CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

16
CVEs añadidos este mes
1545
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-66376 Synacor Zimbra Collaboration Suite (ZCS) ALTA 2026-03-18
CVE-2026-20963 Microsoft SharePoint ALTA 2026-03-18
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05

// top_vendors_afectados

Microsoft
15
Apple
6
Google
5
Cisco
4
Fortinet
4
Synacor
3
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2014-1761 Microsoft Word Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution. ALTA 2022-02-15
CVE-2013-3906 Microsoft Graphics Component Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution. ALTA 2022-02-15
CVE-2022-22620 Apple iOS, iPadOS, and macOS Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing… ALTA 2022-02-11
CVE-2021-36934 Microsoft Windows If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would all… ALTA 2022-02-10
CVE-2020-0796 Microsoft SMBv3 A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol … CRÍTICA 2022-02-10
CVE-2018-1000861 Jenkins Jenkins Stapler Web Framework A code execution vulnerability exists in the Stapler web framework used by Jenkins CRÍTICA 2022-02-10
CVE-2017-9791 Apache Struts 1 The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw mess… CRÍTICA 2022-02-10
CVE-2017-8464 Microsoft Windows Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary cod… ALTA 2022-02-10
CVE-2017-10271 Oracle WebLogic Server Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution. ALTA 2022-02-10
CVE-2017-0263 Microsoft Win32k Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properl… ALTA 2022-02-10
CVE-2017-0262 Microsoft Office A remote code execution vulnerability exists in Microsoft Office. ALTA 2022-02-10
CVE-2017-0145 Microsoft SMBv1 The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted p… ALTA 2022-02-10
CVE-2017-0144 Microsoft SMBv1 The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted p… ALTA 2022-02-10
CVE-2016-3088 Apache ActiveMQ The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an … CRÍTICA 2022-02-10
CVE-2015-2051 D-Link DIR-645 Router D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings acti… CRÍTICA 2022-02-10
CVE-2015-1635 Microsoft HTTP.sys Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution. CRÍTICA 2022-02-10
CVE-2015-1130 Apple OS X The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and … ALTA 2022-02-10
CVE-2014-4404 Apple OS X Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows atta… ALTA 2022-02-10
CVE-2022-21882 Microsoft Win32k Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-02-04
CVE-2022-22587 Apple iOS and macOS Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute… CRÍTICA 2022-01-28
CVE-2021-20038 SonicWall SMA 100 Appliances SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitat… CRÍTICA 2022-01-28
CVE-2020-5722 Grandstream UCM6200 Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitat… CRÍTICA 2022-01-28
CVE-2020-0787 Microsoft Windows Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links.… ALTA 2022-01-28
CVE-2017-5689 Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Intel products contain a vulnerability which can allow attackers to perform privilege escalation. CRÍTICA 2022-01-28
CVE-2014-1776 Microsoft Internet Explorer Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in … CRÍTICA 2022-01-28
← Anterior Página 48 / 62 (1545 CVEs total) Siguiente →
[INFO] CVE-2026-20963: Vulnerabilidad Crítica en Microsoft SharePoint Explotada Activamente  ·  [INFO] La OFAC sanciona a una red de trabajadores de TI de la RPDC que financia programas de armas de destrucción masiva mediante falsos ...  ·  [INFO] CVE-2025-66376: Vulnerabilidad XSS en Synacor Zimbra Collaboration Suite  ·  [INFO] El ransomware Interlock aprovecha el CVE-2026-20131 de día cero de Cisco FMC para acceder a la raíz...  ·  [INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·  [INFO] CVE-2026-20963: Vulnerabilidad Crítica en Microsoft SharePoint Explotada Activamente  ·  [INFO] La OFAC sanciona a una red de trabajadores de TI de la RPDC que financia programas de armas de destrucción masiva mediante falsos ...  ·  [INFO] CVE-2025-66376: Vulnerabilidad XSS en Synacor Zimbra Collaboration Suite  ·  [INFO] El ransomware Interlock aprovecha el CVE-2026-20131 de día cero de Cisco FMC para acceder a la raíz...  ·  [INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·