CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2020-2509 QNAP QNAP Network-Attached Storage (NAS) QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution. CRÍTICA 2022-04-11
CVE-2017-11317 Telerik User Interface (UI) for ASP.NET AJAX Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or exe… CRÍTICA 2022-04-11
CVE-2021-3156 Sudo Sudo Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalatio… ALTA 2022-04-06
CVE-2021-31166 Microsoft HTTP Protocol Stack Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution. CRÍTICA 2022-04-06
CVE-2017-0148 Microsoft SMBv1 server The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets. ALTA 2022-04-06
CVE-2022-22965 VMware Spring Framework Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data bi… CRÍTICA 2022-04-04
CVE-2022-22675 Apple macOS macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code … ALTA 2022-04-04
CVE-2022-22674 Apple macOS macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory. MEDIA 2022-04-04
CVE-2021-45382 D-Link Multiple Routers A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary f… CRÍTICA 2022-04-04
CVE-2022-26871 Trend Micro Apex Central An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution. CRÍTICA 2022-03-31
CVE-2022-1040 Sophos Firewall An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution. CRÍTICA 2022-03-31
CVE-2021-34484 Microsoft Windows Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-03-31
CVE-2021-28799 QNAP Network Attached Storage (NAS) QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a… CRÍTICA 2022-03-31
CVE-2021-21551 Dell dbutil Driver Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, de… ALTA 2022-03-31
CVE-2018-10562 Dasan Gigabit Passive Optical Network (GPON) Routers Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can … CRÍTICA 2022-03-31
CVE-2018-10561 Dasan Gigabit Passive Optical Network (GPON) Routers Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can … CRÍTICA 2022-03-31
CVE-2022-1096 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2022-03-28
CVE-2022-0543 Redis Debian-specific Redis Servers Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. CRÍTICA 2022-03-28
CVE-2021-38646 Microsoft Office Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execu… ALTA 2022-03-28
CVE-2021-34486 Microsoft Windows Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation. ALTA 2022-03-28
CVE-2021-26085 Atlassian Confluence Server Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authoriz… MEDIA 2022-03-28
CVE-2021-20028 SonicWall Secure Remote Access (SRA) SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL inject… CRÍTICA 2022-03-28
CVE-2019-7483 SonicWall SMA100 In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user … ALTA 2022-03-28
CVE-2018-8440 Microsoft Windows An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (… ALTA 2022-03-28
CVE-2018-8406 Microsoft DirectX Graphics Kernel (DXGKRNL) An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles obj… ALTA 2022-03-28
← Anterior Página 38 / 62 (1543 CVEs total) Siguiente →
[INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·  [INFO] Apple corrige la vulnerabilidad de WebKit que permite eludir políticas del mismo origen en iOS y macOS...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·  [INFO] Apple corrige la vulnerabilidad de WebKit que permite eludir políticas del mismo origen en iOS y macOS...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·