// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2020-9715	Adobe Acrobat	Adobe Acrobat contains a use-after-free vulnerability that allows for code execution	ALTA	2026-04-13
CVE-2026-21643	Fortinet FortiClient EMS	Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute u…	CRÍTICA	2026-04-13
CVE-2026-34621	Adobe Acrobat and Reader	Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.	ALTA	2026-04-13
CVE-2026-1340	Ivanti Endpoint Manager Mobile (EPMM)	Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve una…	CRÍTICA	2026-04-08
CVE-2026-35616	Fortinet FortiClient EMS	Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker t…	CRÍTICA	2026-04-06
CVE-2026-3502	TrueConf Client	TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence…	ALTA	2026-04-02
CVE-2026-5281	Google Dawn	Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the rendere…	ALTA	2026-04-01
CVE-2026-3055	Citrix NetScaler	Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcP…	CRÍTICA	2026-03-30
CVE-2025-53521	F5 BIG-IP	F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote co…	CRÍTICA	2026-03-27
CVE-2026-33634	Aquasecurity Trivy	Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to eve…	ALTA	2026-03-26
CVE-2026-33017	Langflow Langflow	Langflow contains a code injection vulnerability that could allow building public flows without requiring authenticatio…	CRÍTICA	2026-03-25
CVE-2025-32432	Craft CMS Craft CMS	Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.	CRÍTICA	2026-03-20
CVE-2025-54068	Laravel Livewire	Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote co…	CRÍTICA	2026-03-20
CVE-2025-43510	Apple Multiple Products	Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a mali…	ALTA	2026-03-20
CVE-2025-43520	Apple Multiple Products	Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow…	ALTA	2026-03-20
CVE-2025-31277	Apple Multiple Products	Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow …	ALTA	2026-03-20
CVE-2026-20131	Cisco Secure Firewall Management Center (FMC)	Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management conta…	CRÍTICA	2026-03-19
CVE-2025-66376	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability in the Classic UI where attacker…	ALTA	2026-03-18
CVE-2026-20963	Microsoft SharePoint	Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to…	ALTA	2026-03-18
CVE-2025-47813	Wing FTP Server Wing FTP Server	Wing FTP Server contains a generation of error message containing sensitive information vulnerability when using a long…	MEDIA	2026-03-16
CVE-2026-3910	Google Chromium V8	Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability th…	ALTA	2026-03-13
CVE-2026-3909	Google Skia	Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds m…	ALTA	2026-03-13
CVE-2025-68613	n8n n8n	n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluat…	CRÍTICA	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vuln…	ALTA	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an att…	CRÍTICA	2026-03-09

← Anterior Página 2 / 64 (1587 CVEs total) Siguiente →