// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that c…	ALTA	2026-03-09
CVE-2017-7921	Hikvision Multiple Products	Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escal…	CRÍTICA	2026-03-05
CVE-2021-22681	Rockwell Multiple Products	Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer soft…	CRÍTICA	2026-03-05
CVE-2023-43000	Apple Multiple Products	Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously c…	ALTA	2026-03-05
CVE-2021-30952	Apple Multiple Products	Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the proces…	ALTA	2026-03-05
CVE-2023-41974	Apple iOS and iPadOS	Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel p…	ALTA	2026-03-05
CVE-2026-22719	Broadcom VMware Aria Operations	Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerabilit…	ALTA	2026-03-03
CVE-2026-21385	Qualcomm Multiple Chipsets	Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation.	ALTA	2026-03-03
CVE-2022-20775	Cisco SD-WAN	Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain eleva…	ALTA	2026-02-25
CVE-2026-20127	Cisco Catalyst SD-WAN Controller and Manager	Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, c…	CRÍTICA	2026-02-25
CVE-2026-25108	Soliton Systems K.K FileZen	Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product…	ALTA	2026-02-24
CVE-2025-49113	Roundcube Webmail	RoundCube Webmail contains a deserialization of untrusted data vulnerability that allows remote code execution by authe…	CRÍTICA	2026-02-20
CVE-2025-68461	Roundcube Webmail	RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document.	ALTA	2026-02-20
CVE-2021-22175	GitLab GitLab	GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks a…	MEDIA	2026-02-18
CVE-2026-22769	Dell RecoverPoint for Virtual Machines (RP4VMs)	Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allo…	CRÍTICA	2026-02-18
CVE-2020-7796	Synacor Zimbra Collaboration Suite	Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet installed…	CRÍTICA	2026-02-17
CVE-2024-7694	TeamT5 ThreatSonar Anti-Ransomware	TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSon…	ALTA	2026-02-17
CVE-2008-0015	Microsoft Windows	Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the v…	ALTA	2026-02-17
CVE-2026-2441	Google Chromium	Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit h…	ALTA	2026-02-17
CVE-2026-1731	BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)	BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Succes…	CRÍTICA	2026-02-13
CVE-2026-20700	Apple Multiple Products	Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memo…	ALTA	2026-02-12
CVE-2024-43468	Microsoft Configuration Manager	Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this…	CRÍTICA	2026-02-12
CVE-2025-15556	Notepad++ Notepad++	Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could a…	ALTA	2026-02-12
CVE-2025-40536	SolarWinds Web Help Desk	SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker …	ALTA	2026-02-12
CVE-2026-21513	Microsoft Windows	Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attac…	ALTA	2026-02-10

← Anterior Página 3 / 64 (1587 CVEs total) Siguiente →