CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2017-8543 Microsoft Windows Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects… CRÍTICA 2022-05-24
CVE-2017-18362 Kaseya Virtual System/Server Administrator (VSA) ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full d… CRÍTICA 2022-05-24
CVE-2016-0162 Microsoft Internet Explorer An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerab… MEDIA 2022-05-24
CVE-2016-3351 Microsoft Internet Explorer and Edge An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle o… MEDIA 2022-05-24
CVE-2016-4655 Apple iOS The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application. MEDIA 2022-05-24
CVE-2016-4656 Apple iOS A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause… ALTA 2022-05-24
CVE-2016-4657 Apple iOS Apple iOS WebKit contains a memory corruption vulnerability that allows attackers to execute remote code or cause a den… ALTA 2022-05-24
CVE-2016-6366 Cisco Adaptive Security Appliance (ASA) A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow… ALTA 2022-05-24
CVE-2016-6367 Cisco Adaptive Security Appliance (ASA) A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local at… ALTA 2022-05-24
CVE-2016-3298 Microsoft Internet Explorer An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in … MEDIA 2022-05-24
CVE-2022-20821 Cisco IOS XR Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis i… MEDIA 2022-05-23
CVE-2021-1048 Android Kernel Android kernel contains a use-after-free vulnerability that allows for privilege escalation. ALTA 2022-05-23
CVE-2021-0920 Android Kernel Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for p… MEDIA 2022-05-23
CVE-2021-30883 Apple Multiple Products Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for remote code executio… ALTA 2022-05-23
CVE-2020-1027 Microsoft Windows An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacke… ALTA 2022-05-23
CVE-2020-0638 Microsoft Update Notification Manager Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-05-23
CVE-2019-7286 Apple Multiple Products Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation. ALTA 2022-05-23
CVE-2019-7287 Apple iOS Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution. ALTA 2022-05-23
CVE-2019-0676 Microsoft Internet Explorer An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker… MEDIA 2022-05-23
CVE-2019-5786 Google Chrome Blink Google Chrome Blink contains a heap use-after-free vulnerability that allows an attacker to potentially perform out of … MEDIA 2022-05-23
CVE-2019-0703 Microsoft Windows An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which c… MEDIA 2022-05-23
CVE-2019-0880 Microsoft Windows A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successf… ALTA 2022-05-23
CVE-2019-13720 Google Chrome WebAudio Google Chrome WebAudio contains a use-after-free vulnerability that allows a remote attacker to potentially exploit hea… ALTA 2022-05-23
CVE-2019-11707 Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript obje… ALTA 2022-05-23
CVE-2019-11708 Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution. CRÍTICA 2022-05-23
← Anterior Página 35 / 62 (1543 CVEs total) Siguiente →
[INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·