month report
January 2008
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
January 2008 closed with 502 published CVEs — -31.2% YoY . 78 criticals, wordpress led volume, mostly via wordpress. Biggest breakout: wordpress at ×4.3 their 12-month median. Top weakness class — CWE-89 (93 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
502
+11.8% MoM-31.2% YoY
Severity mix
78 / 153
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
3.6%
18 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
6630.9
n=18
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
—
n=0
Weakness × Vendor
What's spreading where in January 2008
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
89SQL Injection79XSS119Memory Buffer Bounds22Path Traversal264CWE-26494Code Injection20Improper Input Validation399CWE-399287Improper Authentication352CSRFwordpress47211microsoft25111сообщество свободного программного обеспечения413ibm141joomla8121oracle1apple314drupal5122apache421debian1221menalto121gentoo foundation inc.3122
Breakout vendors
CVE count ≥3× their own 12-period median.
- 4.3×wordpress17 CVE
- 3.3×agares media5 CVE
- 3.0×manageengine3 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #11menalto9 CVE
- #15hfs6 CVE
- #20feng5 CVE
- #22snitz communications5 CVE
- #23ооо «русбитех-астра»5 CVE
- #26fascript4 CVE
- #27layton technology4 CVE
- #31web wiz4 CVE
- #34blog cms3 CVE
- #36instantsoftwares3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 17 CVECVSS 5.7×4.3Nuclei 15PoC 9wordpress (6) · math comment spam protection plugin (2) · permalinks migration plugin (1)
- 16 CVE5 critCVSS 7.4PoC 4debian gnu/linux (16)
- 15 CVE9 critCVSS 8.1PoC 8windows 2003 server (3) · internet explorer (3) · windows xp (3)
- 14 CVE4 critCVSS 6.8PoC 1aix (3) · websphere application server (2) · informix dynamic server (2)
- 12 CVECVSS 7.1PoC 8joomla (5) · musepoes component (1) · com fq (1)
- 12 CVE11 critCVSS 9.9database server (11) · collaboration suite (8) · application server (8)
- 10 CVE3 critCVSS 6.7PoC 2quicktime (5) · safari (2) · mac os x (2)
- 10 CVECVSS 4.8drupal (5) · archive module (1) · atom module (1)
- 9 CVECVSS 4.5PoC 1http server (8) · tomcat (1)
- 9 CVE2 critCVSS 7.0PoC 2debian linux (7) · unp (1) · apt-listchanges (1)
- 9 CVE6 critCVSS 8.7NEWgallery (7) · gallery publish xp module (1) · gallery webcam module (1)
- 8 CVECVSS 7.2PoC 7mambo (2) · com mamml (1) · com jokes (1)
- 7 CVE2 critCVSS 6.6PoC 2gentoo linux (7)
- 7 CVECVSS 5.7java system identity manager (3) · solaris libxfont (1) · jre (1)
- 6 CVE1 critCVSS 6.0NEWPoC 2http file server (6)
- 6 CVE1 critCVSS 7.3PoC 3vlc (4) · vlc media player (2)
- 6 CVE3 critCVSS 7.7PoC 1xserver (5) · tog-cup (1) · x server (1)
- 5 CVECVSS 6.6×3.3PoC 4phpautovideo (5)
- 5 CVE1 critCVSS 5.9PoC 1ubuntu linux (5)
- 5 CVECVSS 6.0NEWPoC 2feng (5)
- 5 CVECVSS 6.3PoC 1postgresql (5)
- 5 CVECVSS 4.9NEWPoC 1snitz forums 2000 (5)
- 5 CVE2 critCVSS 7.8NEWPoC 1astra linux common edition (3) · astra linux special edition (2)
- 4 CVE2 critCVSS 8.2PoC 1adaptive security appliance software (1) · application velocity system (1) · pix firewall software (1)
- 4 CVECVSS 4.7PoC 2eticket (4)
- 4 CVECVSS 7.5NEWPoC 4famp3 (1) · faname (1) · fapersianhack (1)
- 4 CVECVSS 5.4NEWhelpbox (4)
- 4 CVECVSS 6.5PoC 1linux kernel (4)
- 4 CVECVSS 6.0zenworks patch management update agent (1) · identity manager (1) · netware client (1)
- 4 CVE4 critCVSS 10.0enterprise message service (4) · rtworks (4) · smartsockets rtserver (4)
- 4 CVECVSS 5.3NEWPoC 4rich text editor (2) · web wiz forums (1) · newspad (1)
- 3 CVECVSS 5.2PoC 32z project (3)
- 3 CVECVSS 5.6jira (3)
- 3 CVECVSS 6.4NEWPoC 2blog cms (3)
- 3 CVE1 critCVSS 6.9fedora (3)
- 3 CVECVSS 6.4NEWdating site (3)
- 3 CVECVSS 5.2NEW×3.0applications manager (3)
- 3 CVECVSS 5.8NEWPoC 1faqmasterflexplus (3)
- 3 CVECVSS 6.7PoC 1php (2) · f1 maxs file uploader (1)
- 3 CVECVSS 3.8PoC 1enterprise linux desktop (2) · enterprise linux server (2) · enterprise linux workstation (2)
- 3 CVE1 critCVSS 6.3PoC 1red hat enterprise linux (3)
- 2 CVECVSS 7.2NEWPoC 2alitalk (2)
- 2 CVECVSS 6.3PoC 2forum pay per post exchange (2)
- 2 CVECVSS 6.3PoC 2bitweaver (1) · r2 cms (1)
- 2 CVECVSS 5.0NEWPoC 1boost (2) · boost regex library (1)
- 2 CVECVSS 4.3NEWbugtracker.net (2)
- 2 CVECVSS 5.9clever copy (2)
- 2 CVECVSS 5.5PoC 1coppermine photo gallery (2)
- 2 CVECVSS 7.2NEWPoC 1core force (2)
- 2 CVECVSS 4.3NEWphoto album (1) · search engine (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | wordpress | 17 | · | · | 15 | ×4.3Nuclei 15PoC 9 | wordpress (6) · math comment spam protection plugin (2) · permalinks migration plugin (1) | ↑72 | |
| 2 | сообщество свободного программного обеспечения | 16 | 5 | · | · | PoC 4 | debian gnu/linux (16) | ↑5 | |
| 3 | microsoft | 15 | 9 | · | · | PoC 8 | windows 2003 server (3) · internet explorer (3) · windows xp (3) | ↓1 | |
| 4 | ibm | 14 | 4 | · | · | PoC 1 | aix (3) · websphere application server (2) · informix dynamic server (2) | ↑1 | |
| 5 | joomla | 12 | · | · | · | PoC 8 | joomla (5) · musepoes component (1) · com fq (1) | ↑54 | |
| 6 | oracle | 12 | 11 | · | · | database server (11) · collaboration suite (8) · application server (8) | ↑4 | ||
| 7 | apple | 10 | 3 | · | · | PoC 2 | quicktime (5) · safari (2) · mac os x (2) | ↓6 | |
| 8 | drupal | 10 | · | · | · | drupal (5) · archive module (1) · atom module (1) | ↑23 | ||
| 9 | apache | 9 | · | · | · | PoC 1 | http server (8) · tomcat (1) | ↑11 | |
| 10 | debian | 9 | 2 | · | · | PoC 2 | debian linux (7) · unp (1) · apt-listchanges (1) | ↑20 | |
| 11 | menalto | 9 | 6 | · | · | NEW | gallery (7) · gallery publish xp module (1) · gallery webcam module (1) | — | |
| 12 | mambo | 8 | · | · | · | PoC 7 | mambo (2) · com mamml (1) · com jokes (1) | ↑138 | |
| 13 | gentoo foundation inc. | 7 | 2 | · | · | PoC 2 | gentoo linux (7) | ↓5 | |
| 14 | sun | 7 | · | · | · | java system identity manager (3) · solaris libxfont (1) · jre (1) | ↓11 | ||
| 15 | hfs | 6 | 1 | · | · | NEWPoC 2 | http file server (6) | — | |
| 16 | videolan | 6 | 1 | · | · | PoC 3 | vlc (4) · vlc media player (2) | — | |
| 17 | x.org | 6 | 3 | · | · | PoC 1 | xserver (5) · tog-cup (1) · x server (1) | — | |
| 18 | agares media | 5 | · | · | · | ×3.3PoC 4 | phpautovideo (5) | ↑59 | |
| 19 | canonical | 5 | 1 | · | · | PoC 1 | ubuntu linux (5) | ↑10 | |
| 20 | feng | 5 | · | · | · | NEWPoC 2 | feng (5) | — | |
| 21 | postgresql | 5 | · | · | · | PoC 1 | postgresql (5) | — | |
| 22 | snitz communications | 5 | · | · | · | NEWPoC 1 | snitz forums 2000 (5) | — | |
| 23 | ооо «русбитех-астра» | 5 | 2 | · | · | NEWPoC 1 | astra linux common edition (3) · astra linux special edition (2) | — | |
| 24 | cisco | 4 | 2 | · | · | PoC 1 | adaptive security appliance software (1) · application velocity system (1) · pix firewall software (1) | ↓2 | |
| 25 | eticket | 4 | · | · | · | PoC 2 | eticket (4) | — | |
| 26 | fascript | 4 | · | · | · | NEWPoC 4 | famp3 (1) · faname (1) · fapersianhack (1) | — | |
| 27 | layton technology | 4 | · | · | · | NEW | helpbox (4) | — | |
| 28 | linux | 4 | · | · | · | PoC 1 | linux kernel (4) | ↓19 | |
| 29 | novell | 4 | · | · | · | zenworks patch management update agent (1) · identity manager (1) · netware client (1) | ↑35 | ||
| 30 | tibco | 4 | 4 | · | · | enterprise message service (4) · rtworks (4) · smartsockets rtserver (4) | — | ||
| 31 | web wiz | 4 | · | · | · | NEWPoC 4 | rich text editor (2) · web wiz forums (1) · newspad (1) | — | |
| 32 | 2z project | 3 | · | · | · | PoC 3 | 2z project (3) | — | |
| 33 | atlassian | 3 | · | · | · | jira (3) | — | ||
| 34 | blog cms | 3 | · | · | · | NEWPoC 2 | blog cms (3) | — | |
| 35 | fedoraproject | 3 | 1 | · | · | fedora (3) | ↑18 | ||
| 36 | instantsoftwares | 3 | · | · | · | NEW | dating site (3) | — | |
| 37 | manageengine | 3 | · | · | · | NEW×3.0 | applications manager (3) | — | |
| 38 | netbizcity | 3 | · | · | · | NEWPoC 1 | faqmasterflexplus (3) | — | |
| 39 | php | 3 | · | · | · | PoC 1 | php (2) · f1 maxs file uploader (1) | ↑143 | |
| 40 | redhat | 3 | · | · | · | PoC 1 | enterprise linux desktop (2) · enterprise linux server (2) · enterprise linux workstation (2) | ↓23 | |
| 41 | red hat inc. | 3 | 1 | · | · | PoC 1 | red hat enterprise linux (3) | ↓17 | |
| 42 | alilg | 2 | · | · | · | NEWPoC 2 | alitalk (2) | — | |
| 43 | alstrasoft | 2 | · | · | · | PoC 2 | forum pay per post exchange (2) | — | |
| 44 | bitweaver | 2 | · | · | · | PoC 2 | bitweaver (1) · r2 cms (1) | ↓16 | |
| 45 | boost | 2 | · | · | · | NEWPoC 1 | boost (2) · boost regex library (1) | — | |
| 46 | bugtracker.net | 2 | · | · | · | NEW | bugtracker.net (2) | — | |
| 47 | clever copy | 2 | · | · | · | clever copy (2) | — | ||
| 48 | coppermine | 2 | · | · | · | PoC 1 | coppermine photo gallery (2) | — | |
| 49 | core security technologies | 2 | · | · | · | NEWPoC 1 | core force (2) | — | |
| 50 | dansie | 2 | · | · | · | NEW | photo album (1) · search engine (1) | — |