Live · Inteligencia en vivo

Vuln Radar

Vulnerabilidades nuevas, activamente explotadas o relevantes hoy, ordenadas por frescura real. Una CVE antigua solo modificada no debe dominar el radar.

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-20182 · Cisco Catalyst SD-WAN: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

[CISA KEV] Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. | Ransomware use: Unknown | Added: 2026-05-14

Published: 14 may 2026, 00:00
Updated: 15 may 2026, 18:57
Detected: 15 may 2026, 18:57
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-20182)
Ranking rationale: Freshness score 132 · published <7d (+25) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-42897 · Microsoft Microsoft: Microsoft Exchange Server Cross-Site Scripting Vulnerability

[CISA KEV] Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context. | Ransomware use: Unknown | Added: 2026-05-15

Published: 15 may 2026, 00:00
Updated: 15 may 2026, 18:57
Detected: 15 may 2026, 18:57
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-42897)
Ranking rationale: Freshness score 132 · published <7d (+25) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2025-29635 · D-Link DIR-823X: D-Link DIR-823X Command Injection Vulnerability

[CISA KEV actively exploited] D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization. | Ransomware use: Unknown | Added: 2026-04-24

Published: 24 abr 2026, 00:00
Updated: 15 may 2026, 19:19
Detected: 15 may 2026, 19:19
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2025-29635)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-32202 · Microsoft Windows: Microsoft Windows Protection Mechanism Failure Vulnerability

[CISA KEV actively exploited] Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network. | Ransomware use: Unknown | Added: 2026-04-28

Published: 28 abr 2026, 00:00
Updated: 15 may 2026, 19:19
Detected: 15 may 2026, 19:19
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-32202)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2024-1708 · ConnectWise ScreenConnect: ConnectWise ScreenConnect Path Traversal Vulnerability

[CISA KEV actively exploited ransomware] ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems. | Ransomware use: Known | Added: 2026-04-28

Published: 28 abr 2026, 00:00
Updated: 15 may 2026, 19:19
Detected: 15 may 2026, 19:19
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2024-1708)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-41940 · WebPros cPanel & WHM and WP2 (WordPress Squared): WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability

[CISA KEV actively exploited ransomware] WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel. | Ransomware use: Known | Added: 2026-04-30

Published: 30 abr 2026, 00:00
Updated: 15 may 2026, 19:19
Detected: 15 may 2026, 19:19
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-41940)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-31431 · Linux Kernel: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

[CISA KEV] Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation. | Ransomware use: Unknown | Added: 2026-05-01

Published: 01 may 2026, 00:00
Updated: 15 may 2026, 18:57
Detected: 15 may 2026, 18:57
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-31431)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-0300 · Palo Alto Networks PAN-OS: Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability

[CISA KEV] Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. | Ransomware use: Unknown | Added: 2026-05-06

Published: 06 may 2026, 00:00
Updated: 15 may 2026, 18:57
Detected: 15 may 2026, 18:57
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-0300)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-6973 · Ivanti Endpoint Manager Mobile (EPMM): Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability

[CISA KEV] Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution. | Ransomware use: Unknown | Added: 2026-05-07

Published: 07 may 2026, 00:00
Updated: 15 may 2026, 18:57
Detected: 15 may 2026, 18:57
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-6973)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

CRÍTICOACTIVELY EXPLOITEDincidentNIS2CRASeñal automática

CVE-2026-42208 · BerriAI LiteLLM: BerriAI LiteLLM SQL Injection Vulnerability

[CISA KEV] BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages. | Ransomware use: Unknown | Added: 2026-05-08

Published: 08 may 2026, 00:00
Updated: 15 may 2026, 18:57
Detected: 15 may 2026, 18:57
Source: Primary source: CISA KEV (Known Exploited Vulnerabilities)
Technical reference: NVD (CVE-2026-42208)
Ranking rationale: Freshness score 117 · published <30d (+10) · active exploitation/KEV/ransomware signal (+50)

Disclaimer. Estas senales son automaticas y todavia no representan analisis editorial completo. Los articulos publicados en /noticias si pasan por revision humana.