CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

1
CVEs añadidos este mes
1587
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-31431 Linux Kernel ALTA 2026-05-01

// top_vendors_afectados

Microsoft
19
Cisco
7
Apple
7
Synacor
4
Google
4
Fortinet
3
Ivanti
3
SolarWinds
3
SmarterTools
3
Linux
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-22224 VMware ESXi and Workstation VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an … CRÍTICA 2025-03-04
CVE-2024-50302 Linux Kernel The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory v… MEDIA 2025-03-04
CVE-2024-4885 Progress WhatsUp Gold Progress WhatsUp Gold contains a path traversal vulnerability that allows an unauthenticated attacker to achieve remote… CRÍTICA 2025-03-03
CVE-2018-8639 Microsoft Windows Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authent… ALTA 2025-03-03
CVE-2022-43769 Hitachi Vantara Pentaho Business Analytics (BA) Server Hitachi Vantara Pentaho BA Server contains a special element injection vulnerability that allows an attacker to inject … ALTA 2025-03-03
CVE-2022-43939 Hitachi Vantara Pentaho Business Analytics (BA) Server Hitachi Vantara Pentaho BA Server contains a use of non-canonical URL paths for authorization decisions vulnerability t… ALTA 2025-03-03
CVE-2023-20118 Cisco Small Business RV Series Routers Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management … MEDIA 2025-03-03
CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability that allows a remote authe… CRÍTICA 2025-02-25
CVE-2024-49035 Microsoft Partner Center Microsoft Partner Center contains an improper access control vulnerability that allows an attacker to escalate privileg… ALTA 2025-02-25
CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged a… ALTA 2025-02-24
CVE-2017-3066 Adobe ColdFusion Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code … CRÍTICA 2025-02-24
CVE-2025-24989 Microsoft Power Pages Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate… ALTA 2025-02-21
CVE-2025-0111 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enab… MEDIA 2025-02-20
CVE-2025-23209 Craft CMS Craft CMS Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately… ALTA 2025-02-20
CVE-2025-0108 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnera… CRÍTICA 2025-02-18
CVE-2024-53704 SonicWall SonicOS SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows … CRÍTICA 2025-02-18
CVE-2024-57727 SimpleHelp SimpleHelp SimpleHelp remote support software contains multiple path traversal vulnerabilities that allow unauthenticated remote a… ALTA 2025-02-13
CVE-2025-24200 Apple iOS and iPadOS Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB R… MEDIA 2025-02-12
CVE-2024-41710 Mitel SIP Phones Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument in… ALTA 2025-02-12
CVE-2024-40891 Zyxel DSL CPE Devices Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands… ALTA 2025-02-11
CVE-2024-40890 Zyxel DSL CPE Devices Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the CGI program that co… ALTA 2025-02-11
CVE-2025-21418 Microsoft Windows Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows… ALTA 2025-02-11
CVE-2025-21391 Microsoft Windows Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulne… ALTA 2025-02-11
CVE-2025-0994 Trimble Cityworks Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote … ALTA 2025-02-07
CVE-2020-15069 Sophos XG Firewall Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookm… CRÍTICA 2025-02-06
← Anterior Página 13 / 64 (1587 CVEs total) Siguiente →
[INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·  [INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·