CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2023-4863 Google Chromium WebP Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an ou… ALTA 2023-09-13
CVE-2023-36761 Microsoft Word Microsoft Word contains an unspecified vulnerability that allows for information disclosure. MEDIA 2023-09-12
CVE-2023-36802 Microsoft Streaming Service Proxy Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation. ALTA 2023-09-12
CVE-2023-41064 Apple iOS, iPadOS, and macOS Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted i… ALTA 2023-09-11
CVE-2023-41061 Apple iOS, iPadOS, and watchOS Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which… ALTA 2023-09-11
CVE-2023-33246 Apache RocketMQ Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and la… CRÍTICA 2023-09-06
CVE-2023-38831 RARLAB WinRAR RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to vie… ALTA 2023-08-24
CVE-2023-32315 Ignite Realtime Openfire Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access rest… ALTA 2023-08-24
CVE-2023-38035 Ivanti Sentry Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an a… CRÍTICA 2023-08-22
CVE-2023-27532 Veeam Backup & Replication Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerabilit… ALTA 2023-08-22
CVE-2023-26359 Adobe ColdFusion Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the … CRÍTICA 2023-08-21
CVE-2023-24489 Citrix Content Collaboration Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated atta… CRÍTICA 2023-08-16
CVE-2023-38180 Microsoft .NET Core and Visual Studio Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS). ALTA 2023-08-09
CVE-2017-18368 Zyxel P660HN-T1A Routers Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which … CRÍTICA 2023-08-07
CVE-2023-35081 Ivanti Endpoint Manager Mobile (EPMM) Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrat… ALTA 2023-07-31
CVE-2023-37580 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability impacting the confidentiality an… MEDIA 2023-07-27
CVE-2023-38606 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive … MEDIA 2023-07-26
CVE-2023-35078 Ivanti Endpoint Manager Mobile (EPMM) Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerabili… CRÍTICA 2023-07-25
CVE-2023-29298 Adobe ColdFusion Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass. ALTA 2023-07-20
CVE-2023-38205 Adobe ColdFusion Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass. ALTA 2023-07-20
CVE-2023-3519 Citrix NetScaler ADC and NetScaler Gateway Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remo… CRÍTICA 2023-07-19
CVE-2023-36884 Microsoft Windows Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (M… ALTA 2023-07-17
CVE-2022-29303 SolarView Compact SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send tes… CRÍTICA 2023-07-13
CVE-2023-37450 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when proc… ALTA 2023-07-13
CVE-2023-32046 Microsoft Windows Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation. ALTA 2023-07-11
← Anterior Página 23 / 62 (1543 CVEs total) Siguiente →
[INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·