CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2023-3079 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2023-06-07
CVE-2023-33009 Zyxel Multiple Firewalls Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerabilit… CRÍTICA 2023-06-05
CVE-2023-33010 Zyxel Multiple Firewalls Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerabilit… CRÍTICA 2023-06-05
CVE-2023-34362 Progress MOVEit Transfer Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain un… CRÍTICA 2023-06-02
CVE-2023-28771 Zyxel Multiple Firewalls Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unaut… CRÍTICA 2023-05-31
CVE-2023-2868 Barracuda Networks Email Security Gateway (ESG) Appliance Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied… CRÍTICA 2023-05-26
CVE-2023-32409 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote… ALTA 2023-05-22
CVE-2023-28204 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclos… MEDIA 2023-05-22
CVE-2023-32373 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code ex… ALTA 2023-05-22
CVE-2004-1464 Cisco IOS Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secu… MEDIA 2023-05-19
CVE-2016-6415 Cisco IOS, IOS XR, and IOS XE Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key E… ALTA 2023-05-19
CVE-2023-21492 Samsung Mobile Devices Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulne… MEDIA 2023-05-19
CVE-2023-25717 Ruckus Wireless Multiple Products Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the … CRÍTICA 2023-05-12
CVE-2021-3560 Red Hat Polkit Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus r… ALTA 2023-05-12
CVE-2014-0196 Linux Kernel Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a… MEDIA 2023-05-12
CVE-2010-3904 Linux Kernel Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implem… ALTA 2023-05-12
CVE-2015-5317 Jenkins Jenkins User Interface (UI) Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs… ALTA 2023-05-12
CVE-2016-3427 Oracle Java SE and JRockit Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality… CRÍTICA 2023-05-12
CVE-2016-8735 Apache Tomcat Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener… CRÍTICA 2023-05-12
CVE-2023-29336 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges. ALTA 2023-05-09
CVE-2023-1389 TP-Link Archer AX21 TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution. ALTA 2023-05-01
CVE-2021-45046 Apache Log4j2 Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, w… CRÍTICA 2023-05-01
CVE-2023-21839 Oracle WebLogic Server Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network acces… ALTA 2023-05-01
CVE-2023-28432 MinIO MinIO MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for … ALTA 2023-04-21
CVE-2023-27350 PaperCut MF/NG PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentica… CRÍTICA 2023-04-21
← Anterior Página 25 / 62 (1543 CVEs total) Siguiente →
[INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·