month report
January 2026
Data as of Jun 11, 2026, 06:05 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
January 2026 closed with 5,244 published CVEs. 437 criticals, 17 added to CISA KEV (2 ransomware-linked). linux led volume, mostly via linux. Top weakness class — CWE-79 (627 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
5,244
— MoM— YoY
Severity mix
437 / 1,659
critical / high
KEV added
17
2 ransomware-linked
Nuclei coverage
18.6%
976 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
43.2
n=976
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
5
n=13
Detection gap
KEV pressure, no Nuclei coverage
January 2026 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 3microsoft134 CVE
Weakness × Vendor
What's spreading where in January 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS862Missing Authorization89SQL Injection74Injection20Improper Input Validation22Path Traversal787Out-of-bounds Write428CWE-428284CWE-28478OS Command Injectionlinux1сообщество свободного программного обеспечения349521ао «ивк»17npm1932611145microsoft21318microsoft corp5138ооо «ред софт»111115123red hat inc.215pypi731110131canonical ltd.11ооо «русбитех-астра»111101go631310101
Most discussed CVEs — January 2026
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #12color59 CVE
- #13internationalcolorconsortium59 CVE
- #25meddream30 CVE
- #31e-plugins23 CVE
- #33sick ag23 CVE
- #39mikado-themes21 CVE
- #40tp-link systems inc.21 CVE
- #41dormakaba20 CVE
- #44yonyou20 CVE
- #45ancorathemes19 CVE
Top vendors
Ranked by distinct CVE count this period.
- 246 CVE1 critCVSS 6.1linux (246) · linux kernel (60)
- 206 CVE14 critCVSS 6.3Nuclei 5PoC 22linux (123) · debian gnu/linux (73) · gpac (10)
- 142 CVE20 critCVSS 7.1Nuclei 4PoC 30pnpm (8) · hono (6) · renovate (6)
- 134 CVE5 critCVSS 7.0KEV 3PoC 3windows 11 25h2 (84) · windows server 2025 (84) · windows 11 24h2 (84)
- 118 CVE16 critCVSS 6.4PoC 11альт сп 10 (118) · альт 8 сп (48)
- 111 CVE4 critCVSS 6.3PoC 3red hat enterprise linux (87) · red hat enterprise linux 9 (18) · red hat enterprise linux 10 (18)
- 98 CVE6 critCVSS 6.8Nuclei 2PoC 12aiohttp (8) · fickling (5) · vllm (4)
- 85 CVE11 critCVSS 6.8Nuclei 2PoC 11github.com/go-gitea/gitea (7) · github.com/siyuan-note/siyuan/kernel (4) · github.com/axllent/mailpit (4)
- 77 CVE2 critCVSS 5.9PoC 1ubuntu (76) · juju (1)
- 66 CVE2 critCVSS 6.2PoC 1vm virtualbox (14) · oracle vm virtualbox (14) · mysql server (11)
- 66 CVE4 critCVSS 6.3PoC 9ред ос (66)
- 59 CVE1 critCVSS 7.1NEWPoC 27iccdev (59)
- 59 CVE1 critCVSS 7.1NEWPoC 27iccdev (59)
- 58 CVE6 critCVSS 6.9PoC 15bagisto/bagisto (6) · craftcms/cms (5) · mineadmin/mineadmin (4)
- 53 CVE6 critCVSS 6.9Nuclei 1PoC 7net.gleske:jervis (7) · org.keycloak:keycloak-services (4) · org.apache.solr:solr-core (2)
- 51 CVECVSS 5.9PoC 2platform v sberlinux os server (51)
- 49 CVE6 critCVSS 7.6PoC 16ax1806 firmware (11) · w30e firmware (11) · ax3 firmware (9)
- 45 CVE3 critCVSS 7.6PoC 2android (25) · chrome (12) · google chrome (12)
- 44 CVECVSS 6.5PoC 44online product reservation system (13) · online music site (12) · intern membership management system (8)
- 42 CVE3 critCVSS 7.5PoC 9w30e v2 (11) · tenda w30e (11) · tenda ax1806 (8)
- 39 CVECVSS 6.2db2 for linux, unix and windows (18) · db2 (18) · applinx (6)
- 35 CVE2 critCVSS 6.0quts hero (25) · qts (25) · hybrid backup sync (2)
- 32 CVE4 critCVSS 7.3PoC 7rustfs (5) · sm2 (3) · gix-date (2)
- 32 CVE4 critCVSS 7.2PoC 31online product reservation system (13) · online music site (12) · mobile shop management system (4)
- 30 CVE1 critCVSS 6.3NEWPoC 23pacs server (29) · meddream pacs premium (29) · meddream pacs server (1)
- 28 CVECVSS 7.0mediatek chipset (28)
- 25 CVECVSS 7.3substance3d - modeler (6) · adobe substance 3d modeler (6) · substance 3d modeler (6)
- 24 CVECVSS 5.9elastic cloud storage (5) · objectscale (5) · powerscale onefs (4)
- 24 CVE1 critCVSS 7.1PoC 24junos os (20) · junos os evolved (9) · junos (7)
- 24 CVE1 critCVSS 6.3PoC 7everest (11) · rekor (2) · backstage (2)
- 23 CVECVSS 7.6NEWNuclei 23hospital doctor directory (3) · hotel listing (3) · institutions directory (3)
- 23 CVECVSS 6.6PoC 23junos (20) · junos os evolved (9) · junos space (1)
- 23 CVE2 critCVSS 6.0NEWtdc-x401gl (13) · incoming goods suite (10) · sick tdc-x401gl (2)
- 22 CVE3 critCVSS 7.3PoC 1nimble (4) · nuttx (2) · solr (2)
- 22 CVE3 critCVSS 7.6PoC 1apache mynewt nimble (4) · apache airflow (2) · apache solr (2)
- 22 CVE1 critCVSS 7.1arubaos (aos) (12) · edgeconnect sd-wan orchestrator (5) · hpe aruba networking fabric composer (2)
- 22 CVECVSS 6.8wsa8845 firmware (20) · fastconnect 7800 firmware (20) · wsa8845h firmware (20)
- 22 CVECVSS 7.1snapdragon (22)
- 21 CVECVSS 5.9NEWNuclei 21curly (2) · dolcino (1) · fiorello (1)
- 21 CVECVSS 7.2NEWPoC 2vx800v v1.0 (5) · tapo c220 v1 (3) · omada controller (3)
- 20 CVECVSS 8.8NEWaccess manager 92xx-k5 (10) · access manager 92xx-k7 (8) · kaba exos 9300 (7)
- 20 CVE4 critCVSS 6.4PoC 18news portal (6) · cyber cafe management system (4) · online course registration (3)
- 20 CVE4 critCVSS 6.5sap fiori app (intercompany balance reconciliation) (6) · nw as java ume user mapping (1) · sap application server for abap and sap netweaver rfcsdk (1)
- 20 CVECVSS 7.3NEWPoC 14ksoa (20)
- 19 CVECVSS 8.1NEWNuclei 19diveit (1) · hobo (1) · indoor plants (1)
- 19 CVE15 critCVSS 9.0KEV 1Nuclei 1PoC 11freerdp (17) · gnutls (1) · inetutils (1)
- 19 CVE4 critCVSS 7.7firefox (18) · thunderbird (17) · firefox esr (6)
- 19 CVECVSS 7.4PoC 18lr350 firmware (6) · lr350 (6) · a7000r (4)
- 19 CVE1 critCVSS 8.9NEWPoC 17进取 520w (14) · 520w firmware (14) · 512w firmware (4)
- 18 CVE5 critCVSS 8.8NEW8180 ip audio alerter (18)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | linux | 246 | 1 | · | · | linux (246) · linux kernel (60) | — | ||
| 2 | сообщество свободного программного обеспечения | 206 | 14 | · | 5 | Nuclei 5PoC 22 | linux (123) · debian gnu/linux (73) · gpac (10) | — | |
| 3 | npm | 142 | 20 | · | 4 | Nuclei 4PoC 30 | pnpm (8) · hono (6) · renovate (6) | — | |
| 4 | microsoft | 134 | 5 | 3 | · | KEV 3PoC 3 | windows 11 25h2 (84) · windows server 2025 (84) · windows 11 24h2 (84) | — | |
| 5 | ао «ивк» | 118 | 16 | · | · | PoC 11 | альт сп 10 (118) · альт 8 сп (48) | — | |
| 6 | redhat | 111 | 4 | · | · | PoC 3 | red hat enterprise linux (87) · red hat enterprise linux 9 (18) · red hat enterprise linux 10 (18) | — | |
| 7 | pypi | 98 | 6 | · | 2 | Nuclei 2PoC 12 | aiohttp (8) · fickling (5) · vllm (4) | — | |
| 8 | go | 85 | 11 | · | 2 | Nuclei 2PoC 11 | github.com/go-gitea/gitea (7) · github.com/siyuan-note/siyuan/kernel (4) · github.com/axllent/mailpit (4) | — | |
| 9 | canonical | 77 | 2 | · | · | PoC 1 | ubuntu (76) · juju (1) | — | |
| 10 | oracle | 66 | 2 | · | · | PoC 1 | vm virtualbox (14) · oracle vm virtualbox (14) · mysql server (11) | — | |
| 11 | ооо «ред софт» | 66 | 4 | · | · | PoC 9 | ред ос (66) | — | |
| 12 | color | 59 | 1 | · | · | NEWPoC 27 | iccdev (59) | — | |
| 13 | internationalcolorconsortium | 59 | 1 | · | · | NEWPoC 27 | iccdev (59) | — | |
| 14 | packagist | 58 | 6 | · | · | PoC 15 | bagisto/bagisto (6) · craftcms/cms (5) · mineadmin/mineadmin (4) | — | |
| 15 | maven | 53 | 6 | · | 1 | Nuclei 1PoC 7 | net.gleske:jervis (7) · org.keycloak:keycloak-services (4) · org.apache.solr:solr-core (2) | — | |
| 16 | ао «сбертех» | 51 | · | · | · | PoC 2 | platform v sberlinux os server (51) | — | |
| 17 | tenda | 49 | 6 | · | · | PoC 16 | ax1806 firmware (11) · w30e firmware (11) · ax3 firmware (9) | — | |
| 18 | 45 | 3 | · | · | PoC 2 | android (25) · chrome (12) · google chrome (12) | — | ||
| 19 | code-projects | 44 | · | · | · | PoC 44 | online product reservation system (13) · online music site (12) · intern membership management system (8) | — | |
| 20 | shenzhen tenda technology co., ltd. | 42 | 3 | · | · | PoC 9 | w30e v2 (11) · tenda w30e (11) · tenda ax1806 (8) | — | |
| 21 | ibm | 39 | · | · | · | db2 for linux, unix and windows (18) · db2 (18) · applinx (6) | — | ||
| 22 | qnap | 35 | 2 | · | · | quts hero (25) · qts (25) · hybrid backup sync (2) | — | ||
| 23 | crates.io | 32 | 4 | · | · | PoC 7 | rustfs (5) · sm2 (3) · gix-date (2) | — | |
| 24 | fabian | 32 | 4 | · | · | PoC 31 | online product reservation system (13) · online music site (12) · mobile shop management system (4) | — | |
| 25 | meddream | 30 | 1 | · | · | NEWPoC 23 | pacs server (29) · meddream pacs premium (29) · meddream pacs server (1) | — | |
| 26 | mediatek, inc. | 28 | · | · | · | mediatek chipset (28) | — | ||
| 27 | adobe | 25 | · | · | · | substance3d - modeler (6) · adobe substance 3d modeler (6) · substance 3d modeler (6) | — | ||
| 28 | dell | 24 | · | · | · | elastic cloud storage (5) · objectscale (5) · powerscale onefs (4) | — | ||
| 29 | juniper networks | 24 | 1 | · | · | PoC 24 | junos os (20) · junos os evolved (9) · junos (7) | — | |
| 30 | linuxfoundation | 24 | 1 | · | · | PoC 7 | everest (11) · rekor (2) · backstage (2) | — | |
| 31 | e-plugins | 23 | · | · | 23 | NEWNuclei 23 | hospital doctor directory (3) · hotel listing (3) · institutions directory (3) | — | |
| 32 | juniper | 23 | · | · | · | PoC 23 | junos (20) · junos os evolved (9) · junos space (1) | — | |
| 33 | sick ag | 23 | 2 | · | · | NEW | tdc-x401gl (13) · incoming goods suite (10) · sick tdc-x401gl (2) | — | |
| 34 | apache | 22 | 3 | · | · | PoC 1 | nimble (4) · nuttx (2) · solr (2) | — | |
| 35 | apache software foundation | 22 | 3 | · | · | PoC 1 | apache mynewt nimble (4) · apache airflow (2) · apache solr (2) | — | |
| 36 | hpe | 22 | 1 | · | · | arubaos (aos) (12) · edgeconnect sd-wan orchestrator (5) · hpe aruba networking fabric composer (2) | — | ||
| 37 | qualcomm | 22 | · | · | · | wsa8845 firmware (20) · fastconnect 7800 firmware (20) · wsa8845h firmware (20) | — | ||
| 38 | qualcomm, inc. | 22 | · | · | · | snapdragon (22) | — | ||
| 39 | mikado-themes | 21 | · | · | 21 | NEWNuclei 21 | curly (2) · dolcino (1) · fiorello (1) | — | |
| 40 | tp-link systems inc. | 21 | · | · | · | NEWPoC 2 | vx800v v1.0 (5) · tapo c220 v1 (3) · omada controller (3) | — | |
| 41 | dormakaba | 20 | · | · | · | NEW | access manager 92xx-k5 (10) · access manager 92xx-k7 (8) · kaba exos 9300 (7) | — | |
| 42 | phpgurukul | 20 | 4 | · | · | PoC 18 | news portal (6) · cyber cafe management system (4) · online course registration (3) | — | |
| 43 | sap_se | 20 | 4 | · | · | sap fiori app (intercompany balance reconciliation) (6) · nw as java ume user mapping (1) · sap application server for abap and sap netweaver rfcsdk (1) | — | ||
| 44 | yonyou | 20 | · | · | · | NEWPoC 14 | ksoa (20) | — | |
| 45 | ancorathemes | 19 | · | · | 19 | NEWNuclei 19 | diveit (1) · hobo (1) · indoor plants (1) | — | |
| 46 | free software foundation, inc. | 19 | 15 | 1 | 1 | KEV 1Nuclei 1PoC 11 | freerdp (17) · gnutls (1) · inetutils (1) | — | |
| 47 | mozilla | 19 | 4 | · | · | firefox (18) · thunderbird (17) · firefox esr (6) | — | ||
| 48 | totolink | 19 | · | · | · | PoC 18 | lr350 firmware (6) · lr350 (6) · a7000r (4) | — | |
| 49 | utt | 19 | 1 | · | · | NEWPoC 17 | 进取 520w (14) · 520w firmware (14) · 512w firmware (4) | — | |
| 50 | algo | 18 | 5 | · | · | NEW | 8180 ip audio alerter (18) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins1,115 CVE108 crit605 vendorsCVSS 7.5tutor lms – elearning and online course solution (5) · quiz and survey master (4) · all-in-one video gallery (3)
- OSS Libraries842 CVE131 crit2 KEV190 vendorsCVSS 7.6iccdev (118) · freerdp (34) · openssl (24)
- Operating Systems636 CVE96 crit70 KEV42 vendorsCVSS 7.5linux (369) · альт сп 10 (118) · red hat enterprise linux (87)
- Enterprise Software494 CVE180 crit6 KEV166 vendorsCVSS 8.8db2 (18) · db2 for linux, unix and windows (18) · aion (14)
- Networking Infrastructure313 CVE48 crit15 KEV86 vendorsCVSS 8.0junos (27) · junos os evolved (21) · junos os (20)
- ICS / OT / IoT241 CVE59 crit79 vendorsCVSS 8.5incoming goods suite (13) · tdc-x401gl (13) · tdc-x401gl firmware (13)
- Hardware Firmware235 CVE442 crit57 vendorsCVSS 9.6fastconnect 7800 firmware (20) · wsa8840 firmware (20) · wsa8845 firmware (20)
- Security Products149 CVE24 crit10 KEV72 vendorsCVSS 7.8wireshark (8) · suricata (7) · fickling (5)
- Consumer Software147 CVE29 crit70 vendorsCVSS 8.8adobe substance 3d modeler (6) · substance 3d modeler (6) · substance3d - modeler (6)
- Cloud & SaaS140 CVE40 crit81 vendorsCVSS 7.9n8n (10) · qoca aim ai medical cloud platform (6) · appsmith (4)
- AI / ML113 CVE20 crit56 vendorsCVSS 9.8oneflow (18) · everest (11) · backstage (2)
- Mobile Apps100 CVE27 crit12 vendorsCVSS 8.7android (33) · harmonyos (16) · chrome (12)
- DevTools & CI100 CVE27 crit42 vendorsCVSS 8.3orval (8) · malcontent (4) · on-prem enterprise server (4)
- Databases89 CVE10 crit16 vendorsCVSS 7.4mysql server (32) · vm virtualbox (28) · oracle vm virtualbox (14)
- Communications70 CVE23 crit5 KEV38 vendorsCVSS 8.7mastodon (12) · librechat (8) · agora-project (4)
- Unclassified487 CVE104 crit318 vendorsCVSS 7.2utt 520w (14) · cryptolib (10) · prime (8)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 6 | 1,115 | 108 | · | 605 | 892 | 7.5 | tutor lms – elearning and online course solution (5) · quiz and survey master (4) · all-in-one video gallery (3) |
| OSS Libraries▸ 10 | 842 | 131 | 2 | 190 | 984 | 7.6 | iccdev (118) · freerdp (34) · openssl (24) |
| Operating Systems▸ 5 | 636 | 96 | 70 | 42 | 335 | 7.5 | linux (369) · альт сп 10 (118) · red hat enterprise linux (87) |
| Enterprise Software▸ 7 | 494 | 180 | 6 | 166 | 424 | 8.8 | db2 (18) · db2 for linux, unix and windows (18) · aion (14) |
| Networking Infrastructure▸ 6 | 313 | 48 | 15 | 86 | 445 | 8.0 | junos (27) · junos os evolved (21) · junos os (20) |
| ICS / OT / IoT▸ 6 | 241 | 59 | · | 79 | 387 | 8.5 | incoming goods suite (13) · tdc-x401gl (13) · tdc-x401gl firmware (13) |
| Hardware Firmware▸ 5 | 235 | 442 | · | 57 | 730 | 9.6 | fastconnect 7800 firmware (20) · wsa8840 firmware (20) · wsa8845 firmware (20) |
| Security Products▸ 6 | 149 | 24 | 10 | 72 | 107 | 7.8 | wireshark (8) · suricata (7) · fickling (5) |
| Consumer Software▸ 5 | 147 | 29 | · | 70 | 115 | 8.8 | adobe substance 3d modeler (6) · substance 3d modeler (6) · substance3d - modeler (6) |
| Cloud & SaaS▸ 5 | 140 | 40 | · | 81 | 84 | 7.9 | n8n (10) · qoca aim ai medical cloud platform (6) · appsmith (4) |
| AI / ML▸ 5 | 113 | 20 | · | 56 | 65 | 9.8 | oneflow (18) · everest (11) · backstage (2) |
| Mobile Apps▸ 3 | 100 | 27 | · | 12 | 53 | 8.7 | android (33) · harmonyos (16) · chrome (12) |
| DevTools & CI▸ 5 | 100 | 27 | · | 42 | 52 | 8.3 | orval (8) · malcontent (4) · on-prem enterprise server (4) |
| Databases▸ 4 | 89 | 10 | · | 16 | 88 | 7.4 | mysql server (32) · vm virtualbox (28) · oracle vm virtualbox (14) |
| Communications▸ 4 | 70 | 23 | 5 | 38 | 51 | 8.7 | mastodon (12) · librechat (8) · agora-project (4) |
| Unclassified | 487 | 104 | · | 318 | 361 | 7.2 | utt 520w (14) · cryptolib (10) · prime (8) |
Weakness × Sector
Which weaknesses hit which solution categories in January 2026
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
79XSS862Missing Authorization89SQL Injection74Injection20Improper Input Validation22Path Traversal787Out-of-bounds Write428CWE-428284CWE-28478OS Command InjectionWeb & CMS Plugins34023510748113426264OSS Libraries611423668453723013Operating Systems622110833163Enterprise Software832390561013392011ICS / OT / IoT475714655525Networking Infrastructure1716201411316516Hardware Firmware46572816421Consumer Software284128811222443Cloud & SaaS181445624712Security Products66454571328