CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

13
CVEs añadidos este mes
1542
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05
CVE-2021-30952 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
15
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-61884 Oracle E-Business Suite Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle … ALTA 2025-10-20
CVE-2025-54253 Adobe Experience Manager (AEM) Forms Adobe Experience Manager Forms in JEE contains an unspecified vulnerability that allows for arbitrary code execution. CRÍTICA 2025-10-15
CVE-2025-47827 IGEL IGEL OS IGEL OS contains a use of a key past its expiration date vulnerability that allows for Secure Boot bypass. The igel-fla… MEDIA 2025-10-14
CVE-2025-24990 Microsoft Windows Microsoft Windows Agere Modem Driver contains an untrusted pointer dereference vulnerability that allows for privilege … ALTA 2025-10-14
CVE-2025-59230 Microsoft Windows Microsoft Windows contains an improper access control vulnerability in Windows Remote Access Connection Manager which c… ALTA 2025-10-14
CVE-2016-7836 SKYSEA Client View SKYSEA Client View contains an improper authentication vulnerability that allows remote code execution via a flaw in pr… CRÍTICA 2025-10-14
CVE-2021-43798 Grafana Labs Grafana Grafana contains a path traversal vulnerability that could allow access to local files. ALTA 2025-10-09
CVE-2025-27915 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that exists in the Classic Web C… MEDIA 2025-10-07
CVE-2021-22555 Linux Kernel Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause… ALTA 2025-10-06
CVE-2010-3962 Microsoft Internet Explorer Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code … ALTA 2025-10-06
CVE-2021-43226 Microsoft Windows Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local,… ALTA 2025-10-06
CVE-2013-3918 Microsoft Windows Microsoft Windows contains an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX contro… ALTA 2025-10-06
CVE-2011-3402 Microsoft Windows Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the… ALTA 2025-10-06
CVE-2010-3765 Mozilla Multiple Products Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allow… CRÍTICA 2025-10-06
CVE-2025-61882 Oracle E-Business Suite Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerabil… CRÍTICA 2025-10-06
CVE-2014-6278 GNU GNU Bash GNU Bash contains an OS command injection vulnerability which allows remote attackers to execute arbitrary commands via… ALTA 2025-10-02
CVE-2017-1000353 Jenkins Jenkins Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a s… CRÍTICA 2025-10-02
CVE-2015-7755 Juniper ScreenOS Juniper ScreenOS contains an improper authentication vulnerability that could allow unauthorized remote administrative … CRÍTICA 2025-10-02
CVE-2025-21043 Samsung Mobile Devices Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attac… ALTA 2025-10-02
CVE-2025-4008 Smartbedded Meteobridge Smartbedded Meteobridge contains a command injection vulnerability that could allow remote unauthenticated attackers to… ALTA 2025-10-02
CVE-2025-32463 Sudo Sudo Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow… CRÍTICA 2025-09-29
CVE-2025-59689 Libraesva Email Security Gateway Libraesva Email Security Gateway (ESG) contains a command injection vulnerability which allows command injection via a … MEDIA 2025-09-29
CVE-2025-10035 Fortra GoAnywhere MFT Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged … CRÍTICA 2025-09-29
CVE-2025-20352 Cisco IOS and IOS XE Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SN… ALTA 2025-09-29
CVE-2021-21311 Adminer Adminer Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain p… ALTA 2025-09-29
← Anterior Página 5 / 62 (1542 CVEs total) Siguiente →
[INFO] Android 17 bloquea las aplicaciones que no son de accesibilidad de la API de accesibilidad para evitar el abuso de malware...  ·  [INFO] CVE-2025-26399: Vulnerabilidad Crítica de Deserialización en SolarWinds Web Help Desk  ·  [INFO] Vulnerabilidad CVE-2026-1603 en Ivanti EPM: Bypass de Autenticación Crítico  ·  [INFO] CVE-2025-68613: Vulnerabilidad Crítica en n8n para Ejecución Remota de Código  ·  [INFO] CVE-2026-3910: Vulnerabilidad Crítica en Chromium V8 Explotada Activamente  ·  [INFO] Android 17 bloquea las aplicaciones que no son de accesibilidad de la API de accesibilidad para evitar el abuso de malware...  ·  [INFO] CVE-2025-26399: Vulnerabilidad Crítica de Deserialización en SolarWinds Web Help Desk  ·  [INFO] Vulnerabilidad CVE-2026-1603 en Ivanti EPM: Bypass de Autenticación Crítico  ·  [INFO] CVE-2025-68613: Vulnerabilidad Crítica en n8n para Ejecución Remota de Código  ·  [INFO] CVE-2026-3910: Vulnerabilidad Crítica en Chromium V8 Explotada Activamente  ·