CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

1
CVEs añadidos este mes
1587
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-31431 Linux Kernel ALTA 2026-05-01

// top_vendors_afectados

Microsoft
19
Cisco
7
Apple
7
Synacor
4
Google
4
Fortinet
3
Ivanti
3
SolarWinds
3
SmarterTools
3
Linux
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2025-8110 Gogs Gogs Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that coul… ALTA 2026-01-12
CVE-2009-0556 Microsoft Office Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary c… ALTA 2026-01-07
CVE-2025-37164 Hewlett Packard Enterprise (HPE) OneView Hewlett Packard Enterprise (HPE) OneView contains a code injection vulnerability that allows a remote unauthenticated u… CRÍTICA 2026-01-07
CVE-2025-14847 MongoDB MongoDB and MongoDB Server MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protoco… ALTA 2025-12-29
CVE-2023-52163 Digiever DS-2105 Pro Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via time_tz… ALTA 2025-12-22
CVE-2025-14733 WatchGuard Firebox WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerab… CRÍTICA 2025-12-19
CVE-2025-59374 ASUS Live Update ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modificati… CRÍTICA 2025-12-17
CVE-2025-40602 SonicWall SMA1000 appliance SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance ma… MEDIA 2025-12-17
CVE-2025-20393 Cisco Multiple Products Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input valid… CRÍTICA 2025-12-17
CVE-2025-59718 Fortinet Multiple Products Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signatu… CRÍTICA 2025-12-16
CVE-2025-14611 Gladinet CentreStack and Triofox Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the A… CRÍTICA 2025-12-15
CVE-2025-43529 Apple Multiple Products Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing malicio… ALTA 2025-12-15
CVE-2018-4063 Sierra Wireless AirLink ALEOS Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially cr… ALTA 2025-12-12
CVE-2025-14174 Google Chromium Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to pe… ALTA 2025-12-12
CVE-2025-58360 OSGeo GeoServer OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the ap… ALTA 2025-12-11
CVE-2025-6218 RARLAB WinRAR RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the curren… ALTA 2025-12-09
CVE-2025-62221 Microsoft Windows Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized a… ALTA 2025-12-09
CVE-2022-37055 D-Link Routers D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and avail… CRÍTICA 2025-12-08
CVE-2025-66644 Array Networks ArrayOS AG Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitr… ALTA 2025-12-08
CVE-2025-55182 Meta React Server Components Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote cod… CRÍTICA 2025-12-05
CVE-2021-26828 OpenPLC ScadaBR OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authentica… ALTA 2025-12-03
CVE-2025-48633 Android Framework Android Framework contains an unspecified vulnerability that allows for information disclosure. MEDIA 2025-12-02
CVE-2025-48572 Android Framework Android Framework contains an unspecified vulnerability that allows for privilege escalation. ALTA 2025-12-02
CVE-2021-26829 OpenPLC ScadaBR OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm. MEDIA 2025-11-28
CVE-2025-61757 Oracle Fusion Middleware Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticate… CRÍTICA 2025-11-21
← Anterior Página 5 / 64 (1587 CVEs total) Siguiente →
[INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·  [INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·