CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1621
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08
CVE-2026-50751 Check Point Security Gateway CRÍTICA 2026-06-08
CVE-2026-28318 SolarWinds Serv-U ALTA 2026-06-05

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
Synacor
3
LiteSpeed
2
Oracle
2
BerriAI
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2010-0249 Microsoft Internet Explorer Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbit… ALTA 2026-05-20
CVE-2010-0806 Microsoft Internet Explorer Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbit… ALTA 2026-05-20
CVE-2026-41091 Microsoft Defender Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges loc… ALTA 2026-05-20
CVE-2026-45498 Microsoft Defender Microsoft Defender contains an unspecified vulnerability that allows for denial of service. MEDIA 2026-05-20
CVE-2026-42897 Microsoft Microsoft Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Acces… ALTA 2026-05-15
CVE-2026-20182 Cisco Catalyst SD-WAN Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticate… CRÍTICA 2026-05-14
CVE-2026-42208 BerriAI LiteLLM BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database a… CRÍTICA 2026-05-08
CVE-2026-6973 Ivanti Endpoint Manager Mobile (EPMM) Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authen… ALTA 2026-05-07
CVE-2026-0300 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Capti… CRÍTICA 2026-05-06
CVE-2026-31431 Linux Kernel Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escal… ALTA 2026-05-01
CVE-2026-41940 WebPros cPanel & WHM and WP2 (WordPress Squared) WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in th… CRÍTICA 2026-04-30
CVE-2024-1708 ConnectWise ScreenConnect ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code … ALTA 2026-04-28
CVE-2026-32202 Microsoft Windows Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to p… MEDIA 2026-04-28
CVE-2025-29635 D-Link DIR-823X D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary comm… ALTA 2026-04-24
CVE-2024-7399 Samsung MagicINFO 9 Server Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary file… ALTA 2026-04-24
CVE-2024-57728 SimpleHelp SimpleHelp SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the fi… ALTA 2026-04-24
CVE-2024-57726 SimpleHelp SimpleHelp SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API key… CRÍTICA 2026-04-24
CVE-2026-39987 Marimo Marimo Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell… CRÍTICA 2026-04-23
CVE-2026-33825 Microsoft Defender Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized … ALTA 2026-04-22
CVE-2026-20122 Cisco Catalyst SD-WAN Manger Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling … MEDIA 2026-04-20
CVE-2026-20133 Cisco Catalyst SD-WAN Manager Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that… MEDIA 2026-04-20
CVE-2025-2749 Kentico Kentico Xperience Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server … ALTA 2026-04-20
CVE-2023-27351 PaperCut NG/MF PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentica… ALTA 2026-04-20
CVE-2025-48700 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to ex… MEDIA 2026-04-20
CVE-2026-20128 Cisco Catalyst SD-WAN Manager Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authent… ALTA 2026-04-20
← Anterior Página 2 / 65 (1621 CVEs total) Siguiente →
[INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·  [INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·