CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

13
CVEs añadidos este mes
1542
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05
CVE-2021-30952 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
15
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2026-20700 Apple Multiple Products Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memo… 2026-02-12
CVE-2024-43468 Microsoft Configuration Manager Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this… 2026-02-12
CVE-2025-15556 Notepad++ Notepad++ Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could a… 2026-02-12
CVE-2025-40536 SolarWinds Web Help Desk SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker … 2026-02-12
CVE-2026-21513 Microsoft Windows Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attac… 2026-02-10
CVE-2026-21525 Microsoft Windows Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized… 2026-02-10
CVE-2026-21510 Microsoft Windows Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker… 2026-02-10
CVE-2026-21533 Microsoft Windows Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an a… 2026-02-10
CVE-2026-21519 Microsoft Windows Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to el… 2026-02-10
CVE-2026-21514 Microsoft Office Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an … 2026-02-10
CVE-2025-11953 React Native Community CLI React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network att… 2026-02-05
CVE-2026-24423 SmarterTools SmarterMail SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API … 2026-02-05
CVE-2021-39935 GitLab Community and Enterprise Editions GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthor… 2026-02-03
CVE-2025-64328 Sangoma FreePBX Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authenticat… 2026-02-03
CVE-2019-19006 Sangoma FreePBX Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass … 2026-02-03
CVE-2025-40551 SolarWinds Web Help Desk SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code exec… 2026-02-03
CVE-2026-1281 Ivanti Endpoint Manager Mobile (EPMM) Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve una… 2026-01-29
CVE-2026-24858 Fortinet Multiple Products Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path … 2026-01-27
CVE-2018-14634 Linux Kernal Linux Kernel contains an integer overflow vulnerability in the create_elf_tables() function which could allow an unpriv… 2026-01-26
CVE-2025-52691 SmarterTools SmarterMail SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an … 2026-01-26
CVE-2026-23760 SmarterTools SmarterMail SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the pass… 2026-01-26
CVE-2026-24061 GNU InetUtils GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass… 2026-01-26
CVE-2026-21509 Microsoft Office Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security d… 2026-01-26
CVE-2024-37079 Broadcom VMware vCenter Server Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protoc… 2026-01-23
CVE-2025-68645 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a PHP remote file inclusion vulnerability that could allow for remote… 2026-01-22
← Anterior Página 2 / 62 (1542 CVEs total) Siguiente →
[INFO] Las fallas de los agentes de IA de OpenClaw podrían permitir la inyección rápida y la exfiltración de datos...  ·  [INFO] El ataque a la cadena de suministro de GlassWorm abusa de 72 extensiones abiertas de VSX para atacar a los desarrolladores...  ·  [INFO] Meta cerrará el soporte de chat cifrado de extremo a extremo de Instagram a partir de mayo de 2026...  ·  [INFO] Los piratas informáticos chinos atacan a los militares del sudeste asiático con el malware AppleChris y MemFun...  ·  [INFO] INTERPOL desmantela 45.000 direcciones IP maliciosas y detiene a 94 en relación con la ciberdelincuencia mundial...  ·  [INFO] Las fallas de los agentes de IA de OpenClaw podrían permitir la inyección rápida y la exfiltración de datos...  ·  [INFO] El ataque a la cadena de suministro de GlassWorm abusa de 72 extensiones abiertas de VSX para atacar a los desarrolladores...  ·  [INFO] Meta cerrará el soporte de chat cifrado de extremo a extremo de Instagram a partir de mayo de 2026...  ·  [INFO] Los piratas informáticos chinos atacan a los militares del sudeste asiático con el malware AppleChris y MemFun...  ·  [INFO] INTERPOL desmantela 45.000 direcciones IP maliciosas y detiene a 94 en relación con la ciberdelincuencia mundial...  ·