// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1542

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-3910	Google Chromium V8	ALTA	2026-03-13
CVE-2026-3909	Google Skia	ALTA	2026-03-13
CVE-2025-68613	n8n n8n	CRÍTICA	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	ALTA	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	CRÍTICA	2026-03-09
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	ALTA	2026-03-09
CVE-2017-7921	Hikvision Multiple Products	CRÍTICA	2026-03-05
CVE-2021-22681	Rockwell Multiple Products	CRÍTICA	2026-03-05
CVE-2023-43000	Apple Multiple Products	ALTA	2026-03-05
CVE-2021-30952	Apple Multiple Products	ALTA	2026-03-05

// top_vendors_afectados

Microsoft

15

Apple

6

Google

5

Cisco

4

Fortinet

4

SolarWinds

3

Broadcom

3

SmarterTools

3

Gladinet

3

Ivanti

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2026-3910	Google Chromium V8	Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability th…	ALTA	2026-03-13
CVE-2026-3909	Google Skia	Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds m…	ALTA	2026-03-13
CVE-2025-68613	n8n n8n	n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluat…	CRÍTICA	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vuln…	ALTA	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an att…	CRÍTICA	2026-03-09
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that c…	ALTA	2026-03-09
CVE-2017-7921	Hikvision Multiple Products	Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escal…	CRÍTICA	2026-03-05
CVE-2021-22681	Rockwell Multiple Products	Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer soft…	CRÍTICA	2026-03-05
CVE-2023-43000	Apple Multiple Products	Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously c…	ALTA	2026-03-05
CVE-2021-30952	Apple Multiple Products	Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the proces…	ALTA	2026-03-05
CVE-2023-41974	Apple iOS and iPadOS	Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel p…	ALTA	2026-03-05
CVE-2026-22719	Broadcom VMware Aria Operations	Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerabilit…	ALTA	2026-03-03
CVE-2026-21385	Qualcomm Multiple Chipsets	Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation.	ALTA	2026-03-03
CVE-2022-20775	Cisco SD-WAN	Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain eleva…	ALTA	2026-02-25
CVE-2026-20127	Cisco Catalyst SD-WAN Controller and Manager	Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, c…	CRÍTICA	2026-02-25
CVE-2026-25108	Soliton Systems K.K FileZen	Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product…	ALTA	2026-02-24
CVE-2025-49113	Roundcube Webmail	RoundCube Webmail contains a deserialization of untrusted data vulnerability that allows remote code execution by authe…	CRÍTICA	2026-02-20
CVE-2025-68461	Roundcube Webmail	RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document.	ALTA	2026-02-20
CVE-2021-22175	GitLab GitLab	GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks a…	MEDIA	2026-02-18
CVE-2026-22769	Dell RecoverPoint for Virtual Machines (RP4VMs)	Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allo…	CRÍTICA	2026-02-18
CVE-2020-7796	Synacor Zimbra Collaboration Suite	Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet installed…	CRÍTICA	2026-02-17
CVE-2024-7694	TeamT5 ThreatSonar Anti-Ransomware	TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSon…	ALTA	2026-02-17
CVE-2008-0015	Microsoft Windows	Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the v…	ALTA	2026-02-17
CVE-2026-2441	Google Chromium	Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit h…	ALTA	2026-02-17
CVE-2026-1731	BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)	BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Succes…	CRÍTICA	2026-02-13

Página 1 / 62 (1542 CVEs total) Siguiente →