2026
Vulnerability Stats

JSON

It's January 27 and 3,573 vulnerabilities have been published in 2026.

This marks an increase of 1% compared to this time last year.

Vulnerabilities published in 2026: 3,573
Avg. new vulnerabilities each day!: 132
Increase in vulnerabilities YoY: 1%

The vulnerability statistics page is updated daily and is designed to be easily screenshotable and shareable.

2026
Vulnerability Breakdown

CRITICAL: 339
HIGH: 1,110
MEDIUM: 1,496
LOW: 128

Plus 499 vulnerabilities yet to be given a severity rating.

2026 Vulnerability Severity By Month

132

New vulnerabilities every day in 2026

Each day your organisation needs to check and patch 132 vulnerability.

Across 1000's of devices!

Vulnerabilities Trending in 2026

Top 10 Trending Vulnerabilities for 2026

Vulnerability in n8n Workflow Automation Platfo...

CVE-2026-21858

N8n-ioN8n👾

Remote Authentication Bypass in GNU Inetutils T...

CVE-2026-24061

GnuInetutils👾

Vulnerability in Oracle HTTP Server and Weblogi...

CVE-2026-21962

OracleOracle Http Server, Or...👾

Information Disclosure Vulnerability in Microso...

CVE-2026-20805

MicrosoftWindows 10 Version 1809👾

Configuration Manipulation Vulnerability in Com...

CVE-2025-67303

ComfyOrgComfyUI-Manager👾

Privilege Escalation in Modular DS by Modular S...

CVE-2026-23550

WordPressModular Ds👾

Open Source AI Coding Agent Vulnerability in An...

CVE-2026-22812

AnomalycoOpencode👾

Remote Command Execution Vulnerability in Cisco...

CVE-2026-20045

CiscoCisco Unified Communic...👾

AdonisJS Path Traversal Vulnerability Affects F...

CVE-2026-21440

AdonisjsCore👾

Denial of Service Vulnerability in Palo Alto Ne...

CVE-2026-0227

Palo Alto NetworksCloud Ngfw👾

Pareto Principle
The 80/20 Rule

The Pareto principle states that for many outcomes, roughly 80% of consequences come from 20% of causes.

In the world of Vulnerability Management, only a small amount of CVEs introduce the majority of risk.

Tracking CVEs that generate vibrant conversation gives us a tool to reliability identify the most important vulnerabilities.

2017 - 2026 Vulnerability Severity By Year

2017

2018

13%

2019

2020

2021

10%

2022

24%

2023

15%

2024

40%

2025

20%

2026

More Vulnerabilities

Means more Exploits

Which means more Ransomware

Vulnerability Arrivals 📆

Vulnerabilities are not published in a predictable way. Every day is a vulnerable day 🤨

Vulnerability Published Matrix for 2026

Vulnerability Published Matrix for 2025

Vendor Breakdown

Wonder if your vendors are doing a good job? 🤔

Vulnerability Weighted Impact by Vendors

Impact is the sum of the CVSSv3 base score for all vulnerabilities by vendor.

WordPress

628 Vulnerabilities

28 Exploited 👾

Microsoft

125 Vulnerabilities

2 Exploited 👾

Oracle

66 Vulnerabilities

1 Exploited 👾

QNAP

35 Vulnerabilities

Tenda

30 Vulnerabilities

2 Exploited 👾

mediatek

28 Vulnerabilities

Adobe

25 Vulnerabilities

Juniper Networks

23 Vulnerabilities

23 Exploited 👾

Qualcomm

22 Vulnerabilities

Apache

21 Vulnerabilities

3 Exploited 👾

2026Vulnerability Stats

2026 Vulnerability Breakdown