CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1621
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08
CVE-2026-50751 Check Point Security Gateway CRÍTICA 2026-06-08
CVE-2026-28318 SolarWinds Serv-U ALTA 2026-06-05

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
Synacor
3
LiteSpeed
2
Oracle
2
BerriAI
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2024-7694 TeamT5 ThreatSonar Anti-Ransomware TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSon… ALTA 2026-02-17
CVE-2008-0015 Microsoft Windows Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the v… ALTA 2026-02-17
CVE-2026-2441 Google Chromium Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit h… ALTA 2026-02-17
CVE-2026-1731 BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Succes… CRÍTICA 2026-02-13
CVE-2026-20700 Apple Multiple Products Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memo… ALTA 2026-02-12
CVE-2024-43468 Microsoft Configuration Manager Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this… CRÍTICA 2026-02-12
CVE-2025-15556 Notepad++ Notepad++ Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could a… ALTA 2026-02-12
CVE-2025-40536 SolarWinds Web Help Desk SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker … ALTA 2026-02-12
CVE-2026-21513 Microsoft Windows Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attac… ALTA 2026-02-10
CVE-2026-21525 Microsoft Windows Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized… MEDIA 2026-02-10
CVE-2026-21510 Microsoft Windows Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker… ALTA 2026-02-10
CVE-2026-21533 Microsoft Windows Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an a… ALTA 2026-02-10
CVE-2026-21519 Microsoft Windows Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to el… ALTA 2026-02-10
CVE-2026-21514 Microsoft Office Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an … ALTA 2026-02-10
CVE-2025-11953 React Native Community CLI React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network att… CRÍTICA 2026-02-05
CVE-2026-24423 SmarterTools SmarterMail SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API … CRÍTICA 2026-02-05
CVE-2021-39935 GitLab Community and Enterprise Editions GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthor… MEDIA 2026-02-03
CVE-2025-64328 Sangoma FreePBX Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authenticat… ALTA 2026-02-03
CVE-2019-19006 Sangoma FreePBX Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass … CRÍTICA 2026-02-03
CVE-2025-40551 SolarWinds Web Help Desk SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code exec… CRÍTICA 2026-02-03
CVE-2026-1281 Ivanti Endpoint Manager Mobile (EPMM) Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve una… CRÍTICA 2026-01-29
CVE-2026-24858 Fortinet Multiple Products Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path … CRÍTICA 2026-01-27
CVE-2018-14634 Linux Kernel Linux Kernel contains an integer overflow vulnerability in the create_elf_tables() function which could allow an unpriv… ALTA 2026-01-26
CVE-2025-52691 SmarterTools SmarterMail SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an … CRÍTICA 2026-01-26
CVE-2026-23760 SmarterTools SmarterMail SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the pass… CRÍTICA 2026-01-26
← Anterior Página 5 / 65 (1621 CVEs total) Siguiente →
[INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·  [INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·