CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2017-3506 Oracle WebLogic Server Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability th… ALTA 2024-06-03
CVE-2024-1086 Linux Kernel Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to a… ALTA 2024-05-30
CVE-2024-24919 Check Point Quantum Security Gateways Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability po… ALTA 2024-05-30
CVE-2024-4978 Justice AV Solutions Viewer Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421… ALTA 2024-05-29
CVE-2024-5274 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted … CRÍTICA 2024-05-28
CVE-2020-17519 Apache Flink Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local fi… ALTA 2024-05-23
CVE-2024-4947 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted … CRÍTICA 2024-05-20
CVE-2023-43208 NextGen Healthcare Mirth Connect NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthentic… CRÍTICA 2024-05-20
CVE-2024-4761 Google Chromium V8 Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. Thi… ALTA 2024-05-16
CVE-2021-40655 D-Link DIR-605 Router D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and p… ALTA 2024-05-16
CVE-2014-100005 D-Link DIR-600 Router D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change rout… ALTA 2024-05-16
CVE-2024-30040 Microsoft Windows Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass. ALTA 2024-05-14
CVE-2024-30051 Microsoft DWM Core Library Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privile… ALTA 2024-05-14
CVE-2024-4671 Google Chromium Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruptio… CRÍTICA 2024-05-13
CVE-2023-7028 GitLab GitLab CE/EE GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to t… CRÍTICA 2024-05-01
CVE-2024-29988 Microsoft SmartScreen Prompt Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mar… ALTA 2024-04-30
CVE-2024-4040 CrushFTP CrushFTP CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virt… CRÍTICA 2024-04-24
CVE-2024-20359 Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability… MEDIA 2024-04-24
CVE-2024-20353 Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that … ALTA 2024-04-24
CVE-2022-38028 Microsoft Windows Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScr… ALTA 2024-04-23
CVE-2024-3400 Palo Alto Networks PAN-OS Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticat… CRÍTICA 2024-04-12
CVE-2024-3273 D-Link Multiple NAS Devices D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024… ALTA 2024-04-11
CVE-2024-3272 D-Link Multiple NAS Devices D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct au… CRÍTICA 2024-04-11
CVE-2024-29748 Android Pixel Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset trigge… ALTA 2024-04-04
CVE-2024-29745 Android Pixel Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flas… MEDIA 2024-04-04
← Anterior Página 18 / 62 (1543 CVEs total) Siguiente →
[INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·