CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

13
CVEs añadidos este mes
1542
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05
CVE-2021-30952 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
15
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2021-26828 OpenPLC ScadaBR OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authentica… ALTA 2025-12-03
CVE-2025-48633 Android Framework Android Framework contains an unspecified vulnerability that allows for information disclosure. MEDIA 2025-12-02
CVE-2025-48572 Android Framework Android Framework contains an unspecified vulnerability that allows for privilege escalation. ALTA 2025-12-02
CVE-2021-26829 OpenPLC ScadaBR OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm. MEDIA 2025-11-28
CVE-2025-61757 Oracle Fusion Middleware Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticate… CRÍTICA 2025-11-21
CVE-2025-13223 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption. ALTA 2025-11-19
CVE-2025-58034 Fortinet FortiWeb Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute un… ALTA 2025-11-18
CVE-2025-64446 Fortinet FortiWeb Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execut… CRÍTICA 2025-11-14
CVE-2025-12480 Gladinet Triofox Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after… CRÍTICA 2025-11-12
CVE-2025-62215 Microsoft Windows Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges… ALTA 2025-11-12
CVE-2025-9242 WatchGuard Firebox WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthe… CRÍTICA 2025-11-12
CVE-2025-21042 Samsung Mobile Devices Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could… ALTA 2025-11-10
CVE-2025-48703 CWP Control Web Panel CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command Injection vulnerability that allows unauthenti… CRÍTICA 2025-11-04
CVE-2025-11371 Gladinet CentreStack and Triofox Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allo… ALTA 2025-11-04
CVE-2025-41244 Broadcom VMware Aria Operations and VMware Tools Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malic… ALTA 2025-10-30
CVE-2025-24893 XWiki Platform XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code exe… CRÍTICA 2025-10-30
CVE-2025-6204 Dassault Systèmes DELMIA Apriso Dassault Systèmes DELMIA Apriso contains a code injection vulnerability that could allow an attacker to execute arbitra… ALTA 2025-10-28
CVE-2025-6205 Dassault Systèmes DELMIA Apriso Dassault Systèmes DELMIA Apriso contains a missing authorization vulnerability that could allow an attacker to gain pri… CRÍTICA 2025-10-28
CVE-2025-54236 Adobe Commerce and Magento Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker … CRÍTICA 2025-10-24
CVE-2025-59287 Microsoft Windows Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows f… CRÍTICA 2025-10-24
CVE-2025-61932 Motex LANSCOPE Endpoint Manager Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability al… CRÍTICA 2025-10-22
CVE-2022-48503 Apple Multiple Products Apple macOS, iOS, tvOS, Safari, and watchOS contain an unspecified vulnerability in JavaScriptCore that when processing… ALTA 2025-10-20
CVE-2025-2746 Kentico Xperience CMS Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could all… CRÍTICA 2025-10-20
CVE-2025-2747 Kentico Xperience CMS Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could all… CRÍTICA 2025-10-20
CVE-2025-33073 Microsoft Windows Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalatio… ALTA 2025-10-20
← Anterior Página 4 / 62 (1542 CVEs total) Siguiente →
[INFO] CVE-2025-26399: Vulnerabilidad Crítica de Deserialización en SolarWinds Web Help Desk  ·  [INFO] Vulnerabilidad CVE-2026-1603 en Ivanti EPM: Bypass de Autenticación Crítico  ·  [INFO] CVE-2025-68613: Vulnerabilidad Crítica en n8n para Ejecución Remota de Código  ·  [INFO] CVE-2026-3910: Vulnerabilidad Crítica en Chromium V8 Explotada Activamente  ·  [INFO] CVE-2026-3909: Vulnerabilidad Out-of-Bounds Write en Google Skia Explotada Activamente  ·  [INFO] CVE-2025-26399: Vulnerabilidad Crítica de Deserialización en SolarWinds Web Help Desk  ·  [INFO] Vulnerabilidad CVE-2026-1603 en Ivanti EPM: Bypass de Autenticación Crítico  ·  [INFO] CVE-2025-68613: Vulnerabilidad Crítica en n8n para Ejecución Remota de Código  ·  [INFO] CVE-2026-3910: Vulnerabilidad Crítica en Chromium V8 Explotada Activamente  ·  [INFO] CVE-2026-3909: Vulnerabilidad Out-of-Bounds Write en Google Skia Explotada Activamente  ·