month report
March 2026
Data as of Jun 11, 2026, 06:05 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
March 2026 closed with 6,821 published CVEs. 685 criticals, 26 added to CISA KEV (1 ransomware-linked). npm led volume, mostly via openclaw. Top weakness class — CWE-79 (765 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
6,821
— MoM— YoY
Severity mix
685 / 2,518
critical / high
KEV added
26
1 ransomware-linked
Nuclei coverage
4.0%
273 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
1.6
n=262
Within 7 days
90.8%
Within 30 days
95.4%
Days → KEV (median)
3
n=8
Weakness × Vendor
What's spreading where in March 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS89SQL Injection862Missing Authorization787Out-of-bounds Write22Path Traversal863Incorrect Authorization74Injection98CWE-9894Code Injection78OS Command Injectionnpm32618411046635сообщество свободного программного обеспечения92312128317ооо «ред софт»4517102123openclaw1120371217linux8google1537311go14361313211microsoft corp218111red hat inc.286themerex93microsoft21211pypi103383121
Most discussed CVEs — March 2026
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #2openclaw199 CVE
- #8themerex105 CVE
- #14wwbn84 CVE
- #19parse-community65 CVE
- #27open-emr44 CVE
- #28openemr44 CVE
- #30ancorathemes40 CVE
- #31chamilo38 CVE
- #32ahsanriaz26gmailcom36 CVE
- #33color36 CVE
Top vendors
Ranked by distinct CVE count this period.
- 562 CVE29 critCVSS 7.2Nuclei 5PoC 1openclaw (370) · parse-server (32) · nocodb (10)
- 199 CVE17 critCVSS 6.8NEWopenclaw (198) · voice-call (2) · nextcloud-talk (1)
- 178 CVE12 critCVSS 7.9KEV 2android (101) · chrome (75) · google chrome (61)
- 178 CVE1 critCVSS 6.2linux (178) · linux kernel (158)
- 145 CVE10 critCVSS 6.8KEV 2Nuclei 2PoC 1debian gnu/linux (54) · openclaw (36) · linux (27)
- 144 CVE7 critCVSS 7.5KEV 2microsoft edge (45) · windows 10 version 21h2 (43) · windows 10 version 22h2 (43)
- 139 CVE19 critCVSS 7.3Nuclei 4PoC 6github.com/siyuan-note/siyuan/kernel (14) · github.com/olivetin/olivetin (11) · github.com/forceu/gokapi (8)
- 105 CVE13 critCVSS 8.3NEWNuclei 54aldo (1) · alliance (1) · aqualots (1)
- 94 CVE6 critCVSS 7.0Nuclei 2PoC 2glances (10) · openssl-encrypt (5) · justhtml (4)
- 89 CVE3 critCVSS 6.0macos (79) · ios and ipados (44) · ipados (44)
- 89 CVE1 critCVSS 6.5red hat enterprise linux 9 (39) · red hat enterprise linux 8 (38) · red hat enterprise linux (35)
- 88 CVE8 critCVSS 6.8PoC 4craftcms/cms (19) · wwbn/avideo (10) · admidio/admidio (9)
- 88 CVE14 critCVSS 8.8PoC 17f453 (17) · f453 firmware (17) · w20e firmware (9)
- 84 CVE11 critCVSS 7.1NEWNuclei 1avideo (81) · avideo-encoder (3)
- 82 CVECVSS 6.1adobe experience manager (34) · experience manager (33) · magento open source (19)
- 72 CVECVSS 5.6infosphere information server (16) · sterling file gateway (7) · sterling b2b integrator (7)
- 70 CVE2 critCVSS 6.6KEV 1Nuclei 1PoC 69cisco secure firewall threat defense (ftd) software (40) · cisco secure firewall adaptive security appliance (asa) software (25) · adaptive security appliance software (24)
- 66 CVE26 critCVSS 7.5PoC 20dir-513 firmware (35) · dns-726-4 firmware (20) · dns-320l firmware (20)
- 65 CVE10 critCVSS 6.9NEWparse-server (65)
- 60 CVECVSS 6.1PoC 1sales and inventory system (20) · client database management system (4) · resort reservation system (4)
- 55 CVECVSS 5.7simple flight ticket booking system (9) · exam form submission (8) · simple laundry system (7)
- 51 CVE21 critCVSS 8.5firefox (48) · thunderbird (47) · firefox esr (15)
- 50 CVE1 critCVSS 7.3zeptoclaw (5) · aws-lc-sys (5) · vaultwarden (4)
- 48 CVECVSS 5.1discourse (48)
- 45 CVE3 critCVSS 6.3everest (18) · nats-server (13) · backstage (2)
- 44 CVECVSS 6.1PoC 6university management system (11) · free hotel reservation system (6) · payroll management system (6)
- 44 CVE4 critCVSS 7.0NEWopenemr (44)
- 44 CVE4 critCVSS 7.0NEWopenemr (44)
- 43 CVECVSS 6.3magick.net-q16-anycpu (19) · magick.net-q16-hdri-anycpu (19) · magick.net-q16-hdri-openmp-arm64 (19)
- 40 CVE3 critCVSS 8.2NEWNuclei 25grit (1) · handyman (1) · honor (1)
- 38 CVE9 critCVSS 7.5NEWPoC 15chamilo-lms (38) · chamilo lms (30)
- 36 CVE1 critCVSS 6.3NEWsales and inventory system (31) · inventory system (5)
- 36 CVECVSS 6.4NEWiccdev (36)
- 36 CVE5 critCVSS 7.3PoC 1dns-726-4 (20) · dns-320lw (20) · dns-321 (20)
- 36 CVECVSS 6.4NEWiccdev (36)
- 34 CVE3 critCVSS 6.6NEWPoC 1craft cms (23) · cms (23) · craft commerce (7)
- 34 CVECVSS 4.9mattermost (34) · mattermost server (32) · ms teams (1)
- 33 CVE8 critCVSS 6.1PoC 15pharmacy point of sale system (9) · online food ordering system (7) · simple online men\'s salon management system (4)
- 31 CVE1 critCVSS 4.5NEWaftermarket dpc (17) · aion (10) · sametime (3)
- 31 CVE1 critCVSS 4.7aftermarket cloud (17) · aion (7) · unica (3)
- 29 CVECVSS 7.9NEWNuclei 19amfissa (1) · aviana (1) · belfort (1)
- 28 CVE12 critCVSS 8.1NEWNuclei 5siyuan (28)
- 27 CVECVSS 5.8gitlab (27)
- 26 CVE11 critCVSS 8.1NEWNuclei 4siyuan (26)
- 26 CVE7 critCVSS 7.3NEWPoC 2simple food order system (10) · simple flight ticket booking system (9) · simple student alumni system (5)
- 25 CVECVSS 5.5NEWopenid connect / oauth client (3) · file access fix (deprecated) (2) · anti-spam by cleantalk (1)
- 25 CVECVSS 5.3NEWapp landing page (1) · bakes and cakes (1) · benevolent (1)
- 23 CVECVSS 5.8NEWacronis cyber protect 17 (21) · acronis cyber protect cloud agent (6) · acronis true image (1)
- 23 CVE7 critCVSS 7.2PoC 1org.keycloak:keycloak-services (2) · org.apache.livy:livy-server (2) · org.apache.iotdb:iotdb-core (2)
- 22 CVECVSS 6.1fortiweb (6) · fortianalyzer (6) · fortimanager (6)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | npm | 562 | 29 | · | 5 | Nuclei 5PoC 1 | openclaw (370) · parse-server (32) · nocodb (10) | — | |
| 2 | openclaw | 199 | 17 | · | · | NEW | openclaw (198) · voice-call (2) · nextcloud-talk (1) | — | |
| 3 | 178 | 12 | 2 | · | KEV 2 | android (101) · chrome (75) · google chrome (61) | — | ||
| 4 | linux | 178 | 1 | · | · | linux (178) · linux kernel (158) | — | ||
| 5 | сообщество свободного программного обеспечения | 145 | 10 | 2 | 2 | KEV 2Nuclei 2PoC 1 | debian gnu/linux (54) · openclaw (36) · linux (27) | — | |
| 6 | microsoft | 144 | 7 | 2 | · | KEV 2 | microsoft edge (45) · windows 10 version 21h2 (43) · windows 10 version 22h2 (43) | — | |
| 7 | go | 139 | 19 | · | 4 | Nuclei 4PoC 6 | github.com/siyuan-note/siyuan/kernel (14) · github.com/olivetin/olivetin (11) · github.com/forceu/gokapi (8) | — | |
| 8 | themerex | 105 | 13 | · | 54 | NEWNuclei 54 | aldo (1) · alliance (1) · aqualots (1) | — | |
| 9 | pypi | 94 | 6 | · | 2 | Nuclei 2PoC 2 | glances (10) · openssl-encrypt (5) · justhtml (4) | — | |
| 10 | apple | 89 | 3 | · | · | macos (79) · ios and ipados (44) · ipados (44) | — | ||
| 11 | redhat | 89 | 1 | · | · | red hat enterprise linux 9 (39) · red hat enterprise linux 8 (38) · red hat enterprise linux (35) | — | ||
| 12 | packagist | 88 | 8 | · | · | PoC 4 | craftcms/cms (19) · wwbn/avideo (10) · admidio/admidio (9) | — | |
| 13 | tenda | 88 | 14 | · | · | PoC 17 | f453 (17) · f453 firmware (17) · w20e firmware (9) | — | |
| 14 | wwbn | 84 | 11 | · | 1 | NEWNuclei 1 | avideo (81) · avideo-encoder (3) | — | |
| 15 | adobe | 82 | · | · | · | adobe experience manager (34) · experience manager (33) · magento open source (19) | — | ||
| 16 | ibm | 72 | · | · | · | infosphere information server (16) · sterling file gateway (7) · sterling b2b integrator (7) | — | ||
| 17 | cisco | 70 | 2 | 1 | 1 | KEV 1Nuclei 1PoC 69 | cisco secure firewall threat defense (ftd) software (40) · cisco secure firewall adaptive security appliance (asa) software (25) · adaptive security appliance software (24) | — | |
| 18 | dlink | 66 | 26 | · | · | PoC 20 | dir-513 firmware (35) · dns-726-4 firmware (20) · dns-320l firmware (20) | — | |
| 19 | parse-community | 65 | 10 | · | · | NEW | parse-server (65) | — | |
| 20 | sourcecodester | 60 | · | · | · | PoC 1 | sales and inventory system (20) · client database management system (4) · resort reservation system (4) | — | |
| 21 | code-projects | 55 | · | · | · | simple flight ticket booking system (9) · exam form submission (8) · simple laundry system (7) | — | ||
| 22 | mozilla | 51 | 21 | · | · | firefox (48) · thunderbird (47) · firefox esr (15) | — | ||
| 23 | crates.io | 50 | 1 | · | · | zeptoclaw (5) · aws-lc-sys (5) · vaultwarden (4) | — | ||
| 24 | discourse | 48 | · | · | · | discourse (48) | — | ||
| 25 | linuxfoundation | 45 | 3 | · | · | everest (18) · nats-server (13) · backstage (2) | — | ||
| 26 | itsourcecode | 44 | · | · | · | PoC 6 | university management system (11) · free hotel reservation system (6) · payroll management system (6) | — | |
| 27 | open-emr | 44 | 4 | · | · | NEW | openemr (44) | — | |
| 28 | openemr | 44 | 4 | · | · | NEW | openemr (44) | — | |
| 29 | nuget | 43 | · | · | · | magick.net-q16-anycpu (19) · magick.net-q16-hdri-anycpu (19) · magick.net-q16-hdri-openmp-arm64 (19) | — | ||
| 30 | ancorathemes | 40 | 3 | · | 25 | NEWNuclei 25 | grit (1) · handyman (1) · honor (1) | — | |
| 31 | chamilo | 38 | 9 | · | · | NEWPoC 15 | chamilo-lms (38) · chamilo lms (30) | — | |
| 32 | ahsanriaz26gmailcom | 36 | 1 | · | · | NEW | sales and inventory system (31) · inventory system (5) | — | |
| 33 | color | 36 | · | · | · | NEW | iccdev (36) | — | |
| 34 | d-link | 36 | 5 | · | · | PoC 1 | dns-726-4 (20) · dns-320lw (20) · dns-321 (20) | — | |
| 35 | internationalcolorconsortium | 36 | · | · | · | NEW | iccdev (36) | — | |
| 36 | craftcms | 34 | 3 | · | · | NEWPoC 1 | craft cms (23) · cms (23) · craft commerce (7) | — | |
| 37 | mattermost | 34 | · | · | · | mattermost (34) · mattermost server (32) · ms teams (1) | — | ||
| 38 | oretnom23 | 33 | 8 | · | · | PoC 15 | pharmacy point of sale system (9) · online food ordering system (7) · simple online men\'s salon management system (4) | — | |
| 39 | hcl | 31 | 1 | · | · | NEW | aftermarket dpc (17) · aion (10) · sametime (3) | — | |
| 40 | hcltech | 31 | 1 | · | · | aftermarket cloud (17) · aion (7) · unica (3) | — | ||
| 41 | mikado-themes | 29 | · | · | 19 | NEWNuclei 19 | amfissa (1) · aviana (1) · belfort (1) | — | |
| 42 | siyuan-note | 28 | 12 | · | 5 | NEWNuclei 5 | siyuan (28) | — | |
| 43 | gitlab | 27 | · | · | · | gitlab (27) | — | ||
| 44 | b3log | 26 | 11 | · | 4 | NEWNuclei 4 | siyuan (26) | — | |
| 45 | carmelo | 26 | 7 | · | · | NEWPoC 2 | simple food order system (10) · simple flight ticket booking system (9) · simple student alumni system (5) | — | |
| 46 | drupal | 25 | · | · | · | NEW | openid connect / oauth client (3) · file access fix (deprecated) (2) · anti-spam by cleantalk (1) | — | |
| 47 | raratheme | 25 | · | · | · | NEW | app landing page (1) · bakes and cakes (1) · benevolent (1) | — | |
| 48 | acronis | 23 | · | · | · | NEW | acronis cyber protect 17 (21) · acronis cyber protect cloud agent (6) · acronis true image (1) | — | |
| 49 | maven | 23 | 7 | · | · | PoC 1 | org.keycloak:keycloak-services (2) · org.apache.livy:livy-server (2) · org.apache.iotdb:iotdb-core (2) | — | |
| 50 | fortinet | 22 | · | · | · | fortiweb (6) · fortianalyzer (6) · fortimanager (6) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- OSS Libraries1,600 CVE190 crit281 vendorsCVSS 7.4openclaw (370) · parse-server (32) · undici (12)
- Web & CMS Plugins1,581 CVE169 crit562 vendorsCVSS 7.8avideo (81) · elecv2p (6) · saloon (6)
- Enterprise Software863 CVE229 crit171 vendorsCVSS 7.9oneuptime (27) · aftermarket cloud (17) · aftermarket dpc (17)
- Operating Systems598 CVE39 crit7 KEV37 vendorsCVSS 7.7linux (205) · linux kernel (158) · debian gnu/linux (54)
- Networking Infrastructure521 CVE370 crit4 KEV109 vendorsCVSS 7.8cisco secure firewall threat defense (ftd) software (40) · dir-513 firmware (35) · cisco secure firewall adaptive security appliance (asa) software (25)
- Security Products449 CVE45 crit6 KEV103 vendorsCVSS 7.2openclaw (198) · acronis cyber protect 17 (21) · acronis cyber protect cloud agent (6)
- Mobile Apps319 CVE29 crit4 KEV17 vendorsCVSS 7.6android (106) · chrome (75) · google chrome (61)
- Consumer Software305 CVE80 crit76 vendorsCVSS 8.5adobe experience manager (66) · adobe commerce (38) · experience manager (33)
- Cloud & SaaS254 CVE61 crit6 KEV105 vendorsCVSS 8.6n8n (22) · vikunja (18) · nocodb (10)
- AI / ML202 CVE44 crit4 KEV67 vendorsCVSS 8.0everest (18) · nats-server (13) · raytha (11)
- ICS / OT / IoT176 CVE108 crit61 vendorsCVSS 8.2ubr-01 mk ii (15) · ubr-02 (15) · ubr-lon (15)
- Hardware Firmware174 CVE31 crit472 KEV42 vendorsCVSS 7.6fastconnect 6900 firmware (14) · qca6595au firmware (14) · qca6696 firmware (14)
- Communications156 CVE21 crit3 KEV61 vendorsCVSS 8.7mattermost (34) · mattermost server (32) · librechat (16)
- DevTools & CI97 CVE9 crit45 vendorsCVSS 9.1gitlab (38) · gogs (6) · enterprise server (4)
- Databases61 CVE10 crit26 vendorsCVSS 7.5ibm qradar siem (4) · enterprise edition (3) · ibm planning analytics local (2)
- Unclassified508 CVE100 crit3 KEV311 vendorsCVSS 7.3siyuan (28) · blinko (20) · dnr-202l (20)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| OSS Libraries▸ 11 | 1,600 | 190 | · | 281 | 689 | 7.4 | openclaw (370) · parse-server (32) · undici (12) |
| Web & CMS Plugins▸ 6 | 1,581 | 169 | · | 562 | 1,081 | 7.8 | avideo (81) · elecv2p (6) · saloon (6) |
| Enterprise Software▸ 7 | 863 | 229 | · | 171 | 425 | 7.9 | oneuptime (27) · aftermarket cloud (17) · aftermarket dpc (17) |
| Operating Systems▸ 5 | 598 | 39 | 7 | 37 | 361 | 7.7 | linux (205) · linux kernel (158) · debian gnu/linux (54) |
| Networking Infrastructure▸ 6 | 521 | 370 | 4 | 109 | 543 | 7.8 | cisco secure firewall threat defense (ftd) software (40) · dir-513 firmware (35) · cisco secure firewall adaptive security appliance (asa) software (25) |
| Security Products▸ 6 | 449 | 45 | 6 | 103 | 175 | 7.2 | openclaw (198) · acronis cyber protect 17 (21) · acronis cyber protect cloud agent (6) |
| Mobile Apps▸ 3 | 319 | 29 | 4 | 17 | 44 | 7.6 | android (106) · chrome (75) · google chrome (61) |
| Consumer Software▸ 5 | 305 | 80 | · | 76 | 140 | 8.5 | adobe experience manager (66) · adobe commerce (38) · experience manager (33) |
| Cloud & SaaS▸ 5 | 254 | 61 | 6 | 105 | 134 | 8.6 | n8n (22) · vikunja (18) · nocodb (10) |
| AI / ML▸ 5 | 202 | 44 | 4 | 67 | 92 | 8.0 | everest (18) · nats-server (13) · raytha (11) |
| ICS / OT / IoT▸ 6 | 176 | 108 | · | 61 | 285 | 8.2 | ubr-01 mk ii (15) · ubr-02 (15) · ubr-lon (15) |
| Hardware Firmware▸ 5 | 174 | 31 | 472 | 42 | 640 | 7.6 | fastconnect 6900 firmware (14) · qca6595au firmware (14) · qca6696 firmware (14) |
| Communications▸ 4 | 156 | 21 | 3 | 61 | 71 | 8.7 | mattermost (34) · mattermost server (32) · librechat (16) |
| DevTools & CI▸ 5 | 97 | 9 | · | 45 | 49 | 9.1 | gitlab (38) · gogs (6) · enterprise server (4) |
| Databases▸ 5 | 61 | 10 | · | 26 | 45 | 7.5 | ibm qradar siem (4) · enterprise edition (3) · ibm planning analytics local (2) |
| Unclassified | 508 | 100 | 3 | 311 | 380 | 7.3 | siyuan (28) · blinko (20) · dnr-202l (20) |
Weakness × Sector
Which weaknesses hit which solution categories in March 2026
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
79XSS89SQL Injection862Missing Authorization787Out-of-bounds Write22Path Traversal863Incorrect Authorization74Injection98CWE-9894Code Injection78OS Command InjectionWeb & CMS Plugins37523422276731832167418OSS Libraries1163039531041701914366Operating Systems9877426112218Enterprise Software18516642521167733017Networking Infrastructure2563661153811132Consumer Software372877127131695Cloud & SaaS1913761916599Security Products277513618146ICS / OT / IoT1211712758411Communications875971216