2025
Vulnerability Stats

JSON

It's December 27 and 47,284 vulnerabilities have been published in 2025.

This marks an increase of 19% compared to this time last year.

Vulnerabilities published in 2025: 47,284
Avg. new vulnerabilities each day!: 131
Increase in vulnerabilities YoY: 19%

The vulnerability statistics page is updated daily and is designed to be easily screenshotable and shareable.

2025
Vulnerability Breakdown

CRITICAL: 4,043
HIGH: 14,089
MEDIUM: 22,510
LOW: 1,394

Plus 5,237 vulnerabilities yet to be given a severity rating.

2025 Vulnerability Severity By Month

131

New vulnerabilities every day in 2025

Each day your organisation needs to check and patch 131 vulnerability.

Across 1000's of devices!

Vulnerabilities Trending in 2025

Top 10 Trending Vulnerabilities for 2025

Remote Code Execution Vulnerability in React Se...

CVE-2025-55182

MetaReact-server-dom-webpack👾

Authorization Bypass in Next.js Framework by Ve...

CVE-2025-29927

VercelNext.js👾

Deserialization Vulnerability in Microsoft Shar...

CVE-2025-53770

MicrosoftMicrosoft Sharepoint E...👾

Remote File Upload Vulnerability in Cisco IOS X...

CVE-2025-20188

CiscoCisco iOS Xe Software👾

Remote Code Execution Vulnerability in Windows ...

CVE-2025-59287

MicrosoftWindows Server 2019👾

Unauthenticated Access Vulnerability in Oracle ...

CVE-2025-61882

OracleOracle Concurrent Proc...👾

Out-of-Bounds Write Vulnerability in Apple Prod...

CVE-2025-43300

AppleiOS And iPad OS👾

Remote Code Execution Vulnerability in n8n Auto...

CVE-2025-68613

N8n-ioN8n👾

Stack-Based Buffer Overflow in Ivanti Connect S...

CVE-2025-0282

IvantiConnect Secure👾

Pre-authentication Denial of Service Vulnerabil...

CVE-2025-55184

MetaReact-server-dom-webpack👾

Pareto Principle
The 80/20 Rule

The Pareto principle states that for many outcomes, roughly 80% of consequences come from 20% of causes.

In the world of Vulnerability Management, only a small amount of CVEs introduce the majority of risk.

Tracking CVEs that generate vibrant conversation gives us a tool to reliability identify the most important vulnerabilities.

2016 - 2025 Vulnerability Severity By Year

2016

2017

127%

2018

13%

2019

2020

2021

10%

2022

24%

2023

15%

2024

40%

2025

More Vulnerabilities

Means more Exploits

Which means more Ransomware

Vulnerability Arrivals 📆

Vulnerabilities are not published in a predictable way. Every day is a vulnerable day 🤨

Vulnerability Published Matrix for 2025

Vulnerability Published Matrix for 2024

Vendor Breakdown

Wonder if your vendors are doing a good job? 🤔

Vulnerability Weighted Impact by Vendors

Impact is the sum of the CVSSv3 base score for all vulnerabilities by vendor.

WordPress

9393 Vulnerabilities

695 Exploited 👾

Microsoft

1255 Vulnerabilities

82 Exploited 👾

Linux

959 Vulnerabilities

19 Exploited 👾

Adobe

829 Vulnerabilities

2 Exploited 👾

Apple

723 Vulnerabilities

24 Exploited 👾

PHPGurukul

627 Vulnerabilities

482 Exploited 👾

IBM

606 Vulnerabilities

5 Exploited 👾

Google

559 Vulnerabilities

22 Exploited 👾

Tenda

437 Vulnerabilities

249 Exploited 👾

sourcecodester

415 Vulnerabilities

332 Exploited 👾

2025Vulnerability Stats

2025 Vulnerability Breakdown