May 2026
May 2026 closed with 7,365 published CVEs — +68.9% YoY . 642 criticals, 21 added to CISA KEV (2 ransomware-linked). linux led volume, mostly via linux. Biggest breakout: google at ×7.9 their 12-month median. Top weakness class — CWE-79 (601 CVE). 10 vendors cracked the top-100 for the first time.
Time to exploit
How fast the community ships detection after a CVE drops.
KEV pressure, no Nuclei coverage
May 2026 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 3microsoft278 CVE
What's spreading where in May 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
Most discussed CVEs — May 2026
Breakout vendors
CVE count ≥3× their own 12-period median.
- 7.9×google380 CVE
- 7.9×edimax59 CVE
- 5.9×f553 CVE
- 5.1×concretecms36 CVE
- 4.7×helmholz42 CVE
- 4.7×mb connect line42 CVE
- 4.3×trendnet26 CVE
- 4.3×golang30 CVE
- 4.3×mantisbt17 CVE
- 4.1×apache software foundation87 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #21edimax technology co., ltd.46 CVE
- #22concrete cms44 CVE
- #25open ises44 CVE
- #32concretecms36 CVE
- #36netatalk33 CVE
- #45trendnet26 CVE
- #53budibase21 CVE
- #60joomla20 CVE
- #61joomla! project20 CVE
- #62trendnet inc.20 CVE
Top vendors
Ranked by distinct CVE count this period.
- 1,028 CVE43 critCVSS 6.5linux (1028) · linux kernel (1016)
- 380 CVE13 critCVSS 6.9×7.9chrome (370) · google chrome (127) · android (7)
- 278 CVE26 critCVSS 7.4KEV 3microsoft edge (110) · windows server 2025 (server core installation) (66) · windows server 2025 (66)
- 266 CVE25 critCVSS 7.2KEV 2Nuclei 11PoC 1debian gnu/linux (105) · open webui (36) · linux (36)
- 100 CVECVSS 6.8macos (91) · ipados (70) · iphone os (70)
- 95 CVE6 critCVSS 7.1Nuclei 1red hat enterprise linux (36) · red hat enterprise linux 10 (24) · red hat enterprise linux 9 (24)
- 87 CVE19 critCVSS 7.3×4.1apache ofbiz (17) · http server (11) · apache http server (11)
- 86 CVEopenclaw (33) · flowise (15) · @hulumi/policies (4)
- 84 CVECVSS 5.8astra linux special edition (84) · parsec (7) · linux astra modules (5)
- 80 CVE18 critCVSS 7.3×4.0ofbiz (17) · http server (11) · cloudstack (7)
- 75 CVE8 critCVSS 7.2openclaw (70) · crabbox (5)
- 59 CVECVSS 7.8×7.9ew-7438rpn (24) · br-6675nd (12) · br-6478ac (11)
- 59 CVE1 critCVSS 6.6Nuclei 2open-webui (59)
- 59 CVE1 critCVSS 6.6Nuclei 2open webui (59)
- 57 CVE3 critCVSS 7.0альт сп 10 (56) · альт 8 сп (30)
- 53 CVE1 critCVSS 7.0×5.9big-ip (44) · big-ip ssl orchestrator (23) · big-ip application security manager (23)
- 52 CVE2 critCVSS 6.8commerce b2b (15) · magento open source (15) · adobe commerce (15)
- 50 CVE31 critCVSS 8.8a8000ru (26) · ca750-poe (9) · n300rh (7)
- 49 CVECVSS 7.4×3.3amd ryzen™ embedded 8000 series processors (18) · amd ryzen™ 7035 series processors with radeon™ graphics (formerly codenamed "rembrandt r") (12) · amd ryzen™ 8040 series mobile processors with radeon™ graphics (formerly codenamed "hawk point") (12)
- 49 CVE6 critCVSS 6.8http server (8) · db2 (6) · aspera high-speed transfer server (4)
- 46 CVECVSS 7.9NEWedimax ew-7438rpn (19) · edimax br-6675nd (13) · edimax br-6478ac (9)
- 44 CVECVSS 7.0NEWconcrete cms (44)
- 44 CVEgix (4) · diesel (3) · lemmy_api (3)
- 44 CVE9 critCVSS 8.0firefox (43) · thunderbird (37) · firefox esr (4)
- 44 CVECVSS 6.4NEWtickets (37) · open ises project (7)
- 43 CVE1 critCVSS 9.1phpmyfaq/phpmyfaq (24) · thorsten/phpmyfaq (24) · azuracast/azuracast (3)
- 42 CVECVSS 6.6×4.7myrex24v2 (40) · myrex24v2.virtual (40) · rex100 (2)
- 42 CVECVSS 6.6×4.7mbconnect24 (40) · mymbconnect24 (40) · mbnet/mbnet.rokey (2)
- 41 CVEgithub.com/lin-snow/ech0 (7) · github.com/kong/kubernetes-ingress-controller/v3 (2) · github.com/metal3-io/ironic-standalone-operator (2)
- 38 CVECVSS 4.5×4.0open5gs (38)
- 37 CVECVSS 7.3PoC 1stigmem-node (6) · wger (4) · edumfa (3)
- 36 CVECVSS 7.0NEW×5.1concrete cms (36)
- 36 CVECVSS 5.1×3.8mattermost (36) · mattermost server (24) · mattermost desktop (2)
- 34 CVE5 critCVSS 6.9ubuntu (20) · ubuntu linux (12) · multipass (2)
- 34 CVECVSS 5.8hospitals patient records management system (6) · sup online shopping (5) · student grades management system (4)
- 33 CVE1 critCVSS 5.8NEWnetatalk (33)
- 33 CVE1 critCVSS 7.3gpu display driver (12) · geforce (12) · nvidia rtx, quadro, nvs (12)
- 32 CVECVSS 7.1hpe aruba networking wireless operating system (aos) (27) · arubaos (aos) (5)
- 32 CVE9 critCVSS 7.7rest data services (10) · oracle rest data services (10) · e-business suite (7)
- 31 CVECVSS 5.6gitlab (31)
- 30 CVE8 critCVSS 7.2×4.3crypto (13) · go (11) · net (6)
- 28 CVE4 critCVSS 7.4ред ос (28)
- 27 CVECVSS 7.1arubaos (27) · sd-wan (26)
- 27 CVE8 critCVSS 8.1×3.9KEV 2Nuclei 1PoC 27prisma access (9) · cloud ngfw (9) · pan-os (9)
- 26 CVECVSS 7.1NEW×4.3tew-432brp (20) · tew-821dap (6) · tew-821dap firmware (6)
- 25 CVECVSS 5.9gitlab (25)
- 24 CVECVSS 4.3aion (9) · bigfix service management (sm) (8) · dfxanalytics (5)
- 24 CVE8 critCVSS 8.1×3.0KEV 2Nuclei 1PoC 24pan-os (9) · prisma access agent (4) · globalprotect app (3)
- 23 CVECVSS 5.9employee management system (9) · online hospital management system (3) · online music site (2)
- 22 CVECVSS 5.9teamcity (12) · youtrack (5) · intellij idea (4)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | linux | 1,028 | 43 | · | · | linux (1028) · linux kernel (1016) | · | ||
| 2 | 380 | 13 | · | · | ×7.9 | chrome (370) · google chrome (127) · android (7) | ↑3 | ||
| 3 | microsoft | 278 | 26 | 3 | · | KEV 3 | microsoft edge (110) · windows server 2025 (server core installation) (66) · windows server 2025 (66) | · | |
| 4 | сообщество свободного программного обеспечения | 266 | 25 | 2 | 11 | KEV 2Nuclei 11PoC 1 | debian gnu/linux (105) · open webui (36) · linux (36) | ↑25 | |
| 5 | apple | 100 | · | · | · | macos (91) · ipados (70) · iphone os (70) | ↑57 | ||
| 6 | redhat | 95 | 6 | · | 1 | Nuclei 1 | red hat enterprise linux (36) · red hat enterprise linux 10 (24) · red hat enterprise linux 9 (24) | ↑6 | |
| 7 | apache software foundation | 87 | 19 | · | · | ×4.1 | apache ofbiz (17) · http server (11) · apache http server (11) | ↑3 | |
| 8 | npm | 86 | · | · | · | openclaw (33) · flowise (15) · @hulumi/policies (4) | ↓6 | ||
| 9 | ооо «русбитех-астра» | 84 | · | · | · | astra linux special edition (84) · parsec (7) · linux astra modules (5) | — | ||
| 10 | apache | 80 | 18 | · | · | ×4.0 | ofbiz (17) · http server (11) · cloudstack (7) | ↑1 | |
| 11 | openclaw | 75 | 8 | · | · | openclaw (70) · crabbox (5) | ↓7 | ||
| 12 | edimax | 59 | · | · | · | ×7.9 | ew-7438rpn (24) · br-6675nd (12) · br-6478ac (11) | — | |
| 13 | open-webui | 59 | 1 | · | 2 | Nuclei 2 | open-webui (59) | — | |
| 14 | openwebui | 59 | 1 | · | 2 | Nuclei 2 | open webui (59) | — | |
| 15 | ао «ивк» | 57 | 3 | · | · | альт сп 10 (56) · альт 8 сп (30) | — | ||
| 16 | f5 | 53 | 1 | · | · | ×5.9 | big-ip (44) · big-ip ssl orchestrator (23) · big-ip application security manager (23) | — | |
| 17 | adobe | 52 | 2 | · | · | commerce b2b (15) · magento open source (15) · adobe commerce (15) | ↓2 | ||
| 18 | totolink | 50 | 31 | · | · | a8000ru (26) · ca750-poe (9) · n300rh (7) | ↓11 | ||
| 19 | amd | 49 | · | · | · | ×3.3 | amd ryzen™ embedded 8000 series processors (18) · amd ryzen™ 7035 series processors with radeon™ graphics (formerly codenamed "rembrandt r") (12) · amd ryzen™ 8040 series mobile processors with radeon™ graphics (formerly codenamed "hawk point") (12) | — | |
| 20 | ibm | 49 | 6 | · | · | http server (8) · db2 (6) · aspera high-speed transfer server (4) | · | ||
| 21 | edimax technology co., ltd. | 46 | · | · | · | NEW | edimax ew-7438rpn (19) · edimax br-6675nd (13) · edimax br-6478ac (9) | — | |
| 22 | concrete cms | 44 | · | · | · | NEW | concrete cms (44) | — | |
| 23 | crates.io | 44 | · | · | · | gix (4) · diesel (3) · lemmy_api (3) | ↑29 | ||
| 24 | mozilla | 44 | 9 | · | · | firefox (43) · thunderbird (37) · firefox esr (4) | ↓5 | ||
| 25 | open ises | 44 | · | · | · | NEW | tickets (37) · open ises project (7) | — | |
| 26 | packagist | 43 | 1 | · | · | phpmyfaq/phpmyfaq (24) · thorsten/phpmyfaq (24) · azuracast/azuracast (3) | ↓10 | ||
| 27 | helmholz | 42 | · | · | · | ×4.7 | myrex24v2 (40) · myrex24v2.virtual (40) · rex100 (2) | — | |
| 28 | mb connect line | 42 | · | · | · | ×4.7 | mbconnect24 (40) · mymbconnect24 (40) · mbnet/mbnet.rokey (2) | — | |
| 29 | go | 41 | · | · | · | github.com/lin-snow/ech0 (7) · github.com/kong/kubernetes-ingress-controller/v3 (2) · github.com/metal3-io/ironic-standalone-operator (2) | ↓16 | ||
| 30 | open5gs | 38 | · | · | · | ×4.0 | open5gs (38) | — | |
| 31 | pypi | 37 | · | · | · | PoC 1 | stigmem-node (6) · wger (4) · edumfa (3) | ↓17 | |
| 32 | concretecms | 36 | · | · | · | NEW×5.1 | concrete cms (36) | — | |
| 33 | mattermost | 36 | · | · | · | ×3.8 | mattermost (36) · mattermost server (24) · mattermost desktop (2) | ↑113 | |
| 34 | canonical | 34 | 5 | · | · | ubuntu (20) · ubuntu linux (12) · multipass (2) | ↑17 | ||
| 35 | sourcecodester | 34 | · | · | · | hospitals patient records management system (6) · sup online shopping (5) · student grades management system (4) | ↓18 | ||
| 36 | netatalk | 33 | 1 | · | · | NEW | netatalk (33) | — | |
| 37 | nvidia | 33 | 1 | · | · | gpu display driver (12) · geforce (12) · nvidia rtx, quadro, nvs (12) | ↑34 | ||
| 38 | hpe | 32 | · | · | · | hpe aruba networking wireless operating system (aos) (27) · arubaos (aos) (5) | — | ||
| 39 | oracle | 32 | 9 | · | · | rest data services (10) · oracle rest data services (10) · e-business suite (7) | ↓33 | ||
| 40 | gitlab | 31 | · | · | · | gitlab (31) | ↑2 | ||
| 41 | golang | 30 | 8 | · | · | ×4.3 | crypto (13) · go (11) · net (6) | ↑39 | |
| 42 | ооо «ред софт» | 28 | 4 | · | · | ред ос (28) | — | ||
| 43 | arubanetworks | 27 | · | · | · | arubaos (27) · sd-wan (26) | — | ||
| 44 | palo alto networks | 27 | 8 | 2 | 1 | ×3.9KEV 2Nuclei 1PoC 27 | prisma access (9) · cloud ngfw (9) · pan-os (9) | — | |
| 45 | trendnet | 26 | · | · | · | NEW×4.3 | tew-432brp (20) · tew-821dap (6) · tew-821dap firmware (6) | ↑120 | |
| 46 | gitlab inc. | 25 | · | · | · | gitlab (25) | ↑40 | ||
| 47 | hcl | 24 | · | · | · | aion (9) · bigfix service management (sm) (8) · dfxanalytics (5) | — | ||
| 48 | paloaltonetworks | 24 | 8 | 2 | 1 | ×3.0KEV 2Nuclei 1PoC 24 | pan-os (9) · prisma access agent (4) · globalprotect app (3) | — | |
| 49 | code-projects | 23 | · | · | · | employee management system (9) · online hospital management system (3) · online music site (2) | ↓41 | ||
| 50 | jetbrains | 22 | · | · | · | teamcity (12) · youtrack (5) · intellij idea (4) | — |
Top weaknesses
CWE classes by distinct CVE count.
Sectors
Solution categories ranked by distinct CVE count this period.
- Operating Systems2,693 CVE259 crit45 KEV64 vendorsCVSS 7.4linux (1064) · debian gnu/linux (105) · astra linux special edition (84)
- OSS Libraries1,175 CVE253 crit95 KEV346 vendorsCVSS 9.1openimageio (20) · libheif (13) · netty (13)
- Web & CMS Plugins1,134 CVE122 crit20 KEV668 vendorsCVSS 7.2hape pkh (6) · gravity forms (5) · royal addons for elementor – addons and templates kit for elementor (5)
- Networking Infrastructure791 CVE353 crit202 KEV110 vendorsCVSS 7.8open5gs (38) · arubaos (27) · a8000ru (26)
- Consumer Software729 CVE77 crit27 KEV115 vendorsCVSS 7.8chrome (370) · google chrome (127) · microsoft edge (110)
- Enterprise Software591 CVE127 crit73 KEV175 vendorsCVSS 8.1tickets (47) · grafana (20) · mantisbt (17)
- Cloud & SaaS400 CVE78 crit133 vendorsCVSS 8.8budibase (21) · gotenberg (13) · n8n (12)
- Security Products343 CVE100 crit24 KEV131 vendorsCVSS 7.7misp (13) · cmc (10) · bandit (7)
- AI / ML274 CVE58 crit12 KEV97 vendorsCVSS 7.8open webui (59) · open-webui (59) · praisonai (17)
- ICS / OT / IoT226 CVE262 crit2 KEV69 vendorsCVSS 7.7mbconnect24 (40) · mymbconnect24 (40) · myrex24v2 (40)
- DevTools & CI223 CVE18 crit1 KEV71 vendorsCVSS 7.3gitlab (31) · teamcity (12) · n8n-mcp (6)
- Hardware Firmware215 CVE15 crit41 vendorsCVSS 8.5hpe aruba networking wireless operating system (aos) (27) · amd ryzen™ embedded 8000 series processors (18) · amd ryzen™ 7035 series processors with radeon™ graphics (formerly codenamed "rembrandt r") (12)
- Communications184 CVE27 crit63 vendorsCVSS 7.4mattermost (43) · mattermost server (24) · freepbx (4)
- Databases122 CVE22 crit1 KEV57 vendorsCVSS 7.6pgadmin 4 (16) · oracle rest data services (10) · ckan (4)
- Mobile Apps21 CVE16 vendorsCVSS 8.0heym (3) · mobile application (2) · color notes (1)
- Unclassified223 CVE42 crit4 KEV119 vendorsCVSS 7.0субд «tantor» (10) · powerflex manager (appliance) (8) · powerflex manager (rack) (8)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Operating Systems▸ 5 | 2,693 | 259 | 45 | 64 | 292 | 7.4 | linux (1064) · debian gnu/linux (105) · astra linux special edition (84) |
| OSS Libraries▸ 8 | 1,175 | 253 | 95 | 346 | 708 | 9.1 | openimageio (20) · libheif (13) · netty (13) |
| Web & CMS Plugins▸ 6 | 1,134 | 122 | 20 | 668 | 849 | 7.2 | hape pkh (6) · gravity forms (5) · royal addons for elementor – addons and templates kit for elementor (5) |
| Networking Infrastructure▸ 6 | 791 | 353 | 202 | 110 | 367 | 7.8 | open5gs (38) · arubaos (27) · a8000ru (26) |
| Consumer Software▸ 5 | 729 | 77 | 27 | 115 | 212 | 7.8 | chrome (370) · google chrome (127) · microsoft edge (110) |
| Enterprise Software▸ 7 | 591 | 127 | 73 | 175 | 359 | 8.1 | tickets (47) · grafana (20) · mantisbt (17) |
| Cloud & SaaS▸ 5 | 400 | 78 | · | 133 | 205 | 8.8 | budibase (21) · gotenberg (13) · n8n (12) |
| Security Products▸ 6 | 343 | 100 | 24 | 131 | 243 | 7.7 | misp (13) · cmc (10) · bandit (7) |
| AI / ML▸ 5 | 274 | 58 | 12 | 97 | 107 | 7.8 | open webui (59) · open-webui (59) · praisonai (17) |
| ICS / OT / IoT▸ 6 | 226 | 262 | 2 | 69 | 783 | 7.7 | mbconnect24 (40) · mymbconnect24 (40) · myrex24v2 (40) |
| DevTools & CI▸ 5 | 223 | 18 | 1 | 71 | 112 | 7.3 | gitlab (31) · teamcity (12) · n8n-mcp (6) |
| Hardware Firmware▸ 5 | 215 | 15 | · | 41 | 1,015 | 8.5 | hpe aruba networking wireless operating system (aos) (27) · amd ryzen™ embedded 8000 series processors (18) · amd ryzen™ 7035 series processors with radeon™ graphics (formerly codenamed "rembrandt r") (12) |
| Communications▸ 4 | 184 | 27 | · | 63 | 71 | 7.4 | mattermost (43) · mattermost server (24) · freepbx (4) |
| Databases▸ 5 | 122 | 22 | 1 | 57 | 84 | 7.6 | pgadmin 4 (16) · oracle rest data services (10) · ckan (4) |
| Mobile Apps▸ 3 | 21 | · | · | 16 | 18 | 8.0 | heym (3) · mobile application (2) · color notes (1) |
| Unclassified | 223 | 42 | 4 | 119 | 172 | 7.0 | субд «tantor» (10) · powerflex manager (appliance) (8) · powerflex manager (rack) (8) |
Which weaknesses hit which solution categories in May 2026
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.