CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2022-41080 Microsoft Exchange Server Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerabilit… ALTA 2023-01-10
CVE-2023-21674 Microsoft Windows Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege … ALTA 2023-01-10
CVE-2018-5430 TIBCO JasperReports TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the conte… ALTA 2022-12-29
CVE-2018-18809 TIBCO JasperReports TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access cont… MEDIA 2022-12-29
CVE-2022-42856 Apple iOS Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execu… ALTA 2022-12-14
CVE-2022-42475 Fortinet FortiOS Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an una… CRÍTICA 2022-12-13
CVE-2022-44698 Microsoft Defender Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade M… MEDIA 2022-12-13
CVE-2022-27518 Citrix Application Delivery Controller (ADC) and Gateway Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an… CRÍTICA 2022-12-13
CVE-2022-26500 Veeam Backup & Replication The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal … ALTA 2022-12-13
CVE-2022-26501 Veeam Backup & Replication The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal … CRÍTICA 2022-12-13
CVE-2022-4262 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2022-12-05
CVE-2021-35587 Oracle Fusion Middleware Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the… CRÍTICA 2022-11-28
CVE-2022-4135 Google Chromium GPU Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised th… CRÍTICA 2022-11-28
CVE-2022-41049 Microsoft Windows Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss o… MEDIA 2022-11-14
CVE-2022-41091 Microsoft Windows Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss o… MEDIA 2022-11-08
CVE-2022-41073 Microsoft Windows Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level priv… ALTA 2022-11-08
CVE-2022-41125 Microsoft Windows Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that … ALTA 2022-11-08
CVE-2022-41128 Microsoft Windows Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code… ALTA 2022-11-08
CVE-2021-25337 Samsung Mobile Devices Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted app… MEDIA 2022-11-08
CVE-2021-25369 Samsung Mobile Devices Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation o… MEDIA 2022-11-08
CVE-2021-25370 Samsung Mobile Devices Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This … MEDIA 2022-11-08
CVE-2022-3723 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2022-10-28
CVE-2022-42827 Apple iOS and iPadOS Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code… ALTA 2022-10-25
CVE-2020-3433 Cisco AnyConnect Secure Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient va… ALTA 2022-10-24
CVE-2020-3153 Cisco AnyConnect Secure Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with … MEDIA 2022-10-24
← Anterior Página 28 / 62 (1543 CVEs total) Siguiente →
[INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·