CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2023-21608 Adobe Acrobat and Reader Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the c… ALTA 2023-10-10
CVE-2023-20109 Cisco IOS and IOS XE Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) featur… MEDIA 2023-10-10
CVE-2023-41763 Microsoft Skype for Business Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation. MEDIA 2023-10-10
CVE-2023-36563 Microsoft WordPad Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure. MEDIA 2023-10-10
CVE-2023-44487 IETF HTTP/2 HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). ALTA 2023-10-10
CVE-2023-22515 Atlassian Confluence Data Center and Server Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to c… CRÍTICA 2023-10-05
CVE-2023-40044 Progress WS_FTP Server Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that al… CRÍTICA 2023-10-05
CVE-2023-42824 Apple iOS and iPadOS Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation. ALTA 2023-10-05
CVE-2023-42793 JetBrains TeamCity JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Se… CRÍTICA 2023-10-04
CVE-2023-28229 Microsoft Windows CNG Key Isolation Service Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that … ALTA 2023-10-04
CVE-2023-4211 Arm Mali GPU Kernel Driver Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make imp… MEDIA 2023-10-03
CVE-2023-5217 Google Chromium libvpx Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to p… ALTA 2023-10-02
CVE-2018-14667 Red Hat JBoss RichFaces Framework Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource… CRÍTICA 2023-09-28
CVE-2023-41991 Apple Multiple Products Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicio… MEDIA 2023-09-25
CVE-2023-41992 Apple Multiple Products Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation. ALTA 2023-09-25
CVE-2023-41993 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when proc… ALTA 2023-09-25
CVE-2023-41179 Trend Micro Apex One and Worry-Free Business Security Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-viru… ALTA 2023-09-21
CVE-2023-28434 MinIO MinIO MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metada… ALTA 2023-09-19
CVE-2022-22265 Samsung Mobile Devices Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write… MEDIA 2023-09-18
CVE-2014-8361 Realtek SDK Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attacker… CRÍTICA 2023-09-18
CVE-2017-6884 Zyxel EMG2926 Routers Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nsloo… ALTA 2023-09-18
CVE-2021-3129 Laravel Ignition Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious… CRÍTICA 2023-09-18
CVE-2023-26369 Adobe Acrobat and Reader Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution. ALTA 2023-09-14
CVE-2023-35674 Android Framework Android Framework contains an unspecified vulnerability that allows for privilege escalation. ALTA 2023-09-13
CVE-2023-20269 Cisco Adaptive Security Appliance and Firepower Threat Defense Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could … MEDIA 2023-09-13
← Anterior Página 22 / 62 (1543 CVEs total) Siguiente →
[INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·