CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2023-32049 Microsoft Windows Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypa… ALTA 2023-07-11
CVE-2023-35311 Microsoft Outlook Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outl… ALTA 2023-07-11
CVE-2023-36874 Microsoft Windows Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation. ALTA 2023-07-11
CVE-2022-31199 Netwrix Auditor Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability th… CRÍTICA 2023-07-11
CVE-2021-29256 Arm Mali Graphics Processing Unit (GPU) Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root pr… ALTA 2023-07-07
CVE-2019-17621 D-Link DIR-859 Router D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allo… CRÍTICA 2023-06-29
CVE-2019-20500 D-Link DWL-2600AP Access Point D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration fun… ALTA 2023-06-29
CVE-2021-25487 Samsung Mobile Devices Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of b… ALTA 2023-06-29
CVE-2021-25489 Samsung Mobile Devices Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that result… BAJA 2023-06-29
CVE-2021-25394 Samsung Mobile Devices Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-f… MEDIA 2023-06-29
CVE-2021-25395 Samsung Mobile Devices Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-f… MEDIA 2023-06-29
CVE-2021-25371 Samsung Mobile Devices Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF librari… MEDIA 2023-06-29
CVE-2021-25372 Samsung Mobile Devices Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds… MEDIA 2023-06-29
CVE-2023-32434 Apple Multiple Products Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to exec… ALTA 2023-06-23
CVE-2023-32435 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when… ALTA 2023-06-23
CVE-2023-32439 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when pr… ALTA 2023-06-23
CVE-2023-20867 VMware Tools VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can fo… BAJA 2023-06-23
CVE-2023-27992 Zyxel Multiple Network-Attached Storage (NAS) Devices Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that… CRÍTICA 2023-06-23
CVE-2023-20887 VMware Aria Operations for Networks VMware Aria Operations for Networks (formerly vRealize Network Insight) contains a command injection vulnerability that… CRÍTICA 2023-06-22
CVE-2020-35730 Roundcube Roundcube Webmail Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows an attacker to send a plain text e-ma… MEDIA 2023-06-22
CVE-2020-12641 Roundcube Roundcube Webmail Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metac… CRÍTICA 2023-06-22
CVE-2021-44026 Roundcube Roundcube Webmail Roundcube Webmail is vulnerable to SQL injection via search or search_params. CRÍTICA 2023-06-22
CVE-2016-9079 Mozilla Firefox, Firefox ESR, and Thunderbird Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefo… ALTA 2023-06-22
CVE-2016-0165 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2023-06-22
CVE-2023-27997 Fortinet FortiOS and FortiProxy SSL-VPN Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthent… CRÍTICA 2023-06-13
← Anterior Página 24 / 62 (1543 CVEs total) Siguiente →
[INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·