// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2025-2776	SysAid SysAid On-Prem	SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL proces…	CRÍTICA	2025-07-22
CVE-2025-6558	Google Chromium	Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a …	ALTA	2025-07-22
CVE-2025-54309	CrushFTP CrushFTP	CrushFTP contains an unprotected alternate channel vulnerability. When the DMZ proxy feature is not used, mishandles AS…	CRÍTICA	2025-07-22
CVE-2025-49704	Microsoft SharePoint	Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code ov…	ALTA	2025-07-22
CVE-2025-49706	Microsoft SharePoint	Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform sp…	MEDIA	2025-07-22
CVE-2025-53770	Microsoft SharePoint	Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an …	CRÍTICA	2025-07-20
CVE-2025-25257	Fortinet FortiWeb	Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthor…	CRÍTICA	2025-07-18
CVE-2025-47812	Wing FTP Server Wing FTP Server	Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injectio…	CRÍTICA	2025-07-14
CVE-2025-5777	Citrix NetScaler ADC and Gateway	Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This…	ALTA	2025-07-10
CVE-2019-9621	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery (SSRF) vulnerability via the ProxyServl…	ALTA	2025-07-07
CVE-2019-5418	Rails Ruby on Rails	Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combina…	ALTA	2025-07-07
CVE-2016-10033	PHP PHPMailer	PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, th…	CRÍTICA	2025-07-07
CVE-2014-3931	Looking Glass Multi-Router Looking Glass (MRLG)	Multi-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause a…	CRÍTICA	2025-07-07
CVE-2025-6554	Google Chromium V8	Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read…	ALTA	2025-07-02
CVE-2025-48928	TeleMessage TM SGNL	TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulner…	MEDIA	2025-07-01
CVE-2025-48927	TeleMessage TM SGNL	TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability…	MEDIA	2025-07-01
CVE-2025-6543	Citrix NetScaler ADC and Gateway	Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial …	CRÍTICA	2025-06-30
CVE-2019-6693	Fortinet FortiOS	Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitiv…	MEDIA	2025-06-25
CVE-2024-0769	D-Link DIR-859 Router	D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Reques…	MEDIA	2025-06-25
CVE-2024-54085	AMI MegaRAC SPx	AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful…	CRÍTICA	2025-06-25
CVE-2023-0386	Linux Kernel	Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the…	ALTA	2025-06-17
CVE-2023-33538	TP-Link Multiple Routers	TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the compon…	ALTA	2025-06-16
CVE-2025-43200	Apple Multiple Products	Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously cra…	MEDIA	2025-06-16
CVE-2025-33053	Microsoft Windows	Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execu…	ALTA	2025-06-10
CVE-2025-24016	Wazuh Wazuh Server	Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.	CRÍTICA	2025-06-10

← Anterior Página 9 / 64 (1587 CVEs total) Siguiente →