// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1621

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-54420	LiteSpeed cPanel Plugin	ALTA	2026-06-15
CVE-2026-20262	Cisco Catalyst SD-WAN Manager	MEDIA	2026-06-15
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	CRÍTICA	2026-06-12
CVE-2026-10520	Ivanti Sentry	CRÍTICA	2026-06-11
CVE-2026-11645	Google Chromium V8	ALTA	2026-06-09
CVE-2026-7473	Arista Extensible Operating System	MEDIA	2026-06-09
CVE-2026-20245	Cisco Catalyst SD-WAN Manager	ALTA	2026-06-09
CVE-2026-42271	BerriAI LiteLLM	ALTA	2026-06-08
CVE-2026-50751	Check Point Security Gateway	CRÍTICA	2026-06-08
CVE-2026-28318	SolarWinds Serv-U	ALTA	2026-06-05

// top_vendors_afectados

Microsoft

16

Cisco

9

Apple

6

Ivanti

4

Google

4

Adobe

3

Synacor

3

LiteSpeed

2

Oracle

2

BerriAI

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2026-24061	GNU InetUtils	GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass…	CRÍTICA	2026-01-26
CVE-2026-21509	Microsoft Office	Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security d…	ALTA	2026-01-26
CVE-2024-37079	Broadcom VMware vCenter Server	Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protoc…	CRÍTICA	2026-01-23
CVE-2025-68645	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains a PHP remote file inclusion vulnerability that could allow for remote…	ALTA	2026-01-22
CVE-2025-34026	Versa Concerto	Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse p…	ALTA	2026-01-22
CVE-2025-31125	Vite Vitejs	Vite Vitejs contains an improper access control vulnerability that exposes content of non-allowed files using ?inline&i…	MEDIA	2026-01-22
CVE-2025-54313	Prettier eslint-config-prettier	Prettier eslint-config-prettier contains an embedded malicious code vulnerability. Installing an affected package execu…	ALTA	2026-01-22
CVE-2026-20045	Cisco Unified Communications Manager	Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Uni…	ALTA	2026-01-21
CVE-2026-20805	Microsoft Windows	Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized at…	MEDIA	2026-01-13
CVE-2025-8110	Gogs Gogs	Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that coul…	ALTA	2026-01-12
CVE-2009-0556	Microsoft Office	Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary c…	ALTA	2026-01-07
CVE-2025-37164	Hewlett Packard Enterprise (HPE) OneView	Hewlett Packard Enterprise (HPE) OneView contains a code injection vulnerability that allows a remote unauthenticated u…	CRÍTICA	2026-01-07
CVE-2025-14847	MongoDB MongoDB and MongoDB Server	MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protoco…	ALTA	2025-12-29
CVE-2023-52163	Digiever DS-2105 Pro	Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via time_tz…	ALTA	2025-12-22
CVE-2025-14733	WatchGuard Firebox	WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerab…	CRÍTICA	2025-12-19
CVE-2025-59374	ASUS Live Update	ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modificati…	CRÍTICA	2025-12-17
CVE-2025-40602	SonicWall SMA1000 appliance	SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance ma…	MEDIA	2025-12-17
CVE-2025-20393	Cisco Multiple Products	Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input valid…	CRÍTICA	2025-12-17
CVE-2025-59718	Fortinet Multiple Products	Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signatu…	CRÍTICA	2025-12-16
CVE-2025-14611	Gladinet CentreStack and Triofox	Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the A…	CRÍTICA	2025-12-15
CVE-2025-43529	Apple Multiple Products	Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing malicio…	ALTA	2025-12-15
CVE-2018-4063	Sierra Wireless AirLink ALEOS	Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially cr…	ALTA	2025-12-12
CVE-2025-14174	Google Chromium	Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to pe…	ALTA	2025-12-12
CVE-2025-58360	OSGeo GeoServer	OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the ap…	ALTA	2025-12-11
CVE-2025-6218	RARLAB WinRAR	RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the curren…	ALTA	2025-12-09

← Anterior Página 6 / 65 (1621 CVEs total) Siguiente →