// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

La columna Criticidad estará disponible próximamente — los datos CVSS se actualizan periódicamente.

CVEs añadidos este mes

1542

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-3910	Google Chromium V8	—	2026-03-13
CVE-2026-3909	Google Skia	—	2026-03-13
CVE-2025-68613	n8n n8n	—	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	—	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	—	2026-03-09
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	—	2026-03-09
CVE-2017-7921	Hikvision Multiple Products	—	2026-03-05
CVE-2021-22681	Rockwell Multiple Products	—	2026-03-05
CVE-2023-43000	Apple Multiple Products	—	2026-03-05
CVE-2021-30952	Apple Multiple Products	—	2026-03-05

// top_vendors_afectados

Microsoft

15

Apple

6

Google

5

Cisco

4

Fortinet

4

SolarWinds

3

Broadcom

3

SmarterTools

3

Gladinet

3

Ivanti

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	Criticidad	Añadido
CVE-2026-3910	Google Chromium V8	Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability th…	—	2026-03-13
CVE-2026-3909	Google Skia	Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds m…	—	2026-03-13
CVE-2025-68613	n8n n8n	n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluat…	—	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vuln…	—	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an att…	—	2026-03-09
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that c…	—	2026-03-09
CVE-2017-7921	Hikvision Multiple Products	Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escal…	—	2026-03-05
CVE-2021-22681	Rockwell Multiple Products	Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer soft…	—	2026-03-05
CVE-2023-43000	Apple Multiple Products	Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously c…	—	2026-03-05
CVE-2021-30952	Apple Multiple Products	Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the proces…	—	2026-03-05
CVE-2023-41974	Apple iOS and iPadOS	Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel p…	—	2026-03-05
CVE-2026-22719	Broadcom VMware Aria Operations	Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerabilit…	—	2026-03-03
CVE-2026-21385	Qualcomm Multiple Chipsets	Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation.	—	2026-03-03
CVE-2022-20775	Cisco SD-WAN	Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain eleva…	—	2026-02-25
CVE-2026-20127	Cisco Catalyst SD-WAN Controller and Manager	Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, c…	—	2026-02-25
CVE-2026-25108	Soliton Systems K.K FileZen	Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product…	—	2026-02-24
CVE-2025-49113	Roundcube Webmail	RoundCube Webmail contains a deserialization of untrusted data vulnerability that allows remote code execution by authe…	—	2026-02-20
CVE-2025-68461	Roundcube Webmail	RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document.	—	2026-02-20
CVE-2021-22175	GitLab GitLab	GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks a…	—	2026-02-18
CVE-2026-22769	Dell RecoverPoint for Virtual Machines (RP4VMs)	Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allo…	—	2026-02-18
CVE-2020-7796	Synacor Zimbra Collaboration Suite	Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet installed…	—	2026-02-17
CVE-2024-7694	TeamT5 ThreatSonar Anti-Ransomware	TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSon…	—	2026-02-17
CVE-2008-0015	Microsoft Windows	Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the v…	—	2026-02-17
CVE-2026-2441	Google Chromium	Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit h…	—	2026-02-17
CVE-2026-1731	BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)	BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Succes…	—	2026-02-13

Página 1 / 62 (1542 CVEs total) Siguiente →