month report
December 2025
Data as of Jun 11, 2026, 06:05 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
December 2025 closed with 5,771 published CVEs. 396 criticals, 20 added to CISA KEV (1 ransomware-linked). linux led volume, mostly via linux. Top weakness class — CWE-79 (826 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
5,771
— MoM— YoY
Severity mix
396 / 1,715
critical / high
KEV added
20
1 ransomware-linked
Nuclei coverage
22.3%
1,288 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
78.6
n=1,288
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
10
n=19
Weakness × Vendor
What's spreading where in December 2025
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS862Missing Authorization89SQL Injection74Injection352CSRF98CWE-9822Path Traversal94Code Injection78OS Command Injection284CWE-284linuxсообщество свободного программного обеспечения21111red hat inc.111ооо «русбитех-астра»11311canonical ltd.1adobe systems inc.11711adobe11511google181ооо «ред софт»62111121ао «ивк»11go54714npm91242
Most discussed CVEs — December 2025
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #17axiomthemes58 CVE
- #20ancorathemes48 CVE
- #29merkulove28 CVE
- #31kentico26 CVE
- #33mailenable25 CVE
- #36getgrav22 CVE
- #37sound422 CVE
- #38sound4 ltd.22 CVE
- #42kantar media20 CVE
- #44advantech18 CVE
Top vendors
Ranked by distinct CVE count this period.
- 1,055 CVE1 critCVSS 5.8linux (1055) · linux kernel (14)
- 450 CVE10 critCVSS 5.9KEV 3Nuclei 6PoC 6linux (395) · debian gnu/linux (264) · wpe webkit (4)
- 211 CVE1 critCVSS 6.6PoC 3red hat enterprise linux (187) · red hat enterprise linux 8 (8) · red hat enterprise linux 6 (7)
- 151 CVE7 critCVSS 6.3KEV 1PoC 4astra linux special edition (150) · astra-safepolicy (8) · linux astra modules (5)
- 142 CVE1 critCVSS 6.1PoC 1ubuntu (139) · apport (1) · maas (1)
- 137 CVE6 critCVSS 5.6adobe experience manager (117) · experience manager (115) · adobe experience manager cloud service (69)
- 133 CVE2 critCVSS 7.0KEV 3android (109) · chrome (19) · google chrome (19)
- 86 CVE3 critCVSS 6.3KEV 2Nuclei 1PoC 5ред ос (80) · ред база данных (6)
- 83 CVE6 critCVSS 6.0KEV 1Nuclei 1PoC 12code.gitea.io/gitea (9) · github.com/mattermost/mattermost/server/v8 (8) · github.com/mattermost/mattermost (5)
- 77 CVE4 critCVSS 6.6PoC 1альт сп 10 (64) · альт 8 сп (38)
- 75 CVE9 critCVSS 7.3KEV 2Nuclei 3PoC 19n8n (5) · @vitejs/plugin-rsc (5) · react-server-dom-webpack (4)
- 74 CVECVSS 6.5PoC 71student file management system (13) · refugee food management system (12) · simple stock system (6)
- 74 CVE8 critCVSS 6.8KEV 1Nuclei 1PoC 12picklescan (13) · weblate (5) · mcp-server-git (3)
- 72 CVE3 critCVSS 7.6KEV 2windows server 2025 (36) · windows 11 version 24h2 (36) · windows 11 version 25h2 (36)
- 68 CVE2 critCVSS 5.7KEV 4macos (65) · ios and ipados (28) · visionos (21)
- 64 CVE9 critCVSS 6.9Nuclei 1PoC 25getgrav/grav (22) · feehi/feehicms (3) · thorsten/phpmyfaq (3)
- 58 CVECVSS 8.1NEWNuclei 58777 (1) · agricola (1) · algenix (1)
- 51 CVE12 critCVSS 8.3PoC 48wh450 firmware (21) · wh450 (21) · m3 (7)
- 49 CVE1 critCVSS 6.2PoC 4platform v sberlinux os server (49)
- 48 CVE1 critCVSS 8.1NEWNuclei 47childhope (1) · chinchilla (1) · detailx (1)
- 48 CVE2 critCVSS 6.5Nuclei 3PoC 9org.jenkins-ci.main:jenkins-core (5) · org.nutz:nutzboot-parent (3) · org.apache.streampark:streampark (3)
- 46 CVECVSS 6.7PoC 44student file management system (13) · refugee food management system (12) · currency exchange system (4)
- 41 CVECVSS 8.7PoC 41rg-eap602 firmware (7) · x30 pro firmware (6) · rg-ew300 pro firmware (5)
- 39 CVECVSS 7.3PoC 39student management system (19) · online cake ordering system (7) · covid tracking system (4)
- 30 CVECVSS 6.3mt2718, mt6739, mt6761, mt6765, mt6768, mt6781, mt6789, mt6833, mt6835, mt6853, mt6855, mt6877, mt6878, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6899, mt6983, mt6985, mt6989, mt6991, mt8196, mt8676, mt8678, mt8792, mt8793 (7) · mt2735, mt6833, mt6833p, mt6853, mt6853t, mt6855, mt6855t, mt6873, mt6875, mt6875t, mt6877, mt6877t, mt6877tt, mt6880, mt6883, mt6885, mt6889, mt6890, mt6891, mt6893, mt8675, mt8771, mt8791, mt8791t, mt8797 (6) · mt6739, mt6761, mt6765, mt6768, mt6781, mt6789, mt6833, mt6835, mt6853, mt6855, mt6877, mt6878, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6899, mt6983, mt6985, mt6989, mt6991, mt8186, mt8188, mt8196, mt8667, mt8673, mt8676, mt8678, mt8765, mt8766, mt8768, mt8771, mt8781, mt8791t, mt8792, mt8793, mt8795t, mt8796, mt8798, mt8873, mt8883 (4)
- 30 CVE2 critCVSS 6.4Nuclei 26PoC 21handl utm grabber / tracker (2) · url shortify (2) · advance wp query search filter (2)
- 28 CVECVSS 7.3PoC 28student management system (21) · covid tracking system (4) · society management system (2)
- 28 CVE1 critCVSS 5.8aspera orchestrator (4) · concert (4) · controller (4)
- 28 CVECVSS 5.4NEWNuclei 28appender (1) · buttoner for elementor (1) · coder for elementor (1)
- 27 CVE3 critCVSS 7.3PoC 1осон основа оnyx (27)
- 26 CVECVSS 6.0NEWxperience (26)
- 25 CVECVSS 6.7pdf editor (18) · pdf reader (18) · pdf editor cloud (7)
- 25 CVECVSS 6.9NEWmailenable (25)
- 23 CVE1 critCVSS 7.0KEV 1ruggedcom rox rx1511 (6) · ruggedcom rox rx1500 (6) · ruggedcom rox rx5000 (6)
- 22 CVE4 critCVSS 7.7Nuclei 1PoC 2apache http server (5) · http server (5) · apache fineract (3)
- 22 CVE2 critCVSS 6.6NEWPoC 6grav (22) · grav-plugin-admin (6)
- 22 CVE9 critCVSS 8.4NEWPoC 22pulse firmware (21) · first firmware (21) · impact eco firmware (21)
- 22 CVE9 critCVSS 8.4NEWPoC 22impact/pulse/first (20) · stream (20) · bigvoice4 (20)
- 21 CVECVSS 4.2PoC 1security-advisories (19) · nextcloud server (5) · calendar (3)
- 20 CVE3 critCVSS 7.6Nuclei 1PoC 2http server (5) · fineract (3) · streampark (3)
- 20 CVECVSS 7.8shared components (20)
- 20 CVE8 critCVSS 8.4NEWPoC 20wm2 (20)
- 19 CVECVSS 6.2PoC 19supplier management system (7) · complete online beauty parlor management system (4) · online student enrollment system (2)
- 18 CVE1 critCVSS 6.1NEWwise-deviceon server (11) · webaccess/scada (5) · webaccess\/scada (5)
- 18 CVE4 critCVSS 7.5PoC 4churchcrm (18) · crm (18)
- 18 CVE2 critCVSS 6.8KEV 1fortios (4) · fortiweb (3) · fortisandbox (3)
- 17 CVE2 critCVSS 7.3Nuclei 1PoC 15dwr-m920 (5) · dcs-850l (1) · dcs-930l (1)
- 17 CVE1 critCVSS 7.3PoC 1fedora (17) · fedora epel (12)
- 17 CVE3 critCVSS 7.4NEWPoC 5erpnext (9) · frappe (5) · learning (3)
- 17 CVE5 critCVSS 8.5firefox (16) · thunderbird (13) · firefox esr (10)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | linux | 1,055 | 1 | · | · | linux (1055) · linux kernel (14) | — | ||
| 2 | сообщество свободного программного обеспечения | 450 | 10 | 3 | 6 | KEV 3Nuclei 6PoC 6 | linux (395) · debian gnu/linux (264) · wpe webkit (4) | — | |
| 3 | redhat | 211 | 1 | · | · | PoC 3 | red hat enterprise linux (187) · red hat enterprise linux 8 (8) · red hat enterprise linux 6 (7) | — | |
| 4 | ооо «русбитех-астра» | 151 | 7 | 1 | · | KEV 1PoC 4 | astra linux special edition (150) · astra-safepolicy (8) · linux astra modules (5) | — | |
| 5 | canonical | 142 | 1 | · | · | PoC 1 | ubuntu (139) · apport (1) · maas (1) | — | |
| 6 | adobe | 137 | 6 | · | · | adobe experience manager (117) · experience manager (115) · adobe experience manager cloud service (69) | — | ||
| 7 | 133 | 2 | 3 | · | KEV 3 | android (109) · chrome (19) · google chrome (19) | — | ||
| 8 | ооо «ред софт» | 86 | 3 | 2 | 1 | KEV 2Nuclei 1PoC 5 | ред ос (80) · ред база данных (6) | — | |
| 9 | go | 83 | 6 | 1 | 1 | KEV 1Nuclei 1PoC 12 | code.gitea.io/gitea (9) · github.com/mattermost/mattermost/server/v8 (8) · github.com/mattermost/mattermost (5) | — | |
| 10 | ао «ивк» | 77 | 4 | · | · | PoC 1 | альт сп 10 (64) · альт 8 сп (38) | — | |
| 11 | npm | 75 | 9 | 2 | 3 | KEV 2Nuclei 3PoC 19 | n8n (5) · @vitejs/plugin-rsc (5) · react-server-dom-webpack (4) | — | |
| 12 | code-projects | 74 | · | · | · | PoC 71 | student file management system (13) · refugee food management system (12) · simple stock system (6) | — | |
| 13 | pypi | 74 | 8 | 1 | 1 | KEV 1Nuclei 1PoC 12 | picklescan (13) · weblate (5) · mcp-server-git (3) | — | |
| 14 | microsoft | 72 | 3 | 2 | · | KEV 2 | windows server 2025 (36) · windows 11 version 24h2 (36) · windows 11 version 25h2 (36) | — | |
| 15 | apple | 68 | 2 | 4 | · | KEV 4 | macos (65) · ios and ipados (28) · visionos (21) | — | |
| 16 | packagist | 64 | 9 | · | 1 | Nuclei 1PoC 25 | getgrav/grav (22) · feehi/feehicms (3) · thorsten/phpmyfaq (3) | — | |
| 17 | axiomthemes | 58 | · | · | 58 | NEWNuclei 58 | 777 (1) · agricola (1) · algenix (1) | — | |
| 18 | tenda | 51 | 12 | · | · | PoC 48 | wh450 firmware (21) · wh450 (21) · m3 (7) | — | |
| 19 | ао «сбертех» | 49 | 1 | · | · | PoC 4 | platform v sberlinux os server (49) | — | |
| 20 | ancorathemes | 48 | 1 | · | 47 | NEWNuclei 47 | childhope (1) · chinchilla (1) · detailx (1) | — | |
| 21 | maven | 48 | 2 | · | 3 | Nuclei 3PoC 9 | org.jenkins-ci.main:jenkins-core (5) · org.nutz:nutzboot-parent (3) · org.apache.streampark:streampark (3) | — | |
| 22 | fabian | 46 | · | · | · | PoC 44 | student file management system (13) · refugee food management system (12) · currency exchange system (4) | — | |
| 23 | ruijie | 41 | · | · | · | PoC 41 | rg-eap602 firmware (7) · x30 pro firmware (6) · rg-ew300 pro firmware (5) | — | |
| 24 | itsourcecode | 39 | · | · | · | PoC 39 | student management system (19) · online cake ordering system (7) · covid tracking system (4) | — | |
| 25 | mediatek, inc. | 30 | · | · | · | mt2718, mt6739, mt6761, mt6765, mt6768, mt6781, mt6789, mt6833, mt6835, mt6853, mt6855, mt6877, mt6878, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6899, mt6983, mt6985, mt6989, mt6991, mt8196, mt8676, mt8678, mt8792, mt8793 (7) · mt2735, mt6833, mt6833p, mt6853, mt6853t, mt6855, mt6855t, mt6873, mt6875, mt6875t, mt6877, mt6877t, mt6877tt, mt6880, mt6883, mt6885, mt6889, mt6890, mt6891, mt6893, mt8675, mt8771, mt8791, mt8791t, mt8797 (6) · mt6739, mt6761, mt6765, mt6768, mt6781, mt6789, mt6833, mt6835, mt6853, mt6855, mt6877, mt6878, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6899, mt6983, mt6985, mt6989, mt6991, mt8186, mt8188, mt8196, mt8667, mt8673, mt8676, mt8678, mt8765, mt8766, mt8768, mt8771, mt8781, mt8791t, mt8792, mt8793, mt8795t, mt8796, mt8798, mt8873, mt8883 (4) | — | ||
| 26 | unknown | 30 | 2 | · | 26 | Nuclei 26PoC 21 | handl utm grabber / tracker (2) · url shortify (2) · advance wp query search filter (2) | — | |
| 27 | angeljudesuarez | 28 | · | · | · | PoC 28 | student management system (21) · covid tracking system (4) · society management system (2) | — | |
| 28 | ibm | 28 | 1 | · | · | aspera orchestrator (4) · concert (4) · controller (4) | — | ||
| 29 | merkulove | 28 | · | · | 28 | NEWNuclei 28 | appender (1) · buttoner for elementor (1) · coder for elementor (1) | — | |
| 30 | ао "нппкт" | 27 | 3 | · | · | PoC 1 | осон основа оnyx (27) | — | |
| 31 | kentico | 26 | · | · | · | NEW | xperience (26) | — | |
| 32 | foxitsoftware | 25 | · | · | · | pdf editor (18) · pdf reader (18) · pdf editor cloud (7) | — | ||
| 33 | mailenable | 25 | · | · | · | NEW | mailenable (25) | — | |
| 34 | siemens | 23 | 1 | 1 | · | KEV 1 | ruggedcom rox rx1511 (6) · ruggedcom rox rx1500 (6) · ruggedcom rox rx5000 (6) | — | |
| 35 | apache software foundation | 22 | 4 | · | 1 | Nuclei 1PoC 2 | apache http server (5) · http server (5) · apache fineract (3) | — | |
| 36 | getgrav | 22 | 2 | · | · | NEWPoC 6 | grav (22) · grav-plugin-admin (6) | — | |
| 37 | sound4 | 22 | 9 | · | · | NEWPoC 22 | pulse firmware (21) · first firmware (21) · impact eco firmware (21) | — | |
| 38 | sound4 ltd. | 22 | 9 | · | · | NEWPoC 22 | impact/pulse/first (20) · stream (20) · bigvoice4 (20) | — | |
| 39 | nextcloud | 21 | · | · | · | PoC 1 | security-advisories (19) · nextcloud server (5) · calendar (3) | — | |
| 40 | apache | 20 | 3 | · | 1 | Nuclei 1PoC 2 | http server (5) · fineract (3) · streampark (3) | — | |
| 41 | autodesk | 20 | · | · | · | shared components (20) | — | ||
| 42 | kantar media | 20 | 8 | · | · | NEWPoC 20 | wm2 (20) | — | |
| 43 | campcodes | 19 | · | · | · | PoC 19 | supplier management system (7) · complete online beauty parlor management system (4) · online student enrollment system (2) | — | |
| 44 | advantech | 18 | 1 | · | · | NEW | wise-deviceon server (11) · webaccess/scada (5) · webaccess\/scada (5) | — | |
| 45 | churchcrm | 18 | 4 | · | · | PoC 4 | churchcrm (18) · crm (18) | — | |
| 46 | fortinet | 18 | 2 | 1 | · | KEV 1 | fortios (4) · fortiweb (3) · fortisandbox (3) | — | |
| 47 | d-link | 17 | 2 | · | 1 | Nuclei 1PoC 15 | dwr-m920 (5) · dcs-850l (1) · dcs-930l (1) | — | |
| 48 | fedora project | 17 | 1 | · | · | PoC 1 | fedora (17) · fedora epel (12) | — | |
| 49 | frappe | 17 | 3 | · | · | NEWPoC 5 | erpnext (9) · frappe (5) · learning (3) | — | |
| 50 | mozilla | 17 | 5 | · | · | firefox (16) · thunderbird (13) · firefox esr (10) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins1,423 CVE80 crit670 vendorsCVSS 7.4avideo (9) · beaver builder page builder – drag and drop website builder (4) · easyimages2.0 (4)
- Operating Systems1,379 CVE56 crit40 KEV36 vendorsCVSS 7.9linux (1450) · debian gnu/linux (264) · red hat enterprise linux (187)
- OSS Libraries550 CVE81 crit14 KEV132 vendorsCVSS 7.9imagemagick (12) · libbiosig (12) · binutils (6)
- Enterprise Software512 CVE67 crit2 KEV174 vendorsCVSS 7.5online cake ordering system (7) · nagios xi (6) · zabbix (6)
- Consumer Software346 CVE54 crit66 vendorsCVSS 8.6adobe experience manager (232) · experience manager (115) · adobe experience manager cloud service (69)
- ICS / OT / IoT310 CVE178 crit95 vendorsCVSS 8.1fl switch 2303-8sp1 (28) · fl nat 2008 (14) · fl nat 2008 firmware (14)
- Networking Infrastructure278 CVE82 crit25 KEV75 vendorsCVSS 8.1wh450 (25) · wh450 firmware (21) · 512w firmware (8)
- Mobile Apps244 CVE14 crit43 KEV14 vendorsCVSS 7.2android (164) · chrome (19) · google chrome (19)
- Hardware Firmware194 CVE203 crit3 KEV65 vendorsCVSS 8.4t8100/t9100/t8200/t8300 (11) · mt2718, mt6739, mt6761, mt6765, mt6768, mt6781, mt6789, mt6833, mt6835, mt6853, mt6855, mt6877, mt6878, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6899, mt6983, mt6985, mt6989, mt6991, mt8196, mt8676, mt8678, mt8792, mt8793 (7) · mt2735, mt6833, mt6833p, mt6853, mt6853t, mt6855, mt6855t, mt6873, mt6875, mt6875t, mt6877, mt6877t, mt6877tt, mt6880, mt6883, mt6885, mt6889, mt6890, mt6891, mt6893, mt8675, mt8771, mt8791, mt8791t, mt8797 (6)
- Communications186 CVE53 crit6 KEV61 vendorsCVSS 8.2mattermost (16) · mattermost server (10) · librechat (6)
- Cloud & SaaS172 CVE25 crit5 KEV83 vendorsCVSS 8.7security-advisories (19) · n8n (10) · nextcloud server (8)
- Security Products167 CVE39 crit3 KEV71 vendorsCVSS 7.8cmc (4) · diskboss (4) · guardian (4)
- DevTools & CI106 CVE7 crit1 KEV41 vendorsCVSS 7.3gitlab (21) · gitea (9) · weblate (6)
- AI / ML80 CVE22 crit1 KEV43 vendorsCVSS 8.7gt edge ai (4) · langflow (3) · servers (3)
- Databases26 CVE4 crit3 KEV16 vendorsCVSS 8.3kibana (6) · packetbeat (6) · mongodb (4)
- Unclassified449 CVE57 crit1 KEV300 vendorsCVSS 6.7blood bank management system (10) · drivelock (8) · mynet (7)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 6 | 1,423 | 80 | · | 670 | 1,059 | 7.4 | avideo (9) · beaver builder page builder – drag and drop website builder (4) · easyimages2.0 (4) |
| Operating Systems▸ 4 | 1,379 | 56 | 40 | 36 | 326 | 7.9 | linux (1450) · debian gnu/linux (264) · red hat enterprise linux (187) |
| OSS Libraries▸ 11 | 550 | 81 | 14 | 132 | 410 | 7.9 | imagemagick (12) · libbiosig (12) · binutils (6) |
| Enterprise Software▸ 7 | 512 | 67 | 2 | 174 | 512 | 7.5 | online cake ordering system (7) · nagios xi (6) · zabbix (6) |
| Consumer Software▸ 5 | 346 | 54 | · | 66 | 107 | 8.6 | adobe experience manager (232) · experience manager (115) · adobe experience manager cloud service (69) |
| ICS / OT / IoT▸ 6 | 310 | 178 | · | 95 | 766 | 8.1 | fl switch 2303-8sp1 (28) · fl nat 2008 (14) · fl nat 2008 firmware (14) |
| Networking Infrastructure▸ 6 | 278 | 82 | 25 | 75 | 300 | 8.1 | wh450 (25) · wh450 firmware (21) · 512w firmware (8) |
| Mobile Apps▸ 3 | 244 | 14 | 43 | 14 | 52 | 7.2 | android (164) · chrome (19) · google chrome (19) |
| Hardware Firmware▸ 5 | 194 | 203 | 3 | 65 | 885 | 8.4 | t8100/t9100/t8200/t8300 (11) · mt2718, mt6739, mt6761, mt6765, mt6768, mt6781, mt6789, mt6833, mt6835, mt6853, mt6855, mt6877, mt6878, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6899, mt6983, mt6985, mt6989, mt6991, mt8196, mt8676, mt8678, mt8792, mt8793 (7) · mt2735, mt6833, mt6833p, mt6853, mt6853t, mt6855, mt6855t, mt6873, mt6875, mt6875t, mt6877, mt6877t, mt6877tt, mt6880, mt6883, mt6885, mt6889, mt6890, mt6891, mt6893, mt8675, mt8771, mt8791, mt8791t, mt8797 (6) |
| Communications▸ 4 | 186 | 53 | 6 | 61 | 88 | 8.2 | mattermost (16) · mattermost server (10) · librechat (6) |
| Cloud & SaaS▸ 4 | 172 | 25 | 5 | 83 | 114 | 8.7 | security-advisories (19) · n8n (10) · nextcloud server (8) |
| Security Products▸ 6 | 167 | 39 | 3 | 71 | 121 | 7.8 | cmc (4) · diskboss (4) · guardian (4) |
| DevTools & CI▸ 5 | 106 | 7 | 1 | 41 | 55 | 7.3 | gitlab (21) · gitea (9) · weblate (6) |
| AI / ML▸ 5 | 80 | 22 | 1 | 43 | 53 | 8.7 | gt edge ai (4) · langflow (3) · servers (3) |
| Databases▸ 5 | 26 | 4 | 3 | 16 | 20 | 8.3 | kibana (6) · packetbeat (6) · mongodb (4) |
| Unclassified | 449 | 57 | 1 | 300 | 370 | 6.7 | blood bank management system (10) · drivelock (8) · mynet (7) |
Weakness × Sector
Which weaknesses hit which solution categories in December 2025
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
79XSS862Missing Authorization89SQL Injection74Injection352CSRF98CWE-9822Path Traversal94Code Injection78OS Command Injection284CWE-284Web & CMS Plugins4873171561091031612857832Operating Systems61211295415Enterprise Software2142186529221211020OSS Libraries5911106132926612Consumer Software109711124172136ICS / OT / IoT337161012175153Networking Infrastructure101144131566Hardware Firmware42216710154Cloud & SaaS3814541221984Security Products1863716467