month report
September 2023
Data as of Jun 11, 2026, 06:05 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
September 2023 closed with 2,863 published CVEs. 283 criticals, 19 added to CISA KEV (3 ransomware-linked). google led volume, mostly via android. Top weakness class — CWE-79 (375 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
2,863
— MoM— YoY
Severity mix
283 / 777
critical / high
KEV added
19
3 ransomware-linked
Nuclei coverage
9.0%
259 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
903.8
n=259
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
4
n=21
Detection gap
KEV pressure, no Nuclei coverage
September 2023 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 7apple123 CVE
- KEV 5microsoft67 CVE
- KEV 5debian54 CVE
- KEV 4google137 CVE
- KEV 4ооо «русбитех-астра»83 CVE
- KEV 3ооо «ред софт»100 CVE
- KEV 3ао "нппкт"88 CVE
- KEV 2redhat84 CVE
Weakness × Vendor
What's spreading where in September 2023
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS89SQL Injection787Out-of-bounds Write862Missing Authorization125Out-of-bounds Read416Use After Free22Path Traversal20Improper Input Validation434Unrestricted File Upload120Buffer Overflowgoogle1264222913сообщество свободного программного обеспечения62141823421apple546110ооо «ред софт»62156104221ао «нппкт»11232011ооо «русбитех-астра»115211fedoraproject9551481microsoft32285adobe5116181022go111421microsoft corp31285maven7563213
Most discussed CVEs — September 2023
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #1google137 CVE
- #2сообщество свободного программного обеспечения125 CVE
- #3apple123 CVE
- #4ооо «ред софт»100 CVE
- #5ао "нппкт"88 CVE
- #6redhat84 CVE
- #7ооо «русбитех-астра»83 CVE
- #8fedoraproject68 CVE
- #9microsoft67 CVE
- #10adobe65 CVE
Top vendors
Ranked by distinct CVE count this period.
- 137 CVE1 critCVSS 6.2NEWKEV 4PoC 2android (118) · chrome (18) · google chrome (18)
- 125 CVE13 critCVSS 6.9NEWKEV 3Nuclei 5PoC 32debian gnu/linux (75) · linux (21) · vim (9)
- 123 CVE5 critCVSS 6.3NEWKEV 7macos (107) · ipados (64) · iphone os (64)
- 100 CVE6 critCVSS 6.6NEWKEV 3PoC 12ред ос (100)
- 88 CVE8 critCVSS 6.8NEWKEV 3PoC 14осон основа оnyx (88)
- 84 CVE6 critCVSS 6.7NEWKEV 2PoC 7red hat enterprise linux (40) · red hat enterprise linux 9 (24) · red hat enterprise linux 8 (23)
- 83 CVE7 critCVSS 7.0NEWKEV 4PoC 16astra linux special edition (81) · astra linux special edition для «эльбрус» (6) · astra linux common edition (5)
- 68 CVE2 critCVSS 6.5NEWKEV 4Nuclei 3PoC 14fedora (68) · extra packages for enterprise linux (1)
- 67 CVE1 critCVSS 7.3NEWKEV 5PoC 8windows server 2022 (20) · windows server 2022 (server core installation) (19) · windows 11 21h2 (19)
- 65 CVE5 critCVSS 6.9NEWKEV 2Nuclei 1PoC 1acrobat reader dc (12) · acrobat reader (12) · acrobat dc (12)
- 64 CVE6 critCVSS 6.9NEWKEV 1PoC 9github.com/lf-edge/eve (14) · github.com/schollz/croc/v9 (5) · github.com/mattermost/mattermost/server/v8 (5)
- 59 CVE6 critCVSS 6.7NEWNuclei 3PoC 4org.jenkins-ci.main:jenkins-core (5) · org.jenkins-ci.plugins:aws-codecommit-trigger (4) · org.jenkins-ci.plugins:jobconfighistory (4)
- 54 CVE3 critCVSS 6.8NEWKEV 5PoC 16debian linux (54)
- 53 CVE28 critCVSS 8.2NEWNuclei 1PoC 27dir-619l firmware (13) · dir-619l (10) · dar-7000 firmware (9)
- 51 CVE7 critCVSS 6.9NEWNuclei 8PoC 25librenms/librenms (7) · gugoan/economizzer (5) · thorsten/phpmyfaq (5)
- 47 CVE4 critCVSS 6.3NEWKEV 1Nuclei 1PoC 10apache-superset (8) · vyper (5) · zope (2)
- 47 CVE4 critCVSS 7.5NEWKEV 2PoC 12альт сп 10 (47) · альт 8 сп (23)
- 45 CVECVSS 5.6NEWmt2713, mt6895, mt6897, mt6983, mt8188, mt8195, mt8395, mt8781 (4) · mt6895, mt6897, mt6983, mt8188, mt8195, mt8395, mt8781 (4) · mt2713, mt6895, mt6897, mt6983, mt8188, mt8195, mt8395, mt8673 (3)
- 45 CVE4 critCVSS 6.8NEWKEV 2PoC 9роса хром (36) · rosa virtualization 3.0 (11) · rosa virtualization (6)
- 44 CVECVSS 6.1NEWsc7731e/sc9832e/sc9863a/t606/t612/t616/t610/t618 (30) · sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (5) · sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (2)
- 40 CVE2 critCVSS 6.0NEWNuclei 40PoC 39import xml and rss feeds (2) · tagdiv composer (2) · user activity log (2)
- 36 CVECVSS 5.4NEWPoC 9os commerce (36)
- 36 CVECVSS 5.4NEWPoC 9oscommerce (36)
- 35 CVE2 critCVSS 7.8NEWwcd9380 firmware (32) · wsa8830 firmware (31) · wsa8835 firmware (31)
- 35 CVE2 critCVSS 7.6NEWsnapdragon (35)
- 35 CVECVSS 5.5NEWPoC 31engineers online portal (9) · best courier management system (6) · simple membership system (5)
- 33 CVE2 critCVSS 6.3NEWyocto (27) · edge virtualization engine (5) · nats-server (1)
- 32 CVE1 critCVSS 6.8NEWPoC 11linux kernel (32) · kernel (10) · linux (1)
- 32 CVECVSS 4.8NEWandroid (16) · exynos 2200 firmware (5) · exynos 2100 firmware (5)
- 31 CVE2 critCVSS 6.4NEWKEV 2PoC 31ios xe (8) · cisco ios xe (8) · cisco ios xe software (8)
- 29 CVE3 critCVSS 7.1NEWKEV 2Nuclei 7PoC 9electron (5) · fuxa-server (3) · @frangoteam/fuxa (2)
- 28 CVE3 critCVSS 7.5NEWKEV 1PoC 5ubuntu (24) · ubuntu linux (4) · accountsservice (1)
- 27 CVECVSS 6.3NEWjenkins (5) · aws codecommit trigger (4) · build failure analyzer (4)
- 26 CVE1 critCVSS 6.3NEWKEV 1Nuclei 2PoC 5fedora (26)
- 26 CVECVSS 4.9NEWPoC 14gitlab (26)
- 25 CVE5 critCVSS 7.1NEWharmonyos (25) · emui (23)
- 25 CVE5 critCVSS 7.5NEWKEV 2PoC 2firefox (24) · firefox esr (19) · thunderbird (19)
- 24 CVECVSS 5.2NEWsamsung mobile devices (16) · gallery (2) · packageinstallerchn (1)
- 23 CVE2 critCVSS 6.9NEWNuclei 1PoC 1suse linux enterprise server for sap applications (20) · suse linux enterprise server (20) · suse linux enterprise desktop (13)
- 22 CVECVSS 7.5NEWqms automotive (9) · tecnomatix plant simulation v2302 (8) · tecnomatix plant simulation v2201 (8)
- 20 CVECVSS 5.8NEWNuclei 1aspera faspex (8) · sterling secure proxy (2) · sterling external authentication server (2)
- 20 CVECVSS 7.1NEWdgx h100 bmc (15) · dgx h100 firmware (15) · cumulus linux (2)
- 18 CVE1 critCVSS 6.6NEWNuclei 3PoC 9cacti (18)
- 18 CVE1 critCVSS 6.6NEWNuclei 3PoC 9cacti (18)
- 17 CVE1 critCVSS 5.8NEWPoC 2superset (8) · airflow (2) · tomcat connectors (1)
- 17 CVE1 critCVSS 6.0NEWPoC 2apache superset (8) · superset (4) · airflow (2)
- 17 CVE2 critCVSS 7.0NEWKEV 1PoC 1inventory (2) · phonenumber (1) · routinator (1)
- 17 CVECVSS 4.7NEWiot yocto (16) · mediatek mt2713 (1) · mediatek mt5221 (1)
- 16 CVE1 critCVSS 8.4NEWPoC 2tl-er5120g firmware (3) · archer a10 firmware (2) · archer c20 (2)
- 16 CVECVSS 5.4NEWNuclei 1PoC 16usermin (10) · webmin (7)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | 137 | 1 | 4 | · | NEWKEV 4PoC 2 | android (118) · chrome (18) · google chrome (18) | — | ||
| 2 | сообщество свободного программного обеспечения | 125 | 13 | 3 | 5 | NEWKEV 3Nuclei 5PoC 32 | debian gnu/linux (75) · linux (21) · vim (9) | — | |
| 3 | apple | 123 | 5 | 7 | · | NEWKEV 7 | macos (107) · ipados (64) · iphone os (64) | — | |
| 4 | ооо «ред софт» | 100 | 6 | 3 | · | NEWKEV 3PoC 12 | ред ос (100) | — | |
| 5 | ао "нппкт" | 88 | 8 | 3 | · | NEWKEV 3PoC 14 | осон основа оnyx (88) | — | |
| 6 | redhat | 84 | 6 | 2 | · | NEWKEV 2PoC 7 | red hat enterprise linux (40) · red hat enterprise linux 9 (24) · red hat enterprise linux 8 (23) | — | |
| 7 | ооо «русбитех-астра» | 83 | 7 | 4 | · | NEWKEV 4PoC 16 | astra linux special edition (81) · astra linux special edition для «эльбрус» (6) · astra linux common edition (5) | — | |
| 8 | fedoraproject | 68 | 2 | 4 | 3 | NEWKEV 4Nuclei 3PoC 14 | fedora (68) · extra packages for enterprise linux (1) | — | |
| 9 | microsoft | 67 | 1 | 5 | · | NEWKEV 5PoC 8 | windows server 2022 (20) · windows server 2022 (server core installation) (19) · windows 11 21h2 (19) | — | |
| 10 | adobe | 65 | 5 | 2 | 1 | NEWKEV 2Nuclei 1PoC 1 | acrobat reader dc (12) · acrobat reader (12) · acrobat dc (12) | — | |
| 11 | go | 64 | 6 | 1 | · | NEWKEV 1PoC 9 | github.com/lf-edge/eve (14) · github.com/schollz/croc/v9 (5) · github.com/mattermost/mattermost/server/v8 (5) | — | |
| 12 | maven | 59 | 6 | · | 3 | NEWNuclei 3PoC 4 | org.jenkins-ci.main:jenkins-core (5) · org.jenkins-ci.plugins:aws-codecommit-trigger (4) · org.jenkins-ci.plugins:jobconfighistory (4) | — | |
| 13 | debian | 54 | 3 | 5 | · | NEWKEV 5PoC 16 | debian linux (54) | — | |
| 14 | dlink | 53 | 28 | · | 1 | NEWNuclei 1PoC 27 | dir-619l firmware (13) · dir-619l (10) · dar-7000 firmware (9) | — | |
| 15 | packagist | 51 | 7 | · | 8 | NEWNuclei 8PoC 25 | librenms/librenms (7) · gugoan/economizzer (5) · thorsten/phpmyfaq (5) | — | |
| 16 | pypi | 47 | 4 | 1 | 1 | NEWKEV 1Nuclei 1PoC 10 | apache-superset (8) · vyper (5) · zope (2) | — | |
| 17 | ао «ивк» | 47 | 4 | 2 | · | NEWKEV 2PoC 12 | альт сп 10 (47) · альт 8 сп (23) | — | |
| 18 | mediatek, inc. | 45 | · | · | · | NEW | mt2713, mt6895, mt6897, mt6983, mt8188, mt8195, mt8395, mt8781 (4) · mt6895, mt6897, mt6983, mt8188, mt8195, mt8395, mt8781 (4) · mt2713, mt6895, mt6897, mt6983, mt8188, mt8195, mt8395, mt8673 (3) | — | |
| 19 | ао «нтц ит роса» | 45 | 4 | 2 | · | NEWKEV 2PoC 9 | роса хром (36) · rosa virtualization 3.0 (11) · rosa virtualization (6) | — | |
| 20 | unisoc (shanghai) technologies co., ltd. | 44 | · | · | · | NEW | sc7731e/sc9832e/sc9863a/t606/t612/t616/t610/t618 (30) · sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (5) · sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (2) | — | |
| 21 | unknown | 40 | 2 | · | 40 | NEWNuclei 40PoC 39 | import xml and rss feeds (2) · tagdiv composer (2) · user activity log (2) | — | |
| 22 | os commerce | 36 | · | · | · | NEWPoC 9 | os commerce (36) | — | |
| 23 | oscommerce | 36 | · | · | · | NEWPoC 9 | oscommerce (36) | — | |
| 24 | qualcomm | 35 | 2 | · | · | NEW | wcd9380 firmware (32) · wsa8830 firmware (31) · wsa8835 firmware (31) | — | |
| 25 | qualcomm, inc. | 35 | 2 | · | · | NEW | snapdragon (35) | — | |
| 26 | sourcecodester | 35 | · | · | · | NEWPoC 31 | engineers online portal (9) · best courier management system (6) · simple membership system (5) | — | |
| 27 | linuxfoundation | 33 | 2 | · | · | NEW | yocto (27) · edge virtualization engine (5) · nats-server (1) | — | |
| 28 | linux | 32 | 1 | · | · | NEWPoC 11 | linux kernel (32) · kernel (10) · linux (1) | — | |
| 29 | samsung | 32 | · | · | · | NEW | android (16) · exynos 2200 firmware (5) · exynos 2100 firmware (5) | — | |
| 30 | cisco | 31 | 2 | 2 | · | NEWKEV 2PoC 31 | ios xe (8) · cisco ios xe (8) · cisco ios xe software (8) | — | |
| 31 | npm | 29 | 3 | 2 | 7 | NEWKEV 2Nuclei 7PoC 9 | electron (5) · fuxa-server (3) · @frangoteam/fuxa (2) | — | |
| 32 | canonical | 28 | 3 | 1 | · | NEWKEV 1PoC 5 | ubuntu (24) · ubuntu linux (4) · accountsservice (1) | — | |
| 33 | jenkins | 27 | · | · | · | NEW | jenkins (5) · aws codecommit trigger (4) · build failure analyzer (4) | — | |
| 34 | fedora project | 26 | 1 | 1 | 2 | NEWKEV 1Nuclei 2PoC 5 | fedora (26) | — | |
| 35 | gitlab | 26 | · | · | · | NEWPoC 14 | gitlab (26) | — | |
| 36 | huawei | 25 | 5 | · | · | NEW | harmonyos (25) · emui (23) | — | |
| 37 | mozilla | 25 | 5 | 2 | · | NEWKEV 2PoC 2 | firefox (24) · firefox esr (19) · thunderbird (19) | — | |
| 38 | samsung mobile | 24 | · | · | · | NEW | samsung mobile devices (16) · gallery (2) · packageinstallerchn (1) | — | |
| 39 | novell inc. | 23 | 2 | · | 1 | NEWNuclei 1PoC 1 | suse linux enterprise server for sap applications (20) · suse linux enterprise server (20) · suse linux enterprise desktop (13) | — | |
| 40 | siemens | 22 | · | · | · | NEW | qms automotive (9) · tecnomatix plant simulation v2302 (8) · tecnomatix plant simulation v2201 (8) | — | |
| 41 | ibm | 20 | · | · | 1 | NEWNuclei 1 | aspera faspex (8) · sterling secure proxy (2) · sterling external authentication server (2) | — | |
| 42 | nvidia | 20 | · | · | · | NEW | dgx h100 bmc (15) · dgx h100 firmware (15) · cumulus linux (2) | — | |
| 43 | cacti | 18 | 1 | · | 3 | NEWNuclei 3PoC 9 | cacti (18) | — | |
| 44 | the cacti group inc. | 18 | 1 | · | 3 | NEWNuclei 3PoC 9 | cacti (18) | — | |
| 45 | apache | 17 | 1 | · | · | NEWPoC 2 | superset (8) · airflow (2) · tomcat connectors (1) | — | |
| 46 | apache software foundation | 17 | 1 | · | · | NEWPoC 2 | apache superset (8) · superset (4) · airflow (2) | — | |
| 47 | crates.io | 17 | 2 | 1 | · | NEWKEV 1PoC 1 | inventory (2) · phonenumber (1) · routinator (1) | — | |
| 48 | mediatek inc. | 17 | · | · | · | NEW | iot yocto (16) · mediatek mt2713 (1) · mediatek mt5221 (1) | — | |
| 49 | tp-link | 16 | 1 | · | · | NEWPoC 2 | tl-er5120g firmware (3) · archer a10 firmware (2) · archer c20 (2) | — | |
| 50 | webmin | 16 | · | · | 1 | NEWNuclei 1PoC 16 | usermin (10) · webmin (7) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins489 CVE67 crit306 vendorsCVSS 7.5superset (12) · engineers online portal (9) · apache superset (8)
- Operating Systems442 CVE102 crit81 KEV44 vendorsCVSS 7.5fedora (104) · ред ос (100) · осон основа оnyx (88)
- OSS Libraries399 CVE59 crit17 KEV96 vendorsCVSS 7.7gpac (9) · gpac/gpac (8) · glib (7)
- Mobile Apps319 CVE20 crit61 KEV8 vendorsCVSS 6.4android (136) · harmonyos (25) · emui (23)
- Enterprise Software310 CVE91 crit12 KEV116 vendorsCVSS 9.8cacti (36) · glpi (18) · aspera faspex (8)
- Networking Infrastructure201 CVE118 crit14 KEV53 vendorsCVSS 7.8dir-619l firmware (13) · ac10u firmware (11) · dir-619l (10)
- Hardware Firmware192 CVE97 crit2 KEV32 vendorsCVSS 7.8sc7731e/sc9832e/sc9863a/t606/t612/t616/t610/t618 (30) · dgx h100 bmc (15) · dgx h100 firmware (15)
- Consumer Software159 CVE38 crit23 KEV29 vendorsCVSS 8.7acrobat dc (12) · acrobat reader (12) · acrobat reader dc (12)
- Security Products127 CVE30 crit9 KEV56 vendorsCVSS 8.3acronis cyber protect 15 (13) · cyber protect (13) · atlant (12)
- DevTools & CI104 CVE2 crit1 KEV28 vendorsCVSS 7.8usermin (10) · webmin (7) · vyper (5)
- ICS / OT / IoT102 CVE154 crit59 vendorsCVSS 8.6ekorccp firmware (10) · ekorrci (10) · ekorrci firmware (10)
- Cloud & SaaS74 CVE9 crit37 vendorsCVSS 7.2docker desktop (12) · jumpserver (7) · argo cd (3)
- AI / ML40 CVE8 crit9 vendorsCVSS 8.7yocto (27) · edge virtualization engine (5) · langchain (2)
- Communications34 CVE2 KEV28 vendorsCVSS 7.1mastodon (8) · mattermost (5) · synapse (4)
- Databases21 CVE3 crit3 KEV15 vendorsCVSS 8.7ibm aspera faspex (3) · mariadb (2) · oracle linux (2)
- Unclassified164 CVE36 crit140 vendorsCVSS 6.8dar-7000 (9) · dar-8000 (8) · imagegear (8)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 6 | 489 | 67 | · | 306 | 360 | 7.5 | superset (12) · engineers online portal (9) · apache superset (8) |
| Operating Systems▸ 5 | 442 | 102 | 81 | 44 | 481 | 7.5 | fedora (104) · ред ос (100) · осон основа оnyx (88) |
| OSS Libraries▸ 11 | 399 | 59 | 17 | 96 | 326 | 7.7 | gpac (9) · gpac/gpac (8) · glib (7) |
| Mobile Apps▸ 2 | 319 | 20 | 61 | 8 | 46 | 6.4 | android (136) · harmonyos (25) · emui (23) |
| Enterprise Software▸ 7 | 310 | 91 | 12 | 116 | 524 | 9.8 | cacti (36) · glpi (18) · aspera faspex (8) |
| Networking Infrastructure▸ 6 | 201 | 118 | 14 | 53 | 269 | 7.8 | dir-619l firmware (13) · ac10u firmware (11) · dir-619l (10) |
| Hardware Firmware▸ 5 | 192 | 97 | 2 | 32 | 1,004 | 7.8 | sc7731e/sc9832e/sc9863a/t606/t612/t616/t610/t618 (30) · dgx h100 bmc (15) · dgx h100 firmware (15) |
| Consumer Software▸ 5 | 159 | 38 | 23 | 29 | 82 | 8.7 | acrobat dc (12) · acrobat reader (12) · acrobat reader dc (12) |
| Security Products▸ 6 | 127 | 30 | 9 | 56 | 112 | 8.3 | acronis cyber protect 15 (13) · cyber protect (13) · atlant (12) |
| DevTools & CI▸ 5 | 104 | 2 | 1 | 28 | 53 | 7.8 | usermin (10) · webmin (7) · vyper (5) |
| ICS / OT / IoT▸ 6 | 102 | 154 | · | 59 | 190 | 8.6 | ekorccp firmware (10) · ekorrci (10) · ekorrci firmware (10) |
| Cloud & SaaS▸ 5 | 74 | 9 | · | 37 | 57 | 7.2 | docker desktop (12) · jumpserver (7) · argo cd (3) |
| AI / ML▸ 4 | 40 | 8 | · | 9 | 11 | 8.7 | yocto (27) · edge virtualization engine (5) · langchain (2) |
| Communications▸ 4 | 34 | · | 2 | 28 | 37 | 7.1 | mastodon (8) · mattermost (5) · synapse (4) |
| Databases▸ 5 | 21 | 3 | 3 | 15 | 23 | 8.7 | ibm aspera faspex (3) · mariadb (2) · oracle linux (2) |
| Unclassified | 164 | 36 | · | 140 | 143 | 6.8 | dar-7000 (9) · dar-8000 (8) · imagegear (8) |
Weakness × Sector
Which weaknesses hit which solution categories in September 2023
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
79XSS89SQL Injection787Out-of-bounds Write862Missing Authorization125Out-of-bounds Read416Use After Free22Path Traversal20Improper Input Validation434Unrestricted File Upload120Buffer OverflowOperating Systems229424638451017219Web & CMS Plugins22480515318OSS Libraries5111156109171184Enterprise Software697263317410Consumer Software97332202710532Networking Infrastructure11440325395Hardware Firmware2140402771129Security Products93214222ICS / OT / IoT871034542DevTools & CI18183411