// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1622

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-48907	Widget Factory Joomla Content Editor	—	2026-06-16
CVE-2026-54420	LiteSpeed cPanel Plugin	ALTA	2026-06-15
CVE-2026-20262	Cisco Catalyst SD-WAN Manager	MEDIA	2026-06-15
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	CRÍTICA	2026-06-12
CVE-2026-10520	Ivanti Sentry	CRÍTICA	2026-06-11
CVE-2026-11645	Google Chromium V8	ALTA	2026-06-09
CVE-2026-7473	Arista Extensible Operating System	MEDIA	2026-06-09
CVE-2026-20245	Cisco Catalyst SD-WAN Manager	ALTA	2026-06-09
CVE-2026-42271	BerriAI LiteLLM	ALTA	2026-06-08
CVE-2026-50751	Check Point Security Gateway	CRÍTICA	2026-06-08

// top_vendors_afectados

Microsoft

16

Cisco

9

Apple

6

Ivanti

4

Google

4

Adobe

3

LiteSpeed

2

Oracle

2

BerriAI

2

SolarWinds

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2025-6218	RARLAB WinRAR	RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the curren…	ALTA	2025-12-09
CVE-2025-62221	Microsoft Windows	Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized a…	ALTA	2025-12-09
CVE-2022-37055	D-Link Routers	D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and avail…	CRÍTICA	2025-12-08
CVE-2025-66644	Array Networks ArrayOS AG	Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitr…	ALTA	2025-12-08
CVE-2025-55182	Meta React Server Components	Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote cod…	CRÍTICA	2025-12-05
CVE-2021-26828	OpenPLC ScadaBR	OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authentica…	ALTA	2025-12-03
CVE-2025-48633	Android Framework	Android Framework contains an unspecified vulnerability that allows for information disclosure.	MEDIA	2025-12-02
CVE-2025-48572	Android Framework	Android Framework contains an unspecified vulnerability that allows for privilege escalation.	ALTA	2025-12-02
CVE-2021-26829	OpenPLC ScadaBR	OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.	MEDIA	2025-11-28
CVE-2025-61757	Oracle Fusion Middleware	Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticate…	CRÍTICA	2025-11-21
CVE-2025-13223	Google Chromium V8	Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.	ALTA	2025-11-19
CVE-2025-58034	Fortinet FortiWeb	Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute un…	ALTA	2025-11-18
CVE-2025-64446	Fortinet FortiWeb	Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execut…	CRÍTICA	2025-11-14
CVE-2025-12480	Gladinet Triofox	Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after…	CRÍTICA	2025-11-12
CVE-2025-62215	Microsoft Windows	Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges…	ALTA	2025-11-12
CVE-2025-9242	WatchGuard Firebox	WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthe…	CRÍTICA	2025-11-12
CVE-2025-21042	Samsung Mobile Devices	Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could…	ALTA	2025-11-10
CVE-2025-48703	CWP Control Web Panel	CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command Injection vulnerability that allows unauthenti…	CRÍTICA	2025-11-04
CVE-2025-11371	Gladinet CentreStack and Triofox	Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allo…	ALTA	2025-11-04
CVE-2025-41244	Broadcom VMware Aria Operations and VMware Tools	Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malic…	ALTA	2025-10-30
CVE-2025-24893	XWiki Platform	XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code exe…	CRÍTICA	2025-10-30
CVE-2025-6204	Dassault Systèmes DELMIA Apriso	Dassault Systèmes DELMIA Apriso contains a code injection vulnerability that could allow an attacker to execute arbitra…	ALTA	2025-10-28
CVE-2025-6205	Dassault Systèmes DELMIA Apriso	Dassault Systèmes DELMIA Apriso contains a missing authorization vulnerability that could allow an attacker to gain pri…	CRÍTICA	2025-10-28
CVE-2025-54236	Adobe Commerce and Magento	Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker …	CRÍTICA	2025-10-24
CVE-2025-59287	Microsoft Windows	Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows f…	CRÍTICA	2025-10-24

← Anterior Página 7 / 65 (1622 CVEs total) Siguiente →