month report
February 2026
Data as of Jun 11, 2026, 06:05 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
February 2026 closed with 4,931 published CVEs. 495 criticals, 28 added to CISA KEV (2 ransomware-linked). npm led volume, mostly via openclaw. Top weakness class — CWE-79 (678 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
4,931
— MoM— YoY
Severity mix
495 / 1,621
critical / high
KEV added
28
2 ransomware-linked
Nuclei coverage
14.3%
704 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
15.7
n=704
Within 7 days
0.3%
Within 30 days
87.1%
Days → KEV (median)
4
n=19
Weakness × Vendor
What's spreading where in February 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS862Missing Authorization89SQL Injection22Path Traversal78OS Command Injection119Memory Buffer Bounds74Injection121CWE-12194Code Injection787Out-of-bounds Writenpm23541416917linux1go91012061pypi14261012171ооо «ред софт»9145211227packagist37315214сообщество свободного программного обеспечения112210411318apple18122microsoft corp239microsoft1137ооо «русбитех-астра»118ibm411
Most discussed CVEs — February 2026
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #16wikimedia foundation47 CVE
- #22tanium40 CVE
- #26openclaw35 CVE
- #27imagemagick34 CVE
- #28tp-link systems inc.30 CVE
- #29comodo29 CVE
- #30nsasoft29 CVE
- #36open-emr27 CVE
- #37openemr27 CVE
- #44copeland23 CVE
Top vendors
Ranked by distinct CVE count this period.
- 227 CVE48 critCVSS 7.4Nuclei 3PoC 27openclaw (42) · n8n (24) · fuxa-server (12)
- 220 CVE1 critCVSS 7.0linux (220) · linux kernel (21)
- 143 CVE20 critCVSS 6.9Nuclei 1PoC 16gogs.io/gogs (12) · github.com/mattermost/mattermost-server (6) · code.vikunja.io/api (6)
- 126 CVE20 critCVSS 6.9Nuclei 4PoC 11rucio-webui (6) · pypdf (6) · django (6)
- 96 CVE4 critCVSS 6.5Nuclei 1PoC 30craftcms/cms (12) · moodle/moodle (11) · craftcms/commerce (9)
- 79 CVE6 critCVSS 7.3KEV 7PoC 4windows server 2025 (29) · windows server 2025 (server core installation) (29) · windows server 2022 23h2 (28)
- 75 CVE1 critCVSS 6.0KEV 1macos (64) · ios and ipados (50) · ipados (49)
- 57 CVE1 critCVSS 5.8concert (11) · db2 recovery expert (6) · db2 recovery expert for luw (6)
- 54 CVE44 critCVSS 9.3firefox (54) · thunderbird (51) · firefox for ios (2)
- 54 CVECVSS 8.3PoC 43f453 firmware (12) · f453 (12) · a21 firmware (6)
- 52 CVE8 critCVSS 6.8PoC 10n8n (10) · debian gnu/linux (9) · vim (8)
- 49 CVE1 critCVSS 6.4qsync central (28) · file station 5 (13) · file station (13)
- 48 CVECVSS 7.1PoC 47dwr-m960 (20) · dir-823x (13) · dir-619l (3)
- 48 CVECVSS 7.0PoC 47dwr-m960 firmware (20) · dir-823x firmware (13) · dir-823x (9)
- 48 CVE1 critCVSS 6.6Nuclei 1PoC 2ред ос (48)
- 47 CVE1 critCVSS 6.2NEWmediawiki (28) · checkuser (7) · visualeditor (2)
- 46 CVE1 critCVSS 6.0magick.net-q8-openmp-arm64 (42) · magick.net-q8-anycpu (42) · magick.net-q16-openmp-x64 (42)
- 46 CVE1 critCVSS 6.3PoC 5red hat enterprise linux 6 (19) · red hat enterprise linux 10 (18) · red hat enterprise linux 9 (18)
- 44 CVECVSS 6.9after effects (15) · adobe after effects (15) · substance3d - designer (7)
- 42 CVECVSS 6.1amd epyc™ 9005 series processors (16) · amd epyc™ embedded 9005 series processors (14) · amd ryzen™ embedded 8000 series processors (11)
- 40 CVE1 critCVSS 7.4PoC 2rustfs (4) · wasmtime (3) · pgp (3)
- 40 CVECVSS 5.7NEWthreat response (5) · tanos (5) · tanium appliance (4)
- 39 CVE5 critCVSS 6.3PoC 9org.keycloak:keycloak-services (6) · org.apache.tomcat:tomcat (2) · org.apache.tomcat.embed:tomcat-embed-core (2)
- 37 CVECVSS 6.9PoC 37school management system (9) · event management system (6) · student management system (5)
- 35 CVE4 critCVSS 7.6KEV 1PoC 1chrome (20) · google chrome (16) · android (9)
- 35 CVE2 critCVSS 6.9NEWPoC 2openclaw (35) · clawdbot (2) · @openclaw/bluebubbles (1)
- 34 CVECVSS 6.0NEWimagemagick (34)
- 30 CVE1 critCVSS 7.9NEWarcher be230 v1.2 (11) · archer ax53 v1.0 (10) · tapo c260 v1 (3)
- 29 CVECVSS 6.2NEWPoC 29comodo dome firewall (29) · dome firewall (29)
- 29 CVE1 critCVSS 7.6NEWPoC 29spotauditor (3) · nsauditor spotauditor (3) · netsharewatcher (2)
- 29 CVECVSS 7.6PoC 20f453 (5) · tenda rx3 (5) · tenda f3 (4)
- 28 CVECVSS 6.5PoC 22online reviewer system (12) · online music site (5) · contact management system (2)
- 28 CVECVSS 7.3archer be230 firmware (12) · archer ax53 firmware (10) · tapo c260 firmware (3)
- 27 CVE1 critCVSS 6.6PoC 20online reviewer system (12) · online music site (6) · contact management system (2)
- 27 CVE7 critCVSS 7.8PoC 7freerdp (27)
- 27 CVE2 critCVSS 7.1NEWPoC 8openemr (27)
- 27 CVE2 critCVSS 7.1NEWPoC 8openemr (27)
- 27 CVE2 critCVSS 6.4businessobjects business intelligence platform (4) · s4core (3) · solution tools plug-in (3)
- 27 CVE2 critCVSS 6.0sap businessobjects bi platform (2) · sap document management system (2) · sap commerce cloud (2)
- 27 CVE1 critCVSS 6.9archer be230 (10) · archer ax53 (10) · tapo c260 (3)
- 26 CVE1 critCVSS 6.0PoC 13gitlab (25) · gitlab ai gateway (1)
- 25 CVE2 critCVSS 7.1PoC 2apache airflow (5) · apache superset (5) · tomcat (3)
- 24 CVE1 critCVSS 6.9KEV 1powermax (5) · unisphere for powermax (5) · wyse management suite (4)
- 23 CVE2 critCVSS 7.7NEWcopeland xweb 300d pro (23) · copeland xweb 500b pro (23) · copeland xweb 500d pro (23)
- 23 CVE1 critCVSS 5.8NEWPoC 14craft cms (12) · cms (12) · craft commerce (10)
- 23 CVECVSS 5.8PoC 22patients waiting area queue management system (5) · student result management system (3) · simple responsive tourism website (3)
- 23 CVE1 critCVSS 6.0NEWwekan (23)
- 22 CVE2 critCVSS 7.2KEV 4PoC 21catalyst sd-wan manager (6) · cisco catalyst sd-wan manager (6) · cisco unified computing system (managed) (5)
- 22 CVECVSS 6.5NEWPoC 14free5gc (8) · smf (4) · udm (4)
- 22 CVE2 critCVSS 6.5NEWmailessentials (18) · archiver (4)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | npm | 227 | 48 | · | 3 | Nuclei 3PoC 27 | openclaw (42) · n8n (24) · fuxa-server (12) | — | |
| 2 | linux | 220 | 1 | · | · | linux (220) · linux kernel (21) | — | ||
| 3 | go | 143 | 20 | · | 1 | Nuclei 1PoC 16 | gogs.io/gogs (12) · github.com/mattermost/mattermost-server (6) · code.vikunja.io/api (6) | — | |
| 4 | pypi | 126 | 20 | · | 4 | Nuclei 4PoC 11 | rucio-webui (6) · pypdf (6) · django (6) | — | |
| 5 | packagist | 96 | 4 | · | 1 | Nuclei 1PoC 30 | craftcms/cms (12) · moodle/moodle (11) · craftcms/commerce (9) | — | |
| 6 | microsoft | 79 | 6 | 7 | · | KEV 7PoC 4 | windows server 2025 (29) · windows server 2025 (server core installation) (29) · windows server 2022 23h2 (28) | — | |
| 7 | apple | 75 | 1 | 1 | · | KEV 1 | macos (64) · ios and ipados (50) · ipados (49) | — | |
| 8 | ibm | 57 | 1 | · | · | concert (11) · db2 recovery expert (6) · db2 recovery expert for luw (6) | — | ||
| 9 | mozilla | 54 | 44 | · | · | firefox (54) · thunderbird (51) · firefox for ios (2) | — | ||
| 10 | tenda | 54 | · | · | · | PoC 43 | f453 firmware (12) · f453 (12) · a21 firmware (6) | — | |
| 11 | сообщество свободного программного обеспечения | 52 | 8 | · | · | PoC 10 | n8n (10) · debian gnu/linux (9) · vim (8) | — | |
| 12 | qnap | 49 | 1 | · | · | qsync central (28) · file station 5 (13) · file station (13) | — | ||
| 13 | d-link | 48 | · | · | · | PoC 47 | dwr-m960 (20) · dir-823x (13) · dir-619l (3) | — | |
| 14 | dlink | 48 | · | · | · | PoC 47 | dwr-m960 firmware (20) · dir-823x firmware (13) · dir-823x (9) | — | |
| 15 | ооо «ред софт» | 48 | 1 | · | 1 | Nuclei 1PoC 2 | ред ос (48) | — | |
| 16 | wikimedia foundation | 47 | 1 | · | · | NEW | mediawiki (28) · checkuser (7) · visualeditor (2) | — | |
| 17 | nuget | 46 | 1 | · | · | magick.net-q8-openmp-arm64 (42) · magick.net-q8-anycpu (42) · magick.net-q16-openmp-x64 (42) | — | ||
| 18 | redhat | 46 | 1 | · | · | PoC 5 | red hat enterprise linux 6 (19) · red hat enterprise linux 10 (18) · red hat enterprise linux 9 (18) | — | |
| 19 | adobe | 44 | · | · | · | after effects (15) · adobe after effects (15) · substance3d - designer (7) | — | ||
| 20 | amd | 42 | · | · | · | amd epyc™ 9005 series processors (16) · amd epyc™ embedded 9005 series processors (14) · amd ryzen™ embedded 8000 series processors (11) | — | ||
| 21 | crates.io | 40 | 1 | · | · | PoC 2 | rustfs (4) · wasmtime (3) · pgp (3) | — | |
| 22 | tanium | 40 | · | · | · | NEW | threat response (5) · tanos (5) · tanium appliance (4) | — | |
| 23 | maven | 39 | 5 | · | · | PoC 9 | org.keycloak:keycloak-services (6) · org.apache.tomcat:tomcat (2) · org.apache.tomcat.embed:tomcat-embed-core (2) | — | |
| 24 | itsourcecode | 37 | · | · | · | PoC 37 | school management system (9) · event management system (6) · student management system (5) | — | |
| 25 | 35 | 4 | 1 | · | KEV 1PoC 1 | chrome (20) · google chrome (16) · android (9) | — | ||
| 26 | openclaw | 35 | 2 | · | · | NEWPoC 2 | openclaw (35) · clawdbot (2) · @openclaw/bluebubbles (1) | — | |
| 27 | imagemagick | 34 | · | · | · | NEW | imagemagick (34) | — | |
| 28 | tp-link systems inc. | 30 | 1 | · | · | NEW | archer be230 v1.2 (11) · archer ax53 v1.0 (10) · tapo c260 v1 (3) | — | |
| 29 | comodo | 29 | · | · | · | NEWPoC 29 | comodo dome firewall (29) · dome firewall (29) | — | |
| 30 | nsasoft | 29 | 1 | · | · | NEWPoC 29 | spotauditor (3) · nsauditor spotauditor (3) · netsharewatcher (2) | — | |
| 31 | shenzhen tenda technology co., ltd. | 29 | · | · | · | PoC 20 | f453 (5) · tenda rx3 (5) · tenda f3 (4) | — | |
| 32 | code-projects | 28 | · | · | · | PoC 22 | online reviewer system (12) · online music site (5) · contact management system (2) | — | |
| 33 | tp-link | 28 | · | · | · | archer be230 firmware (12) · archer ax53 firmware (10) · tapo c260 firmware (3) | — | ||
| 34 | fabian | 27 | 1 | · | · | PoC 20 | online reviewer system (12) · online music site (6) · contact management system (2) | — | |
| 35 | freerdp | 27 | 7 | · | · | PoC 7 | freerdp (27) | — | |
| 36 | open-emr | 27 | 2 | · | · | NEWPoC 8 | openemr (27) | — | |
| 37 | openemr | 27 | 2 | · | · | NEWPoC 8 | openemr (27) | — | |
| 38 | sap | 27 | 2 | · | · | businessobjects business intelligence platform (4) · s4core (3) · solution tools plug-in (3) | — | ||
| 39 | sap_se | 27 | 2 | · | · | sap businessobjects bi platform (2) · sap document management system (2) · sap commerce cloud (2) | — | ||
| 40 | tp-link technologies co ltd. | 27 | 1 | · | · | archer be230 (10) · archer ax53 (10) · tapo c260 (3) | — | ||
| 41 | gitlab | 26 | 1 | · | · | PoC 13 | gitlab (25) · gitlab ai gateway (1) | — | |
| 42 | apache software foundation | 25 | 2 | · | · | PoC 2 | apache airflow (5) · apache superset (5) · tomcat (3) | — | |
| 43 | dell | 24 | 1 | 1 | · | KEV 1 | powermax (5) · unisphere for powermax (5) · wyse management suite (4) | — | |
| 44 | copeland | 23 | 2 | · | · | NEW | copeland xweb 300d pro (23) · copeland xweb 500b pro (23) · copeland xweb 500d pro (23) | — | |
| 45 | craftcms | 23 | 1 | · | · | NEWPoC 14 | craft cms (12) · cms (12) · craft commerce (10) | — | |
| 46 | sourcecodester | 23 | · | · | · | PoC 22 | patients waiting area queue management system (5) · student result management system (3) · simple responsive tourism website (3) | — | |
| 47 | wekan project | 23 | 1 | · | · | NEW | wekan (23) | — | |
| 48 | cisco | 22 | 2 | 4 | · | KEV 4PoC 21 | catalyst sd-wan manager (6) · cisco catalyst sd-wan manager (6) · cisco unified computing system (managed) (5) | — | |
| 49 | free5gc | 22 | · | · | · | NEWPoC 14 | free5gc (8) · smf (4) · udm (4) | — | |
| 50 | gfi | 22 | 2 | · | · | NEW | mailessentials (18) · archiver (4) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins1,107 CVE110 crit551 vendorsCVSS 7.5mediawiki (31) · cms (24) · open eclass platform (18)
- OSS Libraries1,015 CVE140 crit164 vendorsCVSS 8.4openclaw (42) · n8n (24) · jspdf (14)
- Enterprise Software658 CVE86 crit1 KEV197 vendorsCVSS 7.8mailessentials (18) · mailessentials ai (18) · openstamanager (18)
- Operating Systems503 CVE42 crit253 KEV27 vendorsCVSS 7.3linux (221) · ред ос (48) · linux kernel (21)
- Networking Infrastructure392 CVE117 crit15 KEV86 vendorsCVSS 7.5dwr-m960 firmware (20) · f453 (17) · dir-823x firmware (13)
- Security Products283 CVE38 crit10 KEV84 vendorsCVSS 7.3openclaw (35) · comodo dome firewall (29) · dome firewall (29)
- Hardware Firmware255 CVE23 crit1 KEV51 vendorsCVSS 7.7mediatek chipset (21) · amd epyc™ 9005 series processors (16) · amd epyc™ embedded 9005 series processors (14)
- Consumer Software220 CVE99 crit3 KEV65 vendorsCVSS 9.3adobe after effects (15) · after effects (15) · calibre (14)
- ICS / OT / IoT207 CVE143 crit67 vendorsCVSS 9.1copeland xweb 300d pro (23) · copeland xweb 500b pro (23) · copeland xweb 500d pro (23)
- Cloud & SaaS155 CVE52 crit11 KEV83 vendorsCVSS 8.2n8n (36) · ev.energy (8) · vikunja (6)
- Mobile Apps152 CVE11 crit15 KEV10 vendorsCVSS 6.8macos (78) · ipados (59) · ios and ipados (50)
- AI / ML99 CVE27 crit55 vendorsCVSS 8.4autogpt (7) · autogpt platform (6) · agentflow (5)
- DevTools & CI96 CVE13 crit40 vendorsCVSS 7.5gitlab (35) · gogs (10) · enterprise server (3)
- Communications79 CVE23 crit47 vendorsCVSS 7.5mattermost (9) · mattermost server (8) · mastodon (6)
- Databases72 CVE1 crit35 vendorsCVSS 7.5rucio (6) · indico (3) · phpmoadmin (3)
- Unclassified432 CVE78 crit276 vendorsCVSS 7.1dwr-m960 (20) · dir-823x (13) · assessment-placipy (10)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 6 | 1,107 | 110 | · | 551 | 784 | 7.5 | mediawiki (31) · cms (24) · open eclass platform (18) |
| OSS Libraries▸ 11 | 1,015 | 140 | · | 164 | 548 | 8.4 | openclaw (42) · n8n (24) · jspdf (14) |
| Enterprise Software▸ 7 | 658 | 86 | 1 | 197 | 404 | 7.8 | mailessentials (18) · mailessentials ai (18) · openstamanager (18) |
| Operating Systems▸ 4 | 503 | 42 | 253 | 27 | 265 | 7.3 | linux (221) · ред ос (48) · linux kernel (21) |
| Networking Infrastructure▸ 6 | 392 | 117 | 15 | 86 | 407 | 7.5 | dwr-m960 firmware (20) · f453 (17) · dir-823x firmware (13) |
| Security Products▸ 6 | 283 | 38 | 10 | 84 | 208 | 7.3 | openclaw (35) · comodo dome firewall (29) · dome firewall (29) |
| Hardware Firmware▸ 5 | 255 | 23 | 1 | 51 | 818 | 7.7 | mediatek chipset (21) · amd epyc™ 9005 series processors (16) · amd epyc™ embedded 9005 series processors (14) |
| Consumer Software▸ 5 | 220 | 99 | 3 | 65 | 102 | 9.3 | adobe after effects (15) · after effects (15) · calibre (14) |
| ICS / OT / IoT▸ 6 | 207 | 143 | · | 67 | 212 | 9.1 | copeland xweb 300d pro (23) · copeland xweb 500b pro (23) · copeland xweb 500d pro (23) |
| Cloud & SaaS▸ 5 | 155 | 52 | 11 | 83 | 113 | 8.2 | n8n (36) · ev.energy (8) · vikunja (6) |
| Mobile Apps▸ 3 | 152 | 11 | 15 | 10 | 40 | 6.8 | macos (78) · ipados (59) · ios and ipados (50) |
| AI / ML▸ 5 | 99 | 27 | · | 55 | 69 | 8.4 | autogpt (7) · autogpt platform (6) · agentflow (5) |
| DevTools & CI▸ 5 | 96 | 13 | · | 40 | 43 | 7.5 | gitlab (35) · gogs (10) · enterprise server (3) |
| Communications▸ 4 | 79 | 23 | · | 47 | 69 | 7.5 | mattermost (9) · mattermost server (8) · mastodon (6) |
| Databases▸ 5 | 72 | 1 | · | 35 | 42 | 7.5 | rucio (6) · indico (3) · phpmoadmin (3) |
| Unclassified | 432 | 78 | · | 276 | 312 | 7.1 | dwr-m960 (20) · dir-823x (13) · assessment-placipy (10) |
Weakness × Sector
Which weaknesses hit which solution categories in February 2026
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
79XSS862Missing Authorization89SQL Injection22Path Traversal78OS Command Injection119Memory Buffer Bounds74Injection121CWE-12194Code Injection787Out-of-bounds WriteWeb & CMS Plugins3231991285085455441OSS Libraries99283653313416123723Enterprise Software1124510227211576234Operating Systems12461741415543Networking Infrastructure463335181185537Consumer Software18252068225336ICS / OT / IoT2736103012121412Security Products431112382883Hardware Firmware811143262618Cloud & SaaS29946362