CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

17
CVEs añadidos este mes
1546
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-20131 Cisco Secure Firewall Management Center (FMC) CRÍTICA 2026-03-19
CVE-2025-66376 Synacor Zimbra Collaboration Suite (ZCS) ALTA 2026-03-18
CVE-2026-20963 Microsoft SharePoint ALTA 2026-03-18
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09

// top_vendors_afectados

Microsoft
15
Cisco
5
Google
5
Apple
5
Fortinet
4
Synacor
3
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2020-0601 Microsoft Windows Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryp… ALTA 2021-11-03
CVE-2019-0604 Microsoft SharePoint Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits … CRÍTICA 2021-11-03
CVE-2020-0646 Microsoft .NET Framework Microsoft .NET Framework contains an improper input validation vulnerability that allows for remote code execution. CRÍTICA 2021-11-03
CVE-2019-0808 Microsoft Win32k Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects … ALTA 2021-11-03
CVE-2021-26857 Microsoft Exchange Server Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerabili… ALTA 2021-11-03
CVE-2020-1147 Microsoft .NET Framework, SharePoint, Visual Studio Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when th… ALTA 2021-11-03
CVE-2019-1214 Microsoft Windows Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privile… ALTA 2021-11-03
CVE-2016-3235 Microsoft Office Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due … ALTA 2021-11-03
CVE-2019-0863 Microsoft Windows Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, … ALTA 2021-11-03
CVE-2021-36955 Microsoft Windows Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege … ALTA 2021-11-03
CVE-2021-38648 Microsoft Open Management Infrastructure (OMI) Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerabil… ALTA 2021-11-03
CVE-2020-6819 Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under cer… ALTA 2021-11-03
CVE-2020-6820 Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain con… ALTA 2021-11-03
CVE-2019-17026 Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMon… ALTA 2021-11-03
CVE-2019-15949 Nagios Nagios XI Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and ins… ALTA 2021-11-03
CVE-2020-26919 NETGEAR JGS516PE Devices Netgear JGS516PE devices contain a missing function level access control vulnerability. CRÍTICA 2021-11-03
CVE-2019-19356 Netis WF2419 Devices Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as … ALTA 2021-11-03
CVE-2020-2555 Oracle Multiple Products Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with net… CRÍTICA 2021-11-03
CVE-2012-3152 Oracle Fusion Middleware Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect… CRÍTICA 2021-11-03
CVE-2020-14871 Oracle Solaris and Zettabyte File System (ZFS) Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confid… CRÍTICA 2021-11-03
CVE-2015-4852 Oracle WebLogic Server Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allo… CRÍTICA 2021-11-03
CVE-2020-14750 Oracle WebLogic Server Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote cod… CRÍTICA 2021-11-03
CVE-2020-14882 Oracle WebLogic Server Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, bas… CRÍTICA 2021-11-03
CVE-2020-14883 Oracle WebLogic Server Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentila… ALTA 2021-11-03
CVE-2020-8644 PlaySMS PlaySMS PlaySMS contains a server-side template injection vulnerability that allows for remote code execution. CRÍTICA 2021-11-03
← Anterior Página 59 / 62 (1546 CVEs total) Siguiente →
[INFO] El malware Speagle secuestra Cobra DocGuard para robar datos a través de servidores comprometidos...  ·  [INFO] 54 asesinos de EDR utilizan BYOVD para explotar 34 controladores vulnerables firmados y deshabilitar la seguridad...  ·  [INFO] CVE-2026-20131: Vulnerabilidad Crítica de Deserialización en Cisco FMC y SCC  ·  [INFO] Boletín del Día de las Amenazas: RaaS de FortiGate, exploits de Citrix, abuso de MCP, suplantación de identidad de chat en vivo y ...  ·  [INFO] El nuevo malware bancario Android de Perseus monitorea las aplicaciones de notas para extraer datos confidenciales...  ·  [INFO] El malware Speagle secuestra Cobra DocGuard para robar datos a través de servidores comprometidos...  ·  [INFO] 54 asesinos de EDR utilizan BYOVD para explotar 34 controladores vulnerables firmados y deshabilitar la seguridad...  ·  [INFO] CVE-2026-20131: Vulnerabilidad Crítica de Deserialización en Cisco FMC y SCC  ·  [INFO] Boletín del Día de las Amenazas: RaaS de FortiGate, exploits de Citrix, abuso de MCP, suplantación de identidad de chat en vivo y ...  ·  [INFO] El nuevo malware bancario Android de Perseus monitorea las aplicaciones de notas para extraer datos confidenciales...  ·