// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1622

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-48907	Widget Factory Joomla Content Editor	—	2026-06-16
CVE-2026-54420	LiteSpeed cPanel Plugin	ALTA	2026-06-15
CVE-2026-20262	Cisco Catalyst SD-WAN Manager	MEDIA	2026-06-15
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	CRÍTICA	2026-06-12
CVE-2026-10520	Ivanti Sentry	CRÍTICA	2026-06-11
CVE-2026-11645	Google Chromium V8	ALTA	2026-06-09
CVE-2026-7473	Arista Extensible Operating System	MEDIA	2026-06-09
CVE-2026-20245	Cisco Catalyst SD-WAN Manager	ALTA	2026-06-09
CVE-2026-42271	BerriAI LiteLLM	ALTA	2026-06-08
CVE-2026-50751	Check Point Security Gateway	CRÍTICA	2026-06-08

// top_vendors_afectados

Microsoft

16

Cisco

9

Apple

6

Ivanti

4

Google

4

Adobe

3

LiteSpeed

2

Oracle

2

BerriAI

2

SolarWinds

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2025-61932	Motex LANSCOPE Endpoint Manager	Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability al…	CRÍTICA	2025-10-22
CVE-2022-48503	Apple Multiple Products	Apple macOS, iOS, tvOS, Safari, and watchOS contain an unspecified vulnerability in JavaScriptCore that when processing…	ALTA	2025-10-20
CVE-2025-2746	Kentico Xperience CMS	Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could all…	CRÍTICA	2025-10-20
CVE-2025-2747	Kentico Xperience CMS	Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could all…	CRÍTICA	2025-10-20
CVE-2025-33073	Microsoft Windows	Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalatio…	ALTA	2025-10-20
CVE-2025-61884	Oracle E-Business Suite	Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle …	ALTA	2025-10-20
CVE-2025-54253	Adobe Experience Manager (AEM) Forms	Adobe Experience Manager Forms in JEE contains an unspecified vulnerability that allows for arbitrary code execution.	CRÍTICA	2025-10-15
CVE-2025-47827	IGEL IGEL OS	IGEL OS contains a use of a key past its expiration date vulnerability that allows for Secure Boot bypass. The igel-fla…	MEDIA	2025-10-14
CVE-2025-24990	Microsoft Windows	Microsoft Windows Agere Modem Driver contains an untrusted pointer dereference vulnerability that allows for privilege …	ALTA	2025-10-14
CVE-2025-59230	Microsoft Windows	Microsoft Windows contains an improper access control vulnerability in Windows Remote Access Connection Manager which c…	ALTA	2025-10-14
CVE-2016-7836	SKYSEA Client View	SKYSEA Client View contains an improper authentication vulnerability that allows remote code execution via a flaw in pr…	CRÍTICA	2025-10-14
CVE-2021-43798	Grafana Labs Grafana	Grafana contains a path traversal vulnerability that could allow access to local files.	ALTA	2025-10-09
CVE-2025-27915	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that exists in the Classic Web C…	MEDIA	2025-10-07
CVE-2021-22555	Linux Kernel	Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause…	ALTA	2025-10-06
CVE-2010-3962	Microsoft Internet Explorer	Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code …	ALTA	2025-10-06
CVE-2021-43226	Microsoft Windows	Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local,…	ALTA	2025-10-06
CVE-2013-3918	Microsoft Windows	Microsoft Windows contains an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX contro…	ALTA	2025-10-06
CVE-2011-3402	Microsoft Windows	Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the…	ALTA	2025-10-06
CVE-2010-3765	Mozilla Multiple Products	Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allow…	CRÍTICA	2025-10-06
CVE-2025-61882	Oracle E-Business Suite	Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerabil…	CRÍTICA	2025-10-06
CVE-2014-6278	GNU GNU Bash	GNU Bash contains an OS command injection vulnerability which allows remote attackers to execute arbitrary commands via…	ALTA	2025-10-02
CVE-2017-1000353	Jenkins Jenkins	Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a s…	CRÍTICA	2025-10-02
CVE-2015-7755	Juniper ScreenOS	Juniper ScreenOS contains an improper authentication vulnerability that could allow unauthorized remote administrative …	CRÍTICA	2025-10-02
CVE-2025-21043	Samsung Mobile Devices	Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attac…	ALTA	2025-10-02
CVE-2025-4008	Smartbedded Meteobridge	Smartbedded Meteobridge contains a command injection vulnerability that could allow remote unauthenticated attackers to…	ALTA	2025-10-02

← Anterior Página 8 / 65 (1622 CVEs total) Siguiente →