PULSE
EN VIVO37señales / 24h
FEED
ransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Foundransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Found
CVE Watch349,029 en archivo total

Vulnerabilidades explotables hoy

9,869en la vista actual

Score único combinando CVSS, membresía KEV y EPSS. Cada CVE con su ficha propia — timeline desde publicación hasta explotación activa.

En catálogo KEV1,644
Nuevos KEV · 24H0
Exploit Today ≥ 701,579

Distribución · última ventana

  • Crítico
    1,283
  • Alto
    4,187
  • Medio
    3,505
  • Bajo
    268
Filtros

Ventana

Severidad

Filtros

Vulnerabilidades1–40 · 9,869
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2025-32489.8 CRÍ
100.0%
KEVR80Langflow Missing Authentication Vulnerability2d
CVE-2024-555919.8 CRÍ
99.9%
KEVR80Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability8d
CVE-2021-422379.8 CRÍ
99.9%
KEVR80Sitecore XP Remote Command Execution Vulnerability7d
CVE-2026-314317.8 ALT
99.9%
KEV80Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability2d
CVE-2026-341978.8 ALT
99.9%
KEV80Apache ActiveMQ Improper Input Validation Vulnerability2d
CVE-2024-121210.0 CRÍ
99.9%
KEV80Progress Kemp LoadMaster OS Command Injection Vulnerability3d
CVE-2024-116809.8 CRÍ
99.8%
KEV80ProjectSend Improper Authentication Vulnerability2d
CVE-2026-422089.8 CRÍ
99.7%
KEV80BerriAI LiteLLM SQL Injection Vulnerability2d
CVE-2023-389507.5 ALT
99.7%
KEV80ZKTeco BioTime Path Traversal Vulnerability7d
CVE-2022-262589.8 CRÍ
99.6%
KEV80D-Link DIR-820L Remote Code Execution Vulnerability7d
CVE-2026-422718.8 ALT
99.6%
KEV80BerriAI LiteLLM Command Injection Vulnerability2d
CVE-2025-342918.8 ALT
99.6%
KEV80Langflow Origin Validation Error Vulnerability2d
CVE-2021-252988.8 ALT
99.5%
KEV80Nagios XI OS Command Injection7d
CVE-2021-252968.8 ALT
99.3%
KEV80Nagios XI OS Command Injection7d
CVE-2021-252978.8 ALT
98.9%
KEV80Nagios XI OS Command Injection7d
CVE-2026-202308.6 ALT
98.5%
KEV80Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability15d
CVE-2026-4828210.0 CRÍ
97.9%
KEV79Adobe ColdFusion Path Traversal Vulnerability8d
CVE-2008-41284.3 MED
97.6%
KEV79Cisco IOS Cross-Site Request Forgery Vulnerability3d
CVE-2026-561645.3 MED
92.0%
KEV78Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability2d
CVE-2025-105859.8 CRÍ
91.8%
KEV78Google Chromium V8 Type Confusion Vulnerability2d
CVE-2025-132238.8 ALT
91.1%
KEV77Google Chromium V8 Type Confusion Vulnerability2d
CVE-2026-456598.8 ALT
86.8%
KEV76Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability14d
CVE-2025-244728.1 ALT
86.2%
KEVR76Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability8d
CVE-2026-562909.8 CRÍ
85.4%
KEV76Joomlack Page Builder Improper Access Control Vulnerability8d
CVE-2026-489089.8 CRÍ
72.6%
KEV72JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability8d
CVE-2026-489399.8 CRÍ
71.5%
KEV71iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability6d
CVE-2026-154107.2 ALT
71.1%
KEV71SonicWall SMA1000 Appliances Code Injection Vulnerability16h
CVE-2025-312778.8 ALT
71.0%
KEV71Apple Multiple Products Buffer Overflow Vulnerability2d
CVE-2026-1540910.0 CRÍ
66.4%
KEV70SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability16h
CVE-2026-125699.8 CRÍ
66.0%
KEV70PTC Windchill and FlexPLM Improper Input Validation Vulnerability16d
CVE-2026-4855810.0 CRÍ
63.5%
KEV69SimpleHelp Authentication Bypass Vulnerability16d
CVE-2026-468179.8 CRÍ
60.3%
KEV68Oracle E-Business Suite Improper Privilege Management Vulnerability16h
CVE-2025-670389.8 CRÍ
55.3%
KEV67Lantronix EDS5000 Code Injection Vulnerability10d
CVE-2023-43467.5 ALT
54.2%
KEV66KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability16h
CVE-2026-562919.8 CRÍ
53.6%
KEV66Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability6d
CVE-2026-552558.4 ALT
42.8%
KEV63Langflow Authorization Bypass Through User-Controlled Key Vulnerability8d
CVE-2026-561557.8 ALT
30.2%
KEV59Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability 1d
CVE-2023-349609.8 CRÍ
99.9%
30A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.8d
CVE-2021-252996.1 MED
99.9%
30Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). The vulnerability exists in the file /usr/local/nagiosxi/html/admin/sshterm.php due to improper sanitization of user-controlled input. A maliciously crafted URL, when clicked by an admin user, can be used to steal his/her session cookies or it can be chained with the previous bugs to get one-click remote command execution (RCE) on the Nagios XI server.8d
CVE-2023-376799.8 CRÍ
99.9%
30A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server.8d