2026
Vulnerability Stats

JSON

It's February 28 and 8,892 vulnerabilities have been published in 2026.

This marks an increase of 13% compared to this time last year.

Vulnerabilities published in 2026: 8,892
Avg. new vulnerabilities each day!: 151
Increase in vulnerabilities YoY: 13%

The vulnerability statistics page is updated daily and is designed to be easily screenshotable and shareable.

2026
Vulnerability Breakdown

CRITICAL: 848
HIGH: 3,014
MEDIUM: 4,042
LOW: 366

Plus 571 vulnerabilities yet to be given a severity rating.

2026 Vulnerability Severity By Month

151

New vulnerabilities every day in 2026

Each day your organisation needs to check and patch 151 vulnerability.

Across 1000's of devices!

Vulnerabilities Trending in 2026

Top 10 Trending Vulnerabilities for 2026

Authentication Bypass in Fortinet FortiAnalyzer...

CVE-2026-24858

FortinetFortimanager👾

Denial of Service Vulnerabilities in React Serv...

CVE-2026-23864

MetaReact-server-dom-webpack

Command Injection Vulnerability in Windows Note...

CVE-2026-20841

MicrosoftWindows Notepad👾

Security Feature Bypass in Microsoft Office

CVE-2026-21509

MicrosoftMicrosoft 365 Apps For...👾

Vulnerability in n8n Workflow Automation Platfo...

CVE-2026-21858

N8n-ioN8n👾

Remote Code Execution Vulnerability in BeyondTr...

CVE-2026-1731

BeyondtrustRemote Support(rs) & P...👾

Remote Authentication Bypass in GNU Inetutils T...

CVE-2026-24061

GnuInetutils👾

Remote Code Execution due to Use After Free in ...

CVE-2026-2441

GoogleChrome👾

Vulnerability in Oracle VM VirtualBox by Oracle

CVE-2026-21957

OracleOracle Vm Virtualbox

Code Injection Vulnerability in Ivanti Endpoint...

CVE-2026-1281

IvantiEndpoint Manager Mobile👾

Pareto Principle
The 80/20 Rule

The Pareto principle states that for many outcomes, roughly 80% of consequences come from 20% of causes.

In the world of Vulnerability Management, only a small amount of CVEs introduce the majority of risk.

Tracking CVEs that generate vibrant conversation gives us a tool to reliability identify the most important vulnerabilities.

2017 - 2026 Vulnerability Severity By Year

2017

2018

13%

2019

2020

2021

10%

2022

24%

2023

15%

2024

39%

2025

20%

2026

More Vulnerabilities

Means more Exploits

Which means more Ransomware

Vulnerability Arrivals 📆

Vulnerabilities are not published in a predictable way. Every day is a vulnerable day 🤨

Vulnerability Published Matrix for 2026

Vulnerability Published Matrix for 2025

Vendor Breakdown

Wonder if your vendors are doing a good job? 🤔

Vulnerability Weighted Impact by Vendors

Impact is the sum of the CVSSv3 base score for all vulnerabilities by vendor.

WordPress

1633 Vulnerabilities

52 Exploited 👾

Microsoft

192 Vulnerabilities

12 Exploited 👾

IBM

96 Vulnerabilities

Apple

85 Vulnerabilities

1 Exploited 👾

QNAP

84 Vulnerabilities

Tenda

80 Vulnerabilities

50 Exploited 👾

Adobe

69 Vulnerabilities

D-Link

67 Vulnerabilities

58 Exploited 👾

Oracle

66 Vulnerabilities

1 Exploited 👾

Red Hat

61 Vulnerabilities

1 Exploited 👾

2026Vulnerability Stats

2026 Vulnerability Breakdown

2026 Vulnerability Severity By Month

Vulnerabilities Trending in 2026

Top 10 Trending Vulnerabilities for 2026

Authentication Bypass in Fortinet FortiAnalyzer...

Denial of Service Vulnerabilities in React Serv...

Command Injection Vulnerability in Windows Note...

Security Feature Bypass in Microsoft Office

Vulnerability in n8n Workflow Automation Platfo...

Remote Code Execution Vulnerability in BeyondTr...

Remote Authentication Bypass in GNU Inetutils T...

Remote Code Execution due to Use After Free in ...

Vulnerability in Oracle VM VirtualBox by Oracle

Code Injection Vulnerability in Ivanti Endpoint...

Pareto PrincipleThe 80/20 Rule

2017 - 2026 Vulnerability Severity By Year

Vulnerability Arrivals 📆

Vulnerability Published Matrix for 2026

Vulnerability Published Matrix for 2025

Vendor Breakdown

Vulnerability Weighted Impact by Vendors

2026
Vulnerability Stats

2026
Vulnerability Breakdown

Pareto Principle
The 80/20 Rule