CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

15
CVEs añadidos este mes
1622
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-48907 Widget Factory Joomla Content Editor 2026-06-16
CVE-2026-54420 LiteSpeed cPanel Plugin ALTA 2026-06-15
CVE-2026-20262 Cisco Catalyst SD-WAN Manager MEDIA 2026-06-15
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools CRÍTICA 2026-06-12
CVE-2026-10520 Ivanti Sentry CRÍTICA 2026-06-11
CVE-2026-11645 Google Chromium V8 ALTA 2026-06-09
CVE-2026-7473 Arista Extensible Operating System MEDIA 2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager ALTA 2026-06-09
CVE-2026-42271 BerriAI LiteLLM ALTA 2026-06-08
CVE-2026-50751 Check Point Security Gateway CRÍTICA 2026-06-08

// top_vendors_afectados

Microsoft
16
Cisco
9
Apple
6
Ivanti
4
Google
4
Adobe
3
LiteSpeed
2
Oracle
2
BerriAI
2
SolarWinds
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-32463 Sudo Sudo Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow… CRÍTICA 2025-09-29
CVE-2025-59689 Libraesva Email Security Gateway Libraesva Email Security Gateway (ESG) contains a command injection vulnerability which allows command injection via a … MEDIA 2025-09-29
CVE-2025-10035 Fortra GoAnywhere MFT Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged … CRÍTICA 2025-09-29
CVE-2025-20352 Cisco IOS and IOS XE Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SN… ALTA 2025-09-29
CVE-2021-21311 Adminer Adminer Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain p… ALTA 2025-09-29
CVE-2025-20362 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Serve… MEDIA 2025-09-25
CVE-2025-20333 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Serve… CRÍTICA 2025-09-25
CVE-2025-10585 Google Chromium V8 Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine. CRÍTICA 2025-09-23
CVE-2025-5086 Dassault Systèmes DELMIA Apriso Dassault Systèmes DELMIA Apriso contains a deserialization of untrusted data vulnerability that could lead to a remote … CRÍTICA 2025-09-11
CVE-2025-38352 Linux Kernel Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confi… ALTA 2025-09-04
CVE-2025-48543 Android Runtime Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local p… ALTA 2025-09-04
CVE-2025-53690 Sitecore Multiple Products Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud contain a deser… CRÍTICA 2025-09-04
CVE-2023-50224 TP-Link TL-WR841N TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens o… MEDIA 2025-09-03
CVE-2025-9377 TP-Link Multiple Routers TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Co… ALTA 2025-09-03
CVE-2020-24363 TP-Link TL-WA855RE TP-link TL-WA855RE contains a missing authentication for critical function vulnerability. This vulnerability could allo… ALTA 2025-09-02
CVE-2025-55177 Meta Platforms WhatsApp Meta Platforms WhatsApp contains an incorrect authorization vulnerability due to an incomplete authorization of linked … MEDIA 2025-09-02
CVE-2025-57819 Sangoma FreePBX Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allo… CRÍTICA 2025-08-29
CVE-2025-7775 Citrix NetScaler Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code exe… CRÍTICA 2025-08-26
CVE-2025-48384 Git Git Git contains a link following vulnerability that stems from Git’s inconsistent handling of carriage return characters i… ALTA 2025-08-25
CVE-2024-8068 Citrix Session Recording Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalat… ALTA 2025-08-25
CVE-2024-8069 Citrix Session Recording Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code exe… ALTA 2025-08-25
CVE-2025-43300 Apple iOS, iPadOS, and macOS Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework. CRÍTICA 2025-08-21
CVE-2025-54948 Trend Micro Apex One Trend Micro Apex One Management Console (on-premise) contains an OS command injection vulnerability that could allow a … CRÍTICA 2025-08-18
CVE-2025-8876 N-able N-Central N-able N-Central contains a command injection vulnerability via improper sanitization of user input. ALTA 2025-08-13
CVE-2025-8875 N-able N-Central N-able N-Central contains an insecure deserialization vulnerability that could lead to command execution. ALTA 2025-08-13
← Anterior Página 9 / 65 (1622 CVEs total) Siguiente →
[INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·  [INFO] CVE-2026-42897: Vulnerabilidad XSS en Microsoft Exchange Server  ·  [INFO] CVE-2026-20182: Vulnerabilidad Crítica de Bypass de Autenticación en Cisco SD-WAN  ·  [INFO] CVE-2026-42208: Inyección SQL en BerriAI LiteLLM y sus Riesgos de Seguridad  ·  [INFO] CVE-2026-6973: Vulnerabilidad Crítica en Ivanti EPMM Permite Ejecución Remota de Código  ·  [INFO] CVE-2026-0300: Vulnerabilidad Crítica en PAN-OS de Palo Alto Networks Explotada  ·