month report
April 2026
Data as of Jun 11, 2026, 06:05 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
April 2026 closed with 6,440 published CVEs. 607 criticals, 31 added to CISA KEV (7 ransomware-linked). linux led volume, mostly via linux. Top weakness class — CWE-79 (620 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
6,440
— MoM— YoY
Severity mix
607 / 2,243
critical / high
KEV added
31
7 ransomware-linked
Nuclei coverage
0.7%
45 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
7.0
n=38
Within 7 days
50.0%
Within 30 days
89.5%
Days → KEV (median)
5
n=10
Weakness × Vendor
What's spreading where in April 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS89SQL Injection22Path Traversal862Missing Authorization78OS Command Injection918SSRF416Use After Free74Injection94Code Injection77Command Injectionlinux56npm8321201025264microsoft2265512microsoft corp2213562openclaw6118сообщество свободного программного обеспечения428163193google57google inc56ооо «ред софт»42621162oracle corporationoracletotolink6984
Most discussed CVEs — April 2026
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #4openclaw174 CVE
- #22praison44 CVE
- #23uutils44 CVE
- #24wireshark42 CVE
- #25wireshark foundation42 CVE
- #26churchcrm38 CVE
- #28endian34 CVE
- #31chamilo31 CVE
- #32wwbn31 CVE
- #40ci4-cms-erp22 CVE
Top vendors
Ranked by distinct CVE count this period.
- 379 CVE29 critCVSS 6.8KEV 1linux (379) · linux kernel (374)
- 309 CVEopenclaw (204) · flowise (24) · flowise-components (11)
- 185 CVE15 critCVSS 7.2KEV 3windows server 2025 (server core installation) (121) · windows server 2025 (121) · windows server 2022, 23h2 edition (server core installation) (119)
- 174 CVE2 critCVSS 6.3NEWopenclaw (174)
- 147 CVE9 critCVSS 7.5KEV 1chrome (145) · google chrome (85) · android (2)
- 102 CVE5 critCVSS 5.9mysql server (25) · jdk (9) · oracle java se (9)
- 94 CVE63 critCVSS 8.8a7100ru (40) · a8000ru (24) · a3300r firmware (21)
- 91 CVECVSS 5.8simple laundry system (14) · vehicle showroom management system (12) · simple it discussion forum (10)
- 87 CVE6 critCVSS 8.4f456 (27) · f456 firmware (22) · f451 (18)
- 86 CVE11 critCVSS 7.3KEV 1Nuclei 4apache airflow (14) · apache tomcat (10) · apache thrift (8)
- 84 CVE11 critCVSS 7.3KEV 1Nuclei 4airflow (15) · tomcat (10) · camel (9)
- 73 CVE3 critCVSS 6.6KEV 1Nuclei 1red hat enterprise linux 9 (38) · red hat enterprise linux 8 (37) · red hat enterprise linux 7 (32)
- 62 CVEgithub.com/lin-snow/ech0 (7) · github.com/patrickhener/goshs/v2 (6) · github.com/kyverno/kyverno (6)
- 59 CVEpraisonai (8) · praisonaiagents (7) · openssl-encrypt (5)
- 57 CVE7 critCVSS 7.3KEV 1framemaker (11) · adobe framemaker (11) · adobe indesign (9)
- 57 CVEwwbn/avideo (20) · froxlor/froxlor (6) · pocketmine/pocketmine-mp (5)
- 54 CVECVSS 5.6pizzafy ecommerce system (21) · pharmacy sales and inventory system (20) · record management system (2)
- 52 CVE1 critCVSS 6.9di-8003 firmware (28) · di-8003 (25) · dir-605l firmware (6)
- 52 CVE8 critCVSS 7.6firefox (51) · thunderbird (50) · firefox esr (3)
- 48 CVE1 critCVSS 6.3verify identity access (10) · verify identity access container (10) · security verify access container (10)
- 45 CVECVSS 5.7data domain operating system (27) · powerprotect data domain (24) · powerprotect dp series appliance (17)
- 44 CVE14 critCVSS 8.1NEWpraisonai (38) · praisonaiagents (13)
- 44 CVECVSS 4.9NEWcoreutils (44)
- 42 CVECVSS 5.7NEWwireshark (42)
- 42 CVECVSS 5.7NEWwireshark (42)
- 38 CVE4 critCVSS 7.9NEWNuclei 1crm (38) · churchcrm (29)
- 38 CVE5 critCVSS 8.1exynos 980 firmware (11) · exynos 850 firmware (11) · exynos w920 firmware (11)
- 34 CVECVSS 6.9NEWendian firewall (34) · firewall community (34)
- 33 CVE5 critCVSS 7.4Nuclei 2debian gnu/linux (10) · linux (9) · cups (5)
- 32 CVE6 critCVSS 6.6PoC 32cisco unified computing system (standalone) (10) · integrated management controller (10) · enterprise nfv infrastructure software (9)
- 31 CVE3 critCVSS 7.2NEWchamilo lms (31) · chamilo-lms (31)
- 31 CVE3 critCVSS 6.6NEWavideo (31)
- 28 CVE3 critCVSS 6.2KEV 1Nuclei 2fortisoar (8) · fortisoar paas (8) · fortisoar on-premise (8)
- 27 CVE1 critCVSS 6.9PoC 27junos os (19) · junos os evolved (9) · jsi lwc (2)
- 26 CVE1 critCVSS 6.0KEV 1spring boot (8) · spring security (6) · spring ai (5)
- 24 CVE3 critCVSS 6.1KEV 1Nuclei 2fortisoar on-premise (7) · fortisoar paas (7) · fortisandbox (6)
- 24 CVE4 critCVSS 7.1construction management system (12) · online student enrollment system (4) · online enrollment system (2)
- 23 CVE1 critCVSS 6.2dir-605l (6) · dir-513 (3) · dns-321 (2)
- 23 CVE5 critCVSS 7.2wolfssl (22) · wolfssh (1)
- 22 CVE11 critCVSS 7.9NEWci4ms (22)
- 22 CVE4 critCVSS 7.0NEWfreescout (22)
- 22 CVECVSS 5.8gitlab (22)
- 22 CVECVSS 5.3NEWdnsdist (11) · recursor (9) · authoritative (6)
- 21 CVECVSS 7.1NEWKEV 1athena odbc (6) · amazon athena odbc driver (6) · freertos-plus-tcp (5)
- 20 CVE1 critCVSS 5.7harmonyos (20) · emui (5)
- 20 CVE1 critCVSS 6.1NEWspring boot (8) · spring security (6) · spring ai (4)
- 19 CVE6 critCVSS 8.5NEWflowise (19) · flowise-components (6)
- 19 CVECVSS 6.7PoC 19junos (17) · junos os evolved (8)
- 19 CVECVSS 6.1online shopping portal project (9) · news portal project (4) · online course registration (2)
- 18 CVE1 critCVSS 7.1NEWfreertos-plus-tcp (5) · tough (3) · tuftool (3)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | linux | 379 | 29 | 1 | · | KEV 1 | linux (379) · linux kernel (374) | — | |
| 2 | npm | 309 | · | · | · | openclaw (204) · flowise (24) · flowise-components (11) | — | ||
| 3 | microsoft | 185 | 15 | 3 | · | KEV 3 | windows server 2025 (server core installation) (121) · windows server 2025 (121) · windows server 2022, 23h2 edition (server core installation) (119) | — | |
| 4 | openclaw | 174 | 2 | · | · | NEW | openclaw (174) | — | |
| 5 | 147 | 9 | 1 | · | KEV 1 | chrome (145) · google chrome (85) · android (2) | — | ||
| 6 | oracle | 102 | 5 | · | · | mysql server (25) · jdk (9) · oracle java se (9) | — | ||
| 7 | totolink | 94 | 63 | · | · | a7100ru (40) · a8000ru (24) · a3300r firmware (21) | — | ||
| 8 | code-projects | 91 | · | · | · | simple laundry system (14) · vehicle showroom management system (12) · simple it discussion forum (10) | — | ||
| 9 | tenda | 87 | 6 | · | · | f456 (27) · f456 firmware (22) · f451 (18) | — | ||
| 10 | apache software foundation | 86 | 11 | 1 | 4 | KEV 1Nuclei 4 | apache airflow (14) · apache tomcat (10) · apache thrift (8) | — | |
| 11 | apache | 84 | 11 | 1 | 4 | KEV 1Nuclei 4 | airflow (15) · tomcat (10) · camel (9) | — | |
| 12 | redhat | 73 | 3 | 1 | 1 | KEV 1Nuclei 1 | red hat enterprise linux 9 (38) · red hat enterprise linux 8 (37) · red hat enterprise linux 7 (32) | — | |
| 13 | go | 62 | · | · | · | github.com/lin-snow/ech0 (7) · github.com/patrickhener/goshs/v2 (6) · github.com/kyverno/kyverno (6) | — | ||
| 14 | pypi | 59 | · | · | · | praisonai (8) · praisonaiagents (7) · openssl-encrypt (5) | — | ||
| 15 | adobe | 57 | 7 | 1 | · | KEV 1 | framemaker (11) · adobe framemaker (11) · adobe indesign (9) | — | |
| 16 | packagist | 57 | · | · | · | wwbn/avideo (20) · froxlor/froxlor (6) · pocketmine/pocketmine-mp (5) | — | ||
| 17 | sourcecodester | 54 | · | · | · | pizzafy ecommerce system (21) · pharmacy sales and inventory system (20) · record management system (2) | — | ||
| 18 | dlink | 52 | 1 | · | · | di-8003 firmware (28) · di-8003 (25) · dir-605l firmware (6) | — | ||
| 19 | mozilla | 52 | 8 | · | · | firefox (51) · thunderbird (50) · firefox esr (3) | — | ||
| 20 | ibm | 48 | 1 | · | · | verify identity access (10) · verify identity access container (10) · security verify access container (10) | — | ||
| 21 | dell | 45 | · | · | · | data domain operating system (27) · powerprotect data domain (24) · powerprotect dp series appliance (17) | — | ||
| 22 | praison | 44 | 14 | · | · | NEW | praisonai (38) · praisonaiagents (13) | — | |
| 23 | uutils | 44 | · | · | · | NEW | coreutils (44) | — | |
| 24 | wireshark | 42 | · | · | · | NEW | wireshark (42) | — | |
| 25 | wireshark foundation | 42 | · | · | · | NEW | wireshark (42) | — | |
| 26 | churchcrm | 38 | 4 | · | 1 | NEWNuclei 1 | crm (38) · churchcrm (29) | — | |
| 27 | samsung | 38 | 5 | · | · | exynos 980 firmware (11) · exynos 850 firmware (11) · exynos w920 firmware (11) | — | ||
| 28 | endian | 34 | · | · | · | NEW | endian firewall (34) · firewall community (34) | — | |
| 29 | сообщество свободного программного обеспечения | 33 | 5 | · | 2 | Nuclei 2 | debian gnu/linux (10) · linux (9) · cups (5) | — | |
| 30 | cisco | 32 | 6 | · | · | PoC 32 | cisco unified computing system (standalone) (10) · integrated management controller (10) · enterprise nfv infrastructure software (9) | — | |
| 31 | chamilo | 31 | 3 | · | · | NEW | chamilo lms (31) · chamilo-lms (31) | — | |
| 32 | wwbn | 31 | 3 | · | · | NEW | avideo (31) | — | |
| 33 | fortinet | 28 | 3 | 1 | 2 | KEV 1Nuclei 2 | fortisoar (8) · fortisoar paas (8) · fortisoar on-premise (8) | — | |
| 34 | juniper networks | 27 | 1 | · | · | PoC 27 | junos os (19) · junos os evolved (9) · jsi lwc (2) | — | |
| 35 | vmware | 26 | 1 | 1 | · | KEV 1 | spring boot (8) · spring security (6) · spring ai (5) | — | |
| 36 | fortinet inc. | 24 | 3 | 1 | 2 | KEV 1Nuclei 2 | fortisoar on-premise (7) · fortisoar paas (7) · fortisandbox (6) | — | |
| 37 | itsourcecode | 24 | 4 | · | · | construction management system (12) · online student enrollment system (4) · online enrollment system (2) | — | ||
| 38 | d-link | 23 | 1 | · | · | dir-605l (6) · dir-513 (3) · dns-321 (2) | — | ||
| 39 | wolfssl | 23 | 5 | · | · | wolfssl (22) · wolfssh (1) | — | ||
| 40 | ci4-cms-erp | 22 | 11 | · | · | NEW | ci4ms (22) | — | |
| 41 | freescout-help-desk | 22 | 4 | · | · | NEW | freescout (22) | — | |
| 42 | gitlab | 22 | · | · | · | gitlab (22) | — | ||
| 43 | powerdns | 22 | · | · | · | NEW | dnsdist (11) · recursor (9) · authoritative (6) | — | |
| 44 | amazon | 21 | · | 1 | · | NEWKEV 1 | athena odbc (6) · amazon athena odbc driver (6) · freertos-plus-tcp (5) | — | |
| 45 | huawei | 20 | 1 | · | · | harmonyos (20) · emui (5) | — | ||
| 46 | spring | 20 | 1 | · | · | NEW | spring boot (8) · spring security (6) · spring ai (4) | — | |
| 47 | flowiseai | 19 | 6 | · | · | NEW | flowise (19) · flowise-components (6) | — | |
| 48 | juniper | 19 | · | · | · | PoC 19 | junos (17) · junos os evolved (8) | — | |
| 49 | phpgurukul | 19 | · | · | · | online shopping portal project (9) · news portal project (4) · online course registration (2) | — | ||
| 50 | aws | 18 | 1 | · | · | NEW | freertos-plus-tcp (5) · tough (3) · tuftool (3) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- OSS Libraries1,120 CVE85 crit232 vendorsCVSS 9.6coreutils (44) · electron (36) · wolfssl (23)
- Web & CMS Plugins1,025 CVE119 crit6 KEV446 vendorsCVSS 7.6pizzafy ecommerce system (21) · directus (20) · pharmacy sales and inventory system (20)
- Operating Systems761 CVE154 crit91 KEV48 vendorsCVSS 8.8linux (388) · linux kernel (374) · red hat enterprise linux 9 (38)
- Enterprise Software676 CVE99 crit7 KEV168 vendorsCVSS 8.0freescout (28) · data domain operating system (27) · powerprotect data domain (24)
- Networking Infrastructure585 CVE129 crit6 KEV83 vendorsCVSS 7.7a7100ru (40) · di-8003 firmware (28) · f456 (27)
- Security Products423 CVE35 crit1 KEV91 vendorsCVSS 7.6openclaw (174) · secure access (20) · acronis true image (4)
- AI / ML249 CVE78 crit2 KEV96 vendorsCVSS 8.8praisonai (72) · praisonaiagents (22) · flowise (19)
- Consumer Software227 CVE70 crit7 KEV63 vendorsCVSS 8.1adobe framemaker (22) · adobe connect (17) · foxit pdf editor (14)
- Mobile Apps225 CVE93 crit2 KEV11 vendorsCVSS 8.3chrome (145) · google chrome (85) · harmonyos (20)
- Cloud & SaaS216 CVE25 crit6 KEV89 vendorsCVSS 7.3vikunja (11) · budibase (7) · immich (6)
- DevTools & CI171 CVE21 crit49 vendorsCVSS 8.1wireshark (42) · radare2 (11) · proteus (8)
- Databases143 CVE29 crit21 vendorsCVSS 9.3mysql server (50) · firebird (9) · jdk (9)
- ICS / OT / IoT128 CVE121 crit52 vendorsCVSS 8.2x3050 (11) · x3500 firmware (10) · anviz cx7 firmware (9)
- Hardware Firmware96 CVE10 crit31 vendorsCVSS 7.8triton inference server (5) · coolercontrold (4) · mediatek chipset (4)
- Communications89 CVE11 crit40 vendorsCVSS 8.3secure email gateway (14) · webmail (14) · mailcow-dockerized (6)
- Unclassified396 CVE54 crit269 vendorsCVSS 6.8goshs (22) · prompts.chat (10) · devolutions server (8)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| OSS Libraries▸ 11 | 1,120 | 85 | · | 232 | 526 | 9.6 | coreutils (44) · electron (36) · wolfssl (23) |
| Web & CMS Plugins▸ 6 | 1,025 | 119 | 6 | 446 | 667 | 7.6 | pizzafy ecommerce system (21) · directus (20) · pharmacy sales and inventory system (20) |
| Operating Systems▸ 5 | 761 | 154 | 91 | 48 | 405 | 8.8 | linux (388) · linux kernel (374) · red hat enterprise linux 9 (38) |
| Enterprise Software▸ 7 | 676 | 99 | 7 | 168 | 470 | 8.0 | freescout (28) · data domain operating system (27) · powerprotect data domain (24) |
| Networking Infrastructure▸ 6 | 585 | 129 | 6 | 83 | 299 | 7.7 | a7100ru (40) · di-8003 firmware (28) · f456 (27) |
| Security Products▸ 6 | 423 | 35 | 1 | 91 | 151 | 7.6 | openclaw (174) · secure access (20) · acronis true image (4) |
| AI / ML▸ 5 | 249 | 78 | 2 | 96 | 116 | 8.8 | praisonai (72) · praisonaiagents (22) · flowise (19) |
| Consumer Software▸ 5 | 227 | 70 | 7 | 63 | 118 | 8.1 | adobe framemaker (22) · adobe connect (17) · foxit pdf editor (14) |
| Mobile Apps▸ 3 | 225 | 93 | 2 | 11 | 44 | 8.3 | chrome (145) · google chrome (85) · harmonyos (20) |
| Cloud & SaaS▸ 5 | 216 | 25 | 6 | 89 | 139 | 7.3 | vikunja (11) · budibase (7) · immich (6) |
| DevTools & CI▸ 5 | 171 | 21 | · | 49 | 70 | 8.1 | wireshark (42) · radare2 (11) · proteus (8) |
| Databases▸ 5 | 143 | 29 | · | 21 | 101 | 9.3 | mysql server (50) · firebird (9) · jdk (9) |
| ICS / OT / IoT▸ 5 | 128 | 121 | · | 52 | 245 | 8.2 | x3050 (11) · x3500 firmware (10) · anviz cx7 firmware (9) |
| Hardware Firmware▸ 5 | 96 | 10 | · | 31 | 689 | 7.8 | triton inference server (5) · coolercontrold (4) · mediatek chipset (4) |
| Communications▸ 4 | 89 | 11 | · | 40 | 38 | 8.3 | secure email gateway (14) · webmail (14) · mailcow-dockerized (6) |
| Unclassified | 396 | 54 | · | 269 | 325 | 6.8 | goshs (22) · prompts.chat (10) · devolutions server (8) |
Weakness × Sector
Which weaknesses hit which solution categories in April 2026
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
79XSS89SQL Injection22Path Traversal862Missing Authorization78OS Command Injection918SSRF416Use After Free74Injection94Code Injection77Command InjectionOSS Libraries42179248307020153117Web & CMS Plugins2781615213275194736Operating Systems84112131113954Enterprise Software12412221362525460286Networking Infrastructure4541751061278116Consumer Software26412961086261Security Products20612297123AI / ML9104281835132612Cloud & SaaS25161316231116ICS / OT / IoT14399141