CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

13
CVEs añadidos este mes
1542
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05
CVE-2021-30952 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
15
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2022-40799 D-Link DNR-322L D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow an authenticated att… ALTA 2025-08-05
CVE-2023-2533 PaperCut NG/MF PaperCut NG/MF contains a cross-site request forgery (CSRF) vulnerability, which, under specific conditions, could pote… ALTA 2025-07-28
CVE-2025-20337 Cisco Identity Services Engine Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due… CRÍTICA 2025-07-28
CVE-2025-20281 Cisco Identity Services Engine Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due… CRÍTICA 2025-07-28
CVE-2025-2775 SysAid SysAid On-Prem SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processin… CRÍTICA 2025-07-22
CVE-2025-2776 SysAid SysAid On-Prem SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL proces… CRÍTICA 2025-07-22
CVE-2025-6558 Google Chromium Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a … ALTA 2025-07-22
CVE-2025-54309 CrushFTP CrushFTP CrushFTP contains an unprotected alternate channel vulnerability. When the DMZ proxy feature is not used, mishandles AS… CRÍTICA 2025-07-22
CVE-2025-49704 Microsoft SharePoint Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code ov… ALTA 2025-07-22
CVE-2025-49706 Microsoft SharePoint Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform sp… MEDIA 2025-07-22
CVE-2025-53770 Microsoft SharePoint Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an … CRÍTICA 2025-07-20
CVE-2025-25257 Fortinet FortiWeb Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthor… CRÍTICA 2025-07-18
CVE-2025-47812 Wing FTP Server Wing FTP Server Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injectio… CRÍTICA 2025-07-14
CVE-2025-5777 Citrix NetScaler ADC and Gateway Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This… ALTA 2025-07-10
CVE-2019-9621 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery (SSRF) vulnerability via the ProxyServl… ALTA 2025-07-07
CVE-2019-5418 Rails Ruby on Rails Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combina… ALTA 2025-07-07
CVE-2016-10033 PHP PHPMailer PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, th… CRÍTICA 2025-07-07
CVE-2014-3931 Looking Glass Multi-Router Looking Glass (MRLG) Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause a… CRÍTICA 2025-07-07
CVE-2025-6554 Google Chromium V8 Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read… ALTA 2025-07-02
CVE-2025-48928 TeleMessage TM SGNL TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulner… MEDIA 2025-07-01
CVE-2025-48927 TeleMessage TM SGNL TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability… MEDIA 2025-07-01
CVE-2025-6543 Citrix NetScaler ADC and Gateway Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial … CRÍTICA 2025-06-30
CVE-2019-6693 Fortinet FortiOS Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitiv… MEDIA 2025-06-25
CVE-2024-0769 D-Link DIR-859 Router D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Reques… MEDIA 2025-06-25
CVE-2024-54085 AMI MegaRAC SPx AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful… CRÍTICA 2025-06-25
← Anterior Página 7 / 62 (1542 CVEs total) Siguiente →
[INFO] Android 17 bloquea las aplicaciones que no son de accesibilidad de la API de accesibilidad para evitar el abuso de malware...  ·  [INFO] CVE-2025-26399: Vulnerabilidad Crítica de Deserialización en SolarWinds Web Help Desk  ·  [INFO] Vulnerabilidad CVE-2026-1603 en Ivanti EPM: Bypass de Autenticación Crítico  ·  [INFO] CVE-2025-68613: Vulnerabilidad Crítica en n8n para Ejecución Remota de Código  ·  [INFO] CVE-2026-3910: Vulnerabilidad Crítica en Chromium V8 Explotada Activamente  ·  [INFO] Android 17 bloquea las aplicaciones que no son de accesibilidad de la API de accesibilidad para evitar el abuso de malware...  ·  [INFO] CVE-2025-26399: Vulnerabilidad Crítica de Deserialización en SolarWinds Web Help Desk  ·  [INFO] Vulnerabilidad CVE-2026-1603 en Ivanti EPM: Bypass de Autenticación Crítico  ·  [INFO] CVE-2025-68613: Vulnerabilidad Crítica en n8n para Ejecución Remota de Código  ·  [INFO] CVE-2026-3910: Vulnerabilidad Crítica en Chromium V8 Explotada Activamente  ·