// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2026-21525	Microsoft Windows	Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized…	MEDIA	2026-02-10
CVE-2026-21510	Microsoft Windows	Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker…	ALTA	2026-02-10
CVE-2026-21533	Microsoft Windows	Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an a…	ALTA	2026-02-10
CVE-2026-21519	Microsoft Windows	Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to el…	ALTA	2026-02-10
CVE-2026-21514	Microsoft Office	Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an …	ALTA	2026-02-10
CVE-2025-11953	React Native Community CLI	React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network att…	CRÍTICA	2026-02-05
CVE-2026-24423	SmarterTools SmarterMail	SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API …	CRÍTICA	2026-02-05
CVE-2021-39935	GitLab Community and Enterprise Editions	GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthor…	MEDIA	2026-02-03
CVE-2025-64328	Sangoma FreePBX	Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authenticat…	ALTA	2026-02-03
CVE-2019-19006	Sangoma FreePBX	Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass …	CRÍTICA	2026-02-03
CVE-2025-40551	SolarWinds Web Help Desk	SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code exec…	CRÍTICA	2026-02-03
CVE-2026-1281	Ivanti Endpoint Manager Mobile (EPMM)	Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve una…	CRÍTICA	2026-01-29
CVE-2026-24858	Fortinet Multiple Products	Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path …	CRÍTICA	2026-01-27
CVE-2018-14634	Linux Kernel	Linux Kernel contains an integer overflow vulnerability in the create_elf_tables() function which could allow an unpriv…	ALTA	2026-01-26
CVE-2025-52691	SmarterTools SmarterMail	SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an …	CRÍTICA	2026-01-26
CVE-2026-23760	SmarterTools SmarterMail	SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the pass…	CRÍTICA	2026-01-26
CVE-2026-24061	GNU InetUtils	GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass…	CRÍTICA	2026-01-26
CVE-2026-21509	Microsoft Office	Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security d…	ALTA	2026-01-26
CVE-2024-37079	Broadcom VMware vCenter Server	Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protoc…	CRÍTICA	2026-01-23
CVE-2025-68645	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains a PHP remote file inclusion vulnerability that could allow for remote…	ALTA	2026-01-22
CVE-2025-34026	Versa Concerto	Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse p…	ALTA	2026-01-22
CVE-2025-31125	Vite Vitejs	Vite Vitejs contains an improper access control vulnerability that exposes content of non-allowed files using ?inline&i…	MEDIA	2026-01-22
CVE-2025-54313	Prettier eslint-config-prettier	Prettier eslint-config-prettier contains an embedded malicious code vulnerability. Installing an affected package execu…	ALTA	2026-01-22
CVE-2026-20045	Cisco Unified Communications Manager	Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Uni…	ALTA	2026-01-21
CVE-2026-20805	Microsoft Windows	Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized at…	MEDIA	2026-01-13

← Anterior Página 4 / 64 (1587 CVEs total) Siguiente →