CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

16
CVEs añadidos este mes
1545
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-66376 Synacor Zimbra Collaboration Suite (ZCS) ALTA 2026-03-18
CVE-2026-20963 Microsoft SharePoint ALTA 2026-03-18
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05

// top_vendors_afectados

Microsoft
15
Apple
6
Google
5
Cisco
4
Fortinet
4
Synacor
3
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2020-16017 Google Chrome Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer p… CRÍTICA 2021-11-03
CVE-2021-37976 Google Chromium Google Chromium contains an information disclosure vulnerability within the core memory component that allows a remote … MEDIA 2021-11-03
CVE-2020-16009 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2021-11-03
CVE-2021-30632 Google Chromium V8 Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially ex… ALTA 2021-11-03
CVE-2020-16013 Google Chromium V8 Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to poten… ALTA 2021-11-03
CVE-2021-30633 Google Chromium Indexed DB API Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromis… CRÍTICA 2021-11-03
CVE-2021-21148 Google Chromium V8 Google Chromium V8 Engine contains a heap buffer overflow vulnerability that allows a remote attacker to potentially ex… ALTA 2021-11-03
CVE-2021-37973 Google Chromium Portals Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the … CRÍTICA 2021-11-03
CVE-2021-30551 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2021-11-03
CVE-2021-37975 Google Chromium V8 Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit … ALTA 2021-11-03
CVE-2020-6418 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap … ALTA 2021-11-03
CVE-2021-30554 Google Chromium WebGL Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap… ALTA 2021-11-03
CVE-2021-21206 Google Chromium Blink Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap… ALTA 2021-11-03
CVE-2021-38000 Google Chromium Intents Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitraril… MEDIA 2021-11-03
CVE-2021-38003 Google Chromium V8 Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causin… ALTA 2021-11-03
CVE-2021-21224 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside … ALTA 2021-11-03
CVE-2021-21193 Google Chromium Blink Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap… ALTA 2021-11-03
CVE-2021-21220 Google Chromium V8 Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentia… ALTA 2021-11-03
CVE-2021-30563 Google Chromium V8 Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit … ALTA 2021-11-03
CVE-2020-4430 IBM Data Risk Manager IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to … MEDIA 2021-11-03
CVE-2020-4427 IBM Data Risk Manager IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security re… CRÍTICA 2021-11-03
CVE-2020-4428 IBM Data Risk Manager IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execu… CRÍTICA 2021-11-03
CVE-2019-4716 IBM Planning Analytics IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admi… CRÍTICA 2021-11-03
CVE-2016-3715 ImageMagick ImageMagick ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'epheme… MEDIA 2021-11-03
CVE-2016-3718 ImageMagick ImageMagick ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) v… MEDIA 2021-11-03
← Anterior Página 55 / 62 (1545 CVEs total) Siguiente →
[INFO] Boletín del Día de las Amenazas: RaaS de FortiGate, exploits de Citrix, abuso de MCP, suplantación de identidad de chat en vivo y ...  ·  [INFO] El nuevo malware bancario Android de Perseus monitorea las aplicaciones de notas para extraer datos confidenciales...  ·  [INFO] El kit de exploits DarkSword para iOS utiliza 6 defectos y 3 días cero para apoderarse por completo del dispositivo...  ·  [INFO] Cómo Ceros brinda visibilidad y control a los equipos de seguridad en Claude Code...  ·  [INFO] La CISA advierte sobre las vulnerabilidades de Zimbra y SharePoint; los ataques de ransomware son un éxito de día cero para Cisco...  ·  [INFO] Boletín del Día de las Amenazas: RaaS de FortiGate, exploits de Citrix, abuso de MCP, suplantación de identidad de chat en vivo y ...  ·  [INFO] El nuevo malware bancario Android de Perseus monitorea las aplicaciones de notas para extraer datos confidenciales...  ·  [INFO] El kit de exploits DarkSword para iOS utiliza 6 defectos y 3 días cero para apoderarse por completo del dispositivo...  ·  [INFO] Cómo Ceros brinda visibilidad y control a los equipos de seguridad en Claude Code...  ·  [INFO] La CISA advierte sobre las vulnerabilidades de Zimbra y SharePoint; los ataques de ransomware son un éxito de día cero para Cisco...  ·