CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-0282 Ivanti Connect Secure, Policy Secure, and ZTA Gateways Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthen… CRÍTICA 2025-01-08
CVE-2020-2883 Oracle WebLogic Server Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable… CRÍTICA 2025-01-07
CVE-2024-55550 Mitel MiCollab Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative p… BAJA 2025-01-07
CVE-2024-41713 Mitel MiCollab Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenti… CRÍTICA 2025-01-07
CVE-2024-3393 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security fea… ALTA 2024-12-30
CVE-2021-44207 Acclaim Systems USAHERDS Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote… ALTA 2024-12-23
CVE-2024-12356 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can… CRÍTICA 2024-12-19
CVE-2021-40407 Reolink RLC-410W IP Camera Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings … ALTA 2024-12-18
CVE-2019-11001 Reolink Multiple IP Cameras Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W IP cameras contain an authenticated OS command injection vulne… ALTA 2024-12-18
CVE-2022-23227 NUUO NVRmini2 Devices NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload … CRÍTICA 2024-12-18
CVE-2018-14933 NUUO NVRmini Devices NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution … CRÍTICA 2024-12-18
CVE-2024-55956 Cleo Multiple Products Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vuln… CRÍTICA 2024-12-17
CVE-2024-35250 Microsoft Windows Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attack… ALTA 2024-12-16
CVE-2024-20767 Adobe ColdFusion Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify res… ALTA 2024-12-16
CVE-2024-50623 Cleo Multiple Products Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and … CRÍTICA 2024-12-13
CVE-2024-49138 Microsoft Windows Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows … ALTA 2024-12-10
CVE-2024-51378 CyberPersons CyberPanel CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execut… CRÍTICA 2024-12-04
CVE-2024-11667 Zyxel Multiple Firewalls Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an att… ALTA 2024-12-03
CVE-2024-11680 ProjectSend ProjectSend ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable … CRÍTICA 2024-12-03
CVE-2023-45727 North Grid Proself North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Enti… ALTA 2024-12-03
CVE-2023-28461 Array Networks AG/vxAG ArrayOS Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an … CRÍTICA 2024-11-25
CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extens… ALTA 2024-11-21
CVE-2024-44309 Apple Multiple Products Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web… MEDIA 2024-11-21
CVE-2024-44308 Apple Multiple Products Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web… ALTA 2024-11-21
CVE-2024-38813 VMware vCenter Server VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attac… ALTA 2024-11-20
← Anterior Página 13 / 62 (1543 CVEs total) Siguiente →
[INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·  [INFO] La puerta trasera de DRILLAPP apunta a Ucrania y abusa de la depuración de Microsoft Edge para realizar espionaje sigiloso...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·  [INFO] La puerta trasera de DRILLAPP apunta a Ucrania y abusa de la depuración de Microsoft Edge para realizar espionaje sigiloso...  ·