CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

16
CVEs añadidos este mes
1623
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-20253 Splunk Enterprise CRÍTICA 2026-06-18
CVE-2026-48907 Widget Factory Joomla Content Editor CRÍTICA 2026-06-16
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
LiteSpeed
2
Oracle
2
BerriAI
2
SolarWinds
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2024-4358 Progress Telerik Report Server Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to ob… CRÍTICA 2024-06-13
CVE-2024-26169 Microsoft Windows Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local a… ALTA 2024-06-13
CVE-2024-32896 Android Pixel Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation. ALTA 2024-06-13
CVE-2024-4577 PHP Group PHP PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for ar… CRÍTICA 2024-06-12
CVE-2024-4610 Arm Mali GPU Kernel Driver Arm Bifrost and Valhall GPU kernel drivers contain a use-after-free vulnerability that allows a local, non-privileged u… ALTA 2024-06-12
CVE-2017-3506 Oracle WebLogic Server Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability th… ALTA 2024-06-03
CVE-2024-1086 Linux Kernel Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to a… ALTA 2024-05-30
CVE-2024-24919 Check Point Quantum Security Gateways Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability po… ALTA 2024-05-30
CVE-2024-4978 Justice AV Solutions Viewer Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421… ALTA 2024-05-29
CVE-2024-5274 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted … CRÍTICA 2024-05-28
CVE-2020-17519 Apache Flink Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local fi… ALTA 2024-05-23
CVE-2024-4947 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted … CRÍTICA 2024-05-20
CVE-2023-43208 NextGen Healthcare Mirth Connect NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthentic… CRÍTICA 2024-05-20
CVE-2024-4761 Google Chromium V8 Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. Thi… ALTA 2024-05-16
CVE-2021-40655 D-Link DIR-605 Router D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and p… ALTA 2024-05-16
CVE-2014-100005 D-Link DIR-600 Router D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change rout… ALTA 2024-05-16
CVE-2024-30040 Microsoft Windows Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass. ALTA 2024-05-14
CVE-2024-30051 Microsoft DWM Core Library Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privile… ALTA 2024-05-14
CVE-2024-4671 Google Chromium Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruptio… CRÍTICA 2024-05-13
CVE-2023-7028 GitLab GitLab CE/EE GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to t… CRÍTICA 2024-05-01
CVE-2024-29988 Microsoft SmartScreen Prompt Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mar… ALTA 2024-04-30
CVE-2024-4040 CrushFTP CrushFTP CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virt… CRÍTICA 2024-04-24
CVE-2024-20359 Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability… MEDIA 2024-04-24
CVE-2024-20353 Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that … ALTA 2024-04-24
CVE-2022-38028 Microsoft Windows Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScr… ALTA 2024-04-23
← Anterior Página 21 / 65 (1623 CVEs total) Siguiente →
[INFO] CVE-2026-45321: Vulnerabilidad crítica en TanStack permite robo de credenciales mediante paquetes npm maliciosos  ·  [INFO] CVE-2026-0257: Bypass de Autenticación Crítico en Palo Alto Networks PAN-OS Explotado Activamente  ·  [INFO] CVE-2024-21182: Vulnerabilidad Crítica en Oracle WebLogic Server Explotada Activamente  ·  [INFO] CVE-2026-45247: Deserialización en Mirasvit Full Page Cache Warmer permite RCE no autenticado  ·  [INFO] CVE-2025-48595: Desbordamiento de Entero en Android Framework con Escalada de Privilegios Local  ·  [INFO] CVE-2026-45321: Vulnerabilidad crítica en TanStack permite robo de credenciales mediante paquetes npm maliciosos  ·  [INFO] CVE-2026-0257: Bypass de Autenticación Crítico en Palo Alto Networks PAN-OS Explotado Activamente  ·  [INFO] CVE-2024-21182: Vulnerabilidad Crítica en Oracle WebLogic Server Explotada Activamente  ·  [INFO] CVE-2026-45247: Deserialización en Mirasvit Full Page Cache Warmer permite RCE no autenticado  ·  [INFO] CVE-2025-48595: Desbordamiento de Entero en Android Framework con Escalada de Privilegios Local  ·