CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

16
CVEs añadidos este mes
1545
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-66376 Synacor Zimbra Collaboration Suite (ZCS) ALTA 2026-03-18
CVE-2026-20963 Microsoft SharePoint ALTA 2026-03-18
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05

// top_vendors_afectados

Microsoft
15
Apple
6
Google
5
Cisco
4
Fortinet
4
Synacor
3
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2019-9670 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in… CRÍTICA 2022-01-10
CVE-2018-13382 Fortinet FortiOS and FortiProxy An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthent… CRÍTICA 2022-01-10
CVE-2018-13383 Fortinet FortiOS and FortiProxy A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in u… MEDIA 2022-01-10
CVE-2019-1579 Palo Alto Networks PAN-OS Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled. ALTA 2022-01-10
CVE-2019-10149 Exim Mail Transfer Agent (MTA) Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command exe… CRÍTICA 2022-01-10
CVE-2015-7450 IBM WebSphere Application Server and Server Hypervisor Edition Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and… CRÍTICA 2022-01-10
CVE-2017-1000486 Primetek Primefaces Application Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution CRÍTICA 2022-01-10
CVE-2019-7609 Elastic Kibana Kibana contain an arbitrary code execution flaw in the Timelion visualizer. CRÍTICA 2022-01-10
CVE-2021-27860 FatPipe WARP, IPVPN, and MPVPN software A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthentic… CRÍTICA 2022-01-10
CVE-2021-43890 Microsoft Windows Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integri… ALTA 2021-12-15
CVE-2021-4102 Google Chromium V8 Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit … ALTA 2021-12-15
CVE-2021-44515 Zoho Desktop Central Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary … CRÍTICA 2021-12-10
CVE-2019-13272 Linux Kernel Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local us… ALTA 2021-12-10
CVE-2021-35394 Realtek Jungle Software Development Kit (SDK) RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote co… CRÍTICA 2021-12-10
CVE-2019-7238 Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for … CRÍTICA 2021-12-10
CVE-2019-0193 Apache Solr The optional Apache Solr module DataImportHandler contains a code injection vulnerability. ALTA 2021-12-10
CVE-2021-44168 Fortinet FortiOS Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrari… BAJA 2021-12-10
CVE-2017-17562 Embedthis GoAhead Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. ALTA 2021-12-10
CVE-2017-12149 Red Hat JBoss Application Server The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute a… CRÍTICA 2021-12-10
CVE-2010-1871 Red Hat JBoss Seam 2 JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers … ALTA 2021-12-10
CVE-2020-17463 Fuel CMS Fuel CMS FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items. CRÍTICA 2021-12-10
CVE-2020-8816 Pi-hole AdminLTE Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static … ALTA 2021-12-10
CVE-2019-10758 MongoDB mongo-express mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. CRÍTICA 2021-12-10
CVE-2021-44228 Apache Log4j2 Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endp… CRÍTICA 2021-12-10
CVE-2020-11261 Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Memory corruption due to improper check to return error when user application requests memory allocation of a huge size… ALTA 2021-12-01
← Anterior Página 50 / 62 (1545 CVEs total) Siguiente →
[INFO] CVE-2026-20963: Vulnerabilidad Crítica en Microsoft SharePoint Explotada Activamente  ·  [INFO] La OFAC sanciona a una red de trabajadores de TI de la RPDC que financia programas de armas de destrucción masiva mediante falsos ...  ·  [INFO] CVE-2025-66376: Vulnerabilidad XSS en Synacor Zimbra Collaboration Suite  ·  [INFO] El ransomware Interlock aprovecha el CVE-2026-20131 de día cero de Cisco FMC para acceder a la raíz...  ·  [INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·  [INFO] CVE-2026-20963: Vulnerabilidad Crítica en Microsoft SharePoint Explotada Activamente  ·  [INFO] La OFAC sanciona a una red de trabajadores de TI de la RPDC que financia programas de armas de destrucción masiva mediante falsos ...  ·  [INFO] CVE-2025-66376: Vulnerabilidad XSS en Synacor Zimbra Collaboration Suite  ·  [INFO] El ransomware Interlock aprovecha el CVE-2026-20131 de día cero de Cisco FMC para acceder a la raíz...  ·  [INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·