CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2023-2136 Google Chromium Skia Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the … CRÍTICA 2023-04-21
CVE-2017-6742 Cisco IOS and IOS XE Software The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could all… ALTA 2023-04-19
CVE-2019-8526 Apple macOS Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation. ALTA 2023-04-17
CVE-2023-2033 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2023-04-17
CVE-2023-20963 Android Framework Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a… ALTA 2023-04-13
CVE-2023-29492 Novi Survey Novi Survey Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the serv… CRÍTICA 2023-04-13
CVE-2023-28252 Microsoft Windows Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege … ALTA 2023-04-11
CVE-2023-28205 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when pr… ALTA 2023-04-10
CVE-2023-28206 Apple iOS, iPadOS, and macOS Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to ex… ALTA 2023-04-10
CVE-2021-27876 Veritas Backup Exec Agent Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft inp… ALTA 2023-04-07
CVE-2021-27877 Veritas Backup Exec Agent Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthori… ALTA 2023-04-07
CVE-2021-27878 Veritas Backup Exec Agent Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data ma… ALTA 2023-04-07
CVE-2019-1388 Microsoft Windows Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes… ALTA 2023-04-07
CVE-2023-26083 Arm Mali Graphics Processing Unit (GPU) Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make v… BAJA 2023-04-07
CVE-2022-27926 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to a… MEDIA 2023-04-03
CVE-2013-3163 Microsoft Internet Explorer Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or … ALTA 2023-03-30
CVE-2017-7494 Samba Samba Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writa… CRÍTICA 2023-03-30
CVE-2022-42948 Fortra Cobalt Strike Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote co… CRÍTICA 2023-03-30
CVE-2022-39197 Fortra Cobalt Strike Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to … MEDIA 2023-03-30
CVE-2021-30900 Apple iOS, iPadOS, and macOS Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a ma… ALTA 2023-03-30
CVE-2022-38181 Arm Mali Graphics Processing Unit (GPU) Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root pr… ALTA 2023-03-30
CVE-2023-0266 Linux Kernel Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the… ALTA 2023-03-30
CVE-2022-3038 Google Chromium Network Service Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially ex… ALTA 2023-03-30
CVE-2022-22706 Arm Mali Graphics Processing Unit (GPU) Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write acc… ALTA 2023-03-30
CVE-2023-26360 Adobe ColdFusion Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution. ALTA 2023-03-15
← Anterior Página 26 / 62 (1543 CVEs total) Siguiente →
[INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·