CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

1
CVEs añadidos este mes
1587
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-31431 Linux Kernel ALTA 2026-05-01

// top_vendors_afectados

Microsoft
19
Cisco
7
Apple
7
Synacor
4
Google
4
Fortinet
3
Ivanti
3
SolarWinds
3
SmarterTools
3
Linux
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2022-30525 Zyxel Multiple Firewalls A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify … CRÍTICA 2022-05-16
CVE-2022-22947 VMware Spring Cloud Gateway Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabl… CRÍTICA 2022-05-16
CVE-2022-1388 F5 BIG-IP F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code executio… CRÍTICA 2022-05-10
CVE-2021-1789 Apple Multiple Products A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading … ALTA 2022-05-04
CVE-2019-8506 Apple Multiple Products A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading … ALTA 2022-05-04
CVE-2014-4113 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-05-04
CVE-2014-0322 Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code. ALTA 2022-05-04
CVE-2014-0160 OpenSSL OpenSSL The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote att… ALTA 2022-05-04
CVE-2022-29464 WSO2 Multiple Products Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution. CRÍTICA 2022-04-25
CVE-2022-26904 Microsoft Windows Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2022-21919 Microsoft Windows Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2022-0847 Linux Kernel Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their pr… ALTA 2022-04-25
CVE-2021-41357 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2021-40450 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-04-25
CVE-2019-1003029 Jenkins Script Security Plugin Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox. CRÍTICA 2022-04-25
CVE-2018-6882 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attacker… MEDIA 2022-04-19
CVE-2019-3568 Meta Platforms WhatsApp A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RT… CRÍTICA 2022-04-19
CVE-2022-22718 Microsoft Windows Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation. ALTA 2022-04-19
CVE-2022-22960 VMware Multiple Products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due … ALTA 2022-04-15
CVE-2022-1364 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2022-04-15
CVE-2019-3929 Crestron Multiple Products Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unaut… CRÍTICA 2022-04-15
CVE-2019-16057 D-Link DNS-320 Storage Device The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution. CRÍTICA 2022-04-15
CVE-2018-7841 Schneider Electric U.motion Builder A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an imp… CRÍTICA 2022-04-15
CVE-2016-4523 Trihedral VTScada (formerly VTS) The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS). ALTA 2022-04-15
CVE-2014-0780 InduSoft Web Studio InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read admin… CRÍTICA 2022-04-15
← Anterior Página 38 / 64 (1587 CVEs total) Siguiente →
[INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·  [INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·