025-21333 Microsoft Windows Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a l… ALTA 2025-01-14
CVE-2024-55591 Fortinet FortiOS and FortiProxy Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remot… CRÍTICA 2025-01-14
CVE-2023-48365 Qlik Sense Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP req… CRÍTICA 2025-01-13
CVE-2024-12686 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that c… MEDIA 2025-01-13
CVE-2025-0282 Ivanti Connect Secure, Policy Secure, and ZTA Gateways Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthen… CRÍTICA 2025-01-08
CVE-2020-2883 Oracle WebLogic Server Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable… CRÍTICA 2025-01-07
CVE-2024-55550 Mitel MiCollab Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative p… BAJA 2025-01-07
CVE-2024-41713 Mitel MiCollab Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenti… CRÍTICA 2025-01-07
CVE-2024-3393 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security fea… ALTA 2024-12-30
CVE-2021-44207 Acclaim Systems USAHERDS Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote… ALTA 2024-12-23
CVE-2024-12356 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can… CRÍTICA 2024-12-19
CVE-2021-40407 Reolink RLC-410W IP Camera Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings … ALTA 2024-12-18
CVE-2019-11001 Reolink Multiple IP Cameras Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W IP cameras contain an authenticated OS command injection vulne… ALTA 2024-12-18
CVE-2022-23227 NUUO NVRmini2 Devices NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload … CRÍTICA 2024-12-18
CVE-2018-14933 NUUO NVRmini Devices NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution … CRÍTICA 2024-12-18
CVE-2024-55956 Cleo Multiple Products Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vuln… CRÍTICA 2024-12-17
CVE-2024-35250 Microsoft Windows Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attack… ALTA 2024-12-16
CVE-2024-20767 Adobe ColdFusion Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify res… ALTA 2024-12-16
CVE-2024-50623 Cleo Multiple Products Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and … CRÍTICA 2024-12-13
CVE-2024-49138 Microsoft Windows Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows … ALTA 2024-12-10
CVE-2024-51378 CyberPersons CyberPanel CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execut… CRÍTICA 2024-12-04
CVE-2024-11667 Zyxel Multiple Firewalls Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an att… ALTA 2024-12-03
CVE-2024-11680 ProjectSend ProjectSend ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable … CRÍTICA 2024-12-03
CVE-2023-45727 North Grid Proself North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Enti… ALTA 2024-12-03
← Anterior Página 16 / 65 (1623 CVEs total) Siguiente →
[INFO] CVE-2026-45321: Vulnerabilidad crítica en TanStack permite robo de credenciales mediante paquetes npm maliciosos  ·  [INFO] CVE-2026-0257: Bypass de Autenticación Crítico en Palo Alto Networks PAN-OS Explotado Activamente  ·  [INFO] CVE-2024-21182: Vulnerabilidad Crítica en Oracle WebLogic Server Explotada Activamente  ·  [INFO] CVE-2026-45247: Deserialización en Mirasvit Full Page Cache Warmer permite RCE no autenticado  ·  [INFO] CVE-2025-48595: Desbordamiento de Entero en Android Framework con Escalada de Privilegios Local  ·  [INFO] CVE-2026-45321: Vulnerabilidad crítica en TanStack permite robo de credenciales mediante paquetes npm maliciosos  ·  [INFO] CVE-2026-0257: Bypass de Autenticación Crítico en Palo Alto Networks PAN-OS Explotado Activamente  ·  [INFO] CVE-2024-21182: Vulnerabilidad Crítica en Oracle WebLogic Server Explotada Activamente  ·  [INFO] CVE-2026-45247: Deserialización en Mirasvit Full Page Cache Warmer permite RCE no autenticado  ·  [INFO] CVE-2025-48595: Desbordamiento de Entero en Android Framework con Escalada de Privilegios Local  ·