CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2023-42916 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive inf… MEDIA 2023-12-04
CVE-2023-6345 Google Chromium Skia Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the … CRÍTICA 2023-11-30
CVE-2023-49103 ownCloud ownCloud graphapi ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() v… CRÍTICA 2023-11-30
CVE-2023-4911 GNU GNU C Library GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES enviro… ALTA 2023-11-21
CVE-2023-36584 Microsoft Windows Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss o… MEDIA 2023-11-16
CVE-2023-1671 Sophos Web Appliance Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code… CRÍTICA 2023-11-16
CVE-2020-2551 Oracle Fusion Middleware Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticate… CRÍTICA 2023-11-16
CVE-2023-36033 Microsoft Windows Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privi… ALTA 2023-11-14
CVE-2023-36025 Microsoft Windows Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass W… ALTA 2023-11-14
CVE-2023-36036 Microsoft Windows Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an atta… ALTA 2023-11-14
CVE-2023-47246 SysAid SysAid Server SysAid Server (on-premises version) contains a path traversal vulnerability that leads to code execution. CRÍTICA 2023-11-13
CVE-2023-36844 Juniper Junos OS Juniper Junos OS on EX Series contains a PHP external variable modification vulnerability that allows an unauthenticate… MEDIA 2023-11-13
CVE-2023-36845 Juniper Junos OS Juniper Junos OS on EX Series and SRX Series contains a PHP external variable modification vulnerability that allows an… CRÍTICA 2023-11-13
CVE-2023-36846 Juniper Junos OS Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an una… MEDIA 2023-11-13
CVE-2023-36847 Juniper Junos OS Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unau… MEDIA 2023-11-13
CVE-2023-36851 Juniper Junos OS Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an una… MEDIA 2023-11-13
CVE-2023-29552 IETF Service Location Protocol (SLP) The Service Location Protocol (SLP) contains a denial-of-service (DoS) vulnerability that could allow an unauthenticate… ALTA 2023-11-08
CVE-2023-22518 Atlassian Confluence Data Center and Server Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in signific… CRÍTICA 2023-11-07
CVE-2023-46604 Apache ActiveMQ Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with networ… CRÍTICA 2023-11-02
CVE-2023-46748 F5 BIG-IP Configuration Utility F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with n… ALTA 2023-10-31
CVE-2023-46747 F5 BIG-IP Configuration Utility F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due … CRÍTICA 2023-10-31
CVE-2023-5631 Roundcube Webmail Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run m… MEDIA 2023-10-26
CVE-2023-20273 Cisco Cisco IOS XE Web UI Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, th… ALTA 2023-10-23
CVE-2023-4966 Citrix NetScaler ADC and NetScaler Gateway Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive informatio… CRÍTICA 2023-10-18
CVE-2023-20198 Cisco IOS XE Web UI Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, … CRÍTICA 2023-10-16
← Anterior Página 21 / 62 (1543 CVEs total) Siguiente →
[INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·