// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2026-31431	Linux Kernel	Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escal…	ALTA	2026-05-01
CVE-2026-41940	WebPros cPanel & WHM and WP2 (WordPress Squared)	WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in th…	CRÍTICA	2026-04-30
CVE-2024-1708	ConnectWise ScreenConnect	ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code …	ALTA	2026-04-28
CVE-2026-32202	Microsoft Windows	Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to p…	MEDIA	2026-04-28
CVE-2025-29635	D-Link DIR-823X	D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary comm…	ALTA	2026-04-24
CVE-2024-7399	Samsung MagicINFO 9 Server	Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary file…	ALTA	2026-04-24
CVE-2024-57728	SimpleHelp SimpleHelp	SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the fi…	ALTA	2026-04-24
CVE-2024-57726	SimpleHelp SimpleHelp	SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API key…	CRÍTICA	2026-04-24
CVE-2026-39987	Marimo Marimo	Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell…	CRÍTICA	2026-04-23
CVE-2026-33825	Microsoft Defender	Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized …	ALTA	2026-04-22
CVE-2026-20122	Cisco Catalyst SD-WAN Manger	Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling …	MEDIA	2026-04-20
CVE-2026-20133	Cisco Catalyst SD-WAN Manager	Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that…	MEDIA	2026-04-20
CVE-2025-2749	Kentico Kentico Xperience	Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server …	ALTA	2026-04-20
CVE-2023-27351	PaperCut NG/MF	PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentica…	ALTA	2026-04-20
CVE-2025-48700	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to ex…	MEDIA	2026-04-20
CVE-2026-20128	Cisco Catalyst SD-WAN Manager	Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authent…	ALTA	2026-04-20
CVE-2025-32975	Quest KACE Systems Management Appliance (SMA)	Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow attack…	CRÍTICA	2026-04-20
CVE-2024-27199	JetBrains TeamCity	JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be perfor…	ALTA	2026-04-20
CVE-2026-34197	Apache ActiveMQ	Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.	ALTA	2026-04-16
CVE-2009-0238	Microsoft Office	Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete con…	ALTA	2026-04-14
CVE-2026-32201	Microsoft SharePoint Server	Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to…	MEDIA	2026-04-14
CVE-2012-1854	Microsoft Visual Basic for Applications (VBA)	Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for r…	ALTA	2026-04-13
CVE-2025-60710	Microsoft Windows	Microsoft Windows contains a link following vulnerability that allows for privilege escalation	ALTA	2026-04-13
CVE-2023-21529	Microsoft Exchange Server	Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve…	ALTA	2026-04-13
CVE-2023-36424	Microsoft Windows	Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat …	ALTA	2026-04-13

Página 1 / 64 (1587 CVEs total) Siguiente →