// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1621

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-54420	LiteSpeed cPanel Plugin	ALTA	2026-06-15
CVE-2026-20262	Cisco Catalyst SD-WAN Manager	MEDIA	2026-06-15
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	CRÍTICA	2026-06-12
CVE-2026-10520	Ivanti Sentry	CRÍTICA	2026-06-11
CVE-2026-11645	Google Chromium V8	ALTA	2026-06-09
CVE-2026-7473	Arista Extensible Operating System	MEDIA	2026-06-09
CVE-2026-20245	Cisco Catalyst SD-WAN Manager	ALTA	2026-06-09
CVE-2026-42271	BerriAI LiteLLM	ALTA	2026-06-08
CVE-2026-50751	Check Point Security Gateway	CRÍTICA	2026-06-08
CVE-2026-28318	SolarWinds Serv-U	ALTA	2026-06-05

// top_vendors_afectados

Microsoft

16

Cisco

9

Apple

6

Ivanti

4

Google

4

Adobe

3

Synacor

3

LiteSpeed

2

Oracle

2

BerriAI

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2025-32975	Quest KACE Systems Management Appliance (SMA)	Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow attack…	CRÍTICA	2026-04-20
CVE-2024-27199	JetBrains TeamCity	JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be perfor…	ALTA	2026-04-20
CVE-2026-34197	Apache ActiveMQ	Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.	ALTA	2026-04-16
CVE-2009-0238	Microsoft Office	Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete con…	ALTA	2026-04-14
CVE-2026-32201	Microsoft SharePoint Server	Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to…	MEDIA	2026-04-14
CVE-2012-1854	Microsoft Visual Basic for Applications (VBA)	Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for r…	ALTA	2026-04-13
CVE-2025-60710	Microsoft Windows	Microsoft Windows contains a link following vulnerability that allows for privilege escalation	ALTA	2026-04-13
CVE-2023-21529	Microsoft Exchange Server	Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve…	ALTA	2026-04-13
CVE-2023-36424	Microsoft Windows	Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat …	ALTA	2026-04-13
CVE-2020-9715	Adobe Acrobat	Adobe Acrobat contains a use-after-free vulnerability that allows for code execution	ALTA	2026-04-13
CVE-2026-21643	Fortinet FortiClient EMS	Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute u…	CRÍTICA	2026-04-13
CVE-2026-34621	Adobe Acrobat and Reader	Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.	ALTA	2026-04-13
CVE-2026-1340	Ivanti Endpoint Manager Mobile (EPMM)	Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve una…	CRÍTICA	2026-04-08
CVE-2026-35616	Fortinet FortiClient EMS	Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker t…	CRÍTICA	2026-04-06
CVE-2026-3502	TrueConf Client	TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence…	ALTA	2026-04-02
CVE-2026-5281	Google Dawn	Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the rendere…	ALTA	2026-04-01
CVE-2026-3055	Citrix NetScaler	Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcP…	CRÍTICA	2026-03-30
CVE-2025-53521	F5 BIG-IP	F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote co…	CRÍTICA	2026-03-27
CVE-2026-33634	Aquasecurity Trivy	Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to eve…	ALTA	2026-03-26
CVE-2026-33017	Langflow Langflow	Langflow contains a code injection vulnerability that could allow building public flows without requiring authenticatio…	CRÍTICA	2026-03-25
CVE-2025-32432	Craft CMS Craft CMS	Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.	CRÍTICA	2026-03-20
CVE-2025-54068	Laravel Livewire	Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote co…	CRÍTICA	2026-03-20
CVE-2025-43510	Apple Multiple Products	Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a mali…	ALTA	2026-03-20
CVE-2025-43520	Apple Multiple Products	Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow…	ALTA	2026-03-20
CVE-2025-31277	Apple Multiple Products	Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow …	ALTA	2026-03-20

← Anterior Página 3 / 65 (1621 CVEs total) Siguiente →