CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2019-8720 WebKitGTK WebKitGTK WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution. ALTA 2022-05-23
CVE-2019-18426 Meta Platforms WhatsApp A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file rea… ALTA 2022-05-23
CVE-2019-1385 Microsoft Windows A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege m… ALTA 2022-05-23
CVE-2019-1130 Microsoft Windows A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard link… ALTA 2022-05-23
CVE-2018-5002 Adobe Flash Player Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution. ALTA 2022-05-23
CVE-2018-8589 Microsoft Win32k A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who succes… ALTA 2022-05-23
CVE-2022-30525 Zyxel Multiple Firewalls A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify … CRÍTICA 2022-05-16
CVE-2022-22947 VMware Spring Cloud Gateway Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabl… CRÍTICA 2022-05-16
CVE-2022-1388 F5 BIG-IP F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code executio… CRÍTICA 2022-05-10
CVE-2021-1789 Apple Multiple Products A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading … ALTA 2022-05-04
CVE-2019-8506 Apple Multiple Products A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading … ALTA 2022-05-04
CVE-2014-4113 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-05-04
CVE-2014-0322 Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code. ALTA 2022-05-04
CVE-2014-0160 OpenSSL OpenSSL The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote att… ALTA 2022-05-04
CVE-2022-29464 WSO2 Multiple Products Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution. CRÍTICA 2022-04-25
CVE-2022-26904 Microsoft Windows Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2022-21919 Microsoft Windows Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2022-0847 Linux Kernel Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their pr… ALTA 2022-04-25
CVE-2021-41357 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2021-40450 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2019-1003029 Jenkins Script Security Plugin Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox. CRÍTICA 2022-04-25
CVE-2018-6882 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attacker… MEDIA 2022-04-19
CVE-2019-3568 Meta Platforms WhatsApp A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RT… CRÍTICA 2022-04-19
CVE-2022-22718 Microsoft Windows Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation. ALTA 2022-04-19
CVE-2022-22960 VMware Multiple Products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due … ALTA 2022-04-15
← Anterior Página 36 / 62 (1543 CVEs total) Siguiente →
[INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·