CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2023-24955 Microsoft SharePoint Server Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Own… ALTA 2024-03-26
CVE-2019-7256 Nice Linear eMerge E3-Series Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote c… CRÍTICA 2024-03-25
CVE-2021-44529 Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauth… CRÍTICA 2024-03-25
CVE-2023-48788 Fortinet FortiClient EMS Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute comm… CRÍTICA 2024-03-25
CVE-2024-27198 JetBrains TeamCity JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions. CRÍTICA 2024-03-07
CVE-2024-23225 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an a… ALTA 2024-03-06
CVE-2024-23296 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker wit… ALTA 2024-03-06
CVE-2023-21237 Android Pixel Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, prov… MEDIA 2024-03-05
CVE-2021-36380 Sunhillo SureLine Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service o… CRÍTICA 2024-03-05
CVE-2024-21338 Microsoft Windows Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (inp… ALTA 2024-03-04
CVE-2023-29360 Microsoft Streaming Service Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalatio… ALTA 2024-02-29
CVE-2024-1709 ConnectWise ScreenConnect ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access t… CRÍTICA 2024-02-22
CVE-2020-3259 Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerabil… ALTA 2024-02-15
CVE-2024-21410 Microsoft Exchange Server Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. CRÍTICA 2024-02-15
CVE-2024-21412 Microsoft Windows Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypa… ALTA 2024-02-13
CVE-2024-21351 Microsoft Windows Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Sm… ALTA 2024-02-13
CVE-2023-43770 Roundcube Webmail Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosur… MEDIA 2024-02-12
CVE-2024-21762 Fortinet FortiOS Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute … CRÍTICA 2024-02-09
CVE-2023-4762 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted … ALTA 2024-02-06
CVE-2022-48618 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check/time-of-use (TOCTOU) memory corruption vulnerabilit… ALTA 2024-01-31
CVE-2024-21893 Ivanti Connect Secure, Policy Secure, and Neurons Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a… ALTA 2024-01-31
CVE-2023-22527 Atlassian Confluence Data Center and Server Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can l… CRÍTICA 2024-01-24
CVE-2024-23222 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution w… ALTA 2024-01-23
CVE-2023-34048 VMware vCenter Server VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that a… CRÍTICA 2024-01-22
CVE-2023-35082 Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows un… CRÍTICA 2024-01-18
← Anterior Página 19 / 62 (1543 CVEs total) Siguiente →
[INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·