month report
February 2009
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
February 2009 closed with 689 published CVEs. 75 criticals, ibm led volume, mostly via websphere application server. Top weakness class — CWE-89 (203 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
689
— MoM— YoY
Severity mix
75 / 283
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.6%
4 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
6227.6
n=4
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
6257
n=1
Detection gap
KEV pressure, no Nuclei coverage
February 2009 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1microsoft12 CVE
Weakness × Vendor
What's spreading where in February 2009
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
89SQL Injection79XSS22Path Traversal264CWE-26494Code Injection119Memory Buffer Bounds20Improper Input Validation287Improper Authentication399CWE-399200Information Exposureibm141114cisco311131apple25212сообщество свободного программного обеспечения243311drupal3641mozilla2321microsoft11271adobe3211linux3132hp111121scripts-for-sites62goahead411
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #11scripts-for-sites8 CVE
- #12goahead7 CVE
- #15mozilo6 CVE
- #16preprojects6 CVE
- #17ravenphpscripts6 CVE
- #19areva5 CVE
- #21typo35 CVE
- #22accscripts4 CVE
- #23cfmsource4 CVE
- #25dmxready4 CVE
Top vendors
Ranked by distinct CVE count this period.
- 21 CVE2 critCVSS 5.3websphere application server (13) · workplace web content management (2) · workplace for business controls and reporting (2)
- 20 CVE8 critCVSS 7.7PoC 3ace 4710 (6) · application control engine module (6) · catalyst 3750 series integrated wireless lan controller (4)
- 19 CVE5 critCVSS 6.7PoC 1mac os x (16) · mac os x server (15) · safari (2)
- 16 CVE4 critCVSS 5.8PoC 5debian gnu/linux (15) · linux (1)
- 15 CVE1 critCVSS 5.8everyblog (4) · drupal (2) · user karma module (2)
- 15 CVE2 critCVSS 6.5firefox (8) · bugzilla (7) · seamonkey (4)
- 12 CVE6 critCVSS 7.9KEV 1PoC 1visio (3) · exchange server (2) · internet explorer (2)
- 9 CVE2 critCVSS 6.5PoC 1flash player for linux (5) · flex (4) · air (4)
- 9 CVECVSS 4.0PoC 1linux kernel (9)
- 8 CVE4 critCVSS 8.0openview network node manager (3) · color laserjet 4370mfp (1) · color laserjet 9500mfp (1)
- 8 CVECVSS 6.7NEWPoC 6ez baby (1) · ez biz pro (1) · ez e-store (1)
- 7 CVECVSS 5.4NEWgoahead webserver (7)
- 7 CVECVSS 6.5PoC 6com beamospetition (2) · com eventing (1) · com musica (1)
- 6 CVECVSS 5.7PoC 1moodle (6)
- 6 CVECVSS 5.1NEWmozilocms (3) · mozilowiki (3)
- 6 CVECVSS 6.3NEWPoC 5pre classified listings (2) · pre shopping mall (1) · pre e-learning portal (1)
- 6 CVECVSS 5.8NEWPoC 6ravennuke (6)
- 6 CVECVSS 6.0opensolaris (3) · java system directory server (2) · solaris (2)
- 5 CVE2 critCVSS 8.5NEWe-terrahabitat (5)
- 5 CVE1 critCVSS 6.1PoC 1groupwise (4) · open enterprise server (1)
- 5 CVECVSS 5.6NEWwec discussion forum (2) · sb universal plugin (1) · tu-clausthal odin (1)
- 4 CVECVSS 7.5NEWPoC 4acc autos (1) · acc php email (1) · acc real estate (1)
- 4 CVECVSS 7.5NEWPoC 4cf auction (1) · cf calendar (1) · cf forum (1)
- 4 CVE1 critCVSS 7.5PoC 1debian linux (4)
- 4 CVECVSS 7.5NEWPoC 4classified listings manager (1) · member directory manager (1) · online notebook manager (1)
- 4 CVE4 critCVSS 9.3NEWPoC 3good plug-ins (3) · plug-ins (3)
- 4 CVECVSS 7.2NEWPoC 4phpmygallery (4)
- 4 CVECVSS 7.3NEWPoC 4pre multi-vendor shopping malls (2) · pre asp job board (1) · php auto listings script (1)
- 4 CVECVSS 7.5NEWPoC 4classified ads (2) · faculty portal (1) · shopping mall (1)
- 4 CVE4 critCVSS 9.3NEWPoC 1vim (4) · tar.vim (1) · zipplugin.vim (1)
- 4 CVECVSS 7.5NEWPoC 4password protect (2) · ware support (2)
- 3 CVECVSS 6.4NEWPoC 1active bids (2) · active newsletter (1)
- 3 CVECVSS 5.4PoC 2camera life (3)
- 3 CVECVSS 7.5NEWPoC 3admanager (1) · link back checker (1) · slide popups (1)
- 3 CVECVSS 7.5NEWPoC 3auth php (1) · bluebird (1) · mynews (1)
- 3 CVECVSS 7.5PoC 3gforge (3)
- 3 CVE2 critCVSS 8.1NEWgraphicsmagick (3)
- 3 CVECVSS 6.4NEWPoC 2galatolo webmanager (3)
- 3 CVECVSS 7.5NEWPoC 3car portal (1) · jobs portal (1) · real estate portal (1)
- 3 CVECVSS 6.4NEWPoC 2online grades (3)
- 3 CVECVSS 5.1NEWopenedit digital asset management (3)
- 3 CVECVSS 6.3opensuse (3)
- 3 CVECVSS 6.5NEWPoC 1rakhisoftware shopping cart (3)
- 3 CVECVSS 5.4NEWcontrollogix 1756-enbt\/a ethernet\/ ip bridge (3)
- 3 CVECVSS 4.8NEWPoC 3easy image downloader (1) · ez ringtone manager (1) · mini hosting panel (1)
- 3 CVE1 critCVSS 7.0NEWsemanticscuttle (3)
- 3 CVECVSS 7.5NEWPoC 2simple customer (3)
- 3 CVECVSS 7.3NEWPoC 1socialengine (3)
- 3 CVECVSS 5.6NEWPoC 1phpfootball (3)
- 3 CVECVSS 3.8PoC 2wireshark (3)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | ibm | 21 | 2 | · | · | websphere application server (13) · workplace web content management (2) · workplace for business controls and reporting (2) | — | ||
| 2 | cisco | 20 | 8 | · | · | PoC 3 | ace 4710 (6) · application control engine module (6) · catalyst 3750 series integrated wireless lan controller (4) | — | |
| 3 | apple | 19 | 5 | · | · | PoC 1 | mac os x (16) · mac os x server (15) · safari (2) | — | |
| 4 | сообщество свободного программного обеспечения | 16 | 4 | · | · | PoC 5 | debian gnu/linux (15) · linux (1) | — | |
| 5 | drupal | 15 | 1 | · | · | everyblog (4) · drupal (2) · user karma module (2) | — | ||
| 6 | mozilla | 15 | 2 | · | · | firefox (8) · bugzilla (7) · seamonkey (4) | — | ||
| 7 | microsoft | 12 | 6 | 1 | · | KEV 1PoC 1 | visio (3) · exchange server (2) · internet explorer (2) | — | |
| 8 | adobe | 9 | 2 | · | · | PoC 1 | flash player for linux (5) · flex (4) · air (4) | — | |
| 9 | linux | 9 | · | · | · | PoC 1 | linux kernel (9) | — | |
| 10 | hp | 8 | 4 | · | · | openview network node manager (3) · color laserjet 4370mfp (1) · color laserjet 9500mfp (1) | — | ||
| 11 | scripts-for-sites | 8 | · | · | · | NEWPoC 6 | ez baby (1) · ez biz pro (1) · ez e-store (1) | — | |
| 12 | goahead | 7 | · | · | · | NEW | goahead webserver (7) | — | |
| 13 | joomla | 7 | · | · | · | PoC 6 | com beamospetition (2) · com eventing (1) · com musica (1) | — | |
| 14 | moodle | 6 | · | · | · | PoC 1 | moodle (6) | — | |
| 15 | mozilo | 6 | · | · | · | NEW | mozilocms (3) · mozilowiki (3) | — | |
| 16 | preprojects | 6 | · | · | · | NEWPoC 5 | pre classified listings (2) · pre shopping mall (1) · pre e-learning portal (1) | — | |
| 17 | ravenphpscripts | 6 | · | · | · | NEWPoC 6 | ravennuke (6) | — | |
| 18 | sun | 6 | · | · | · | opensolaris (3) · java system directory server (2) · solaris (2) | — | ||
| 19 | areva | 5 | 2 | · | · | NEW | e-terrahabitat (5) | — | |
| 20 | novell | 5 | 1 | · | · | PoC 1 | groupwise (4) · open enterprise server (1) | — | |
| 21 | typo3 | 5 | · | · | · | NEW | wec discussion forum (2) · sb universal plugin (1) · tu-clausthal odin (1) | — | |
| 22 | accscripts | 4 | · | · | · | NEWPoC 4 | acc autos (1) · acc php email (1) · acc real estate (1) | — | |
| 23 | cfmsource | 4 | · | · | · | NEWPoC 4 | cf auction (1) · cf calendar (1) · cf forum (1) | — | |
| 24 | debian | 4 | 1 | · | · | PoC 1 | debian linux (4) | — | |
| 25 | dmxready | 4 | · | · | · | NEWPoC 4 | classified listings manager (1) · member directory manager (1) · online notebook manager (1) | — | |
| 26 | gstreamer | 4 | 4 | · | · | NEWPoC 3 | good plug-ins (3) · plug-ins (3) | — | |
| 27 | phpmygallery | 4 | · | · | · | NEWPoC 4 | phpmygallery (4) | — | |
| 28 | preproject | 4 | · | · | · | NEWPoC 4 | pre multi-vendor shopping malls (2) · pre asp job board (1) · php auto listings script (1) | — | |
| 29 | sepcity | 4 | · | · | · | NEWPoC 4 | classified ads (2) · faculty portal (1) · shopping mall (1) | — | |
| 30 | vim | 4 | 4 | · | · | NEWPoC 1 | vim (4) · tar.vim (1) · zipplugin.vim (1) | — | |
| 31 | wholehogsoftware | 4 | · | · | · | NEWPoC 4 | password protect (2) · ware support (2) | — | |
| 32 | activewebsoftwares | 3 | · | · | · | NEWPoC 1 | active bids (2) · active newsletter (1) | — | |
| 33 | camera life | 3 | · | · | · | PoC 2 | camera life (3) | — | |
| 34 | e-topbiz | 3 | · | · | · | NEWPoC 3 | admanager (1) · link back checker (1) · slide popups (1) | — | |
| 35 | frankmancuso | 3 | · | · | · | NEWPoC 3 | auth php (1) · bluebird (1) · mynews (1) | — | |
| 36 | gforge | 3 | · | · | · | PoC 3 | gforge (3) | — | |
| 37 | graphicsmagick | 3 | 2 | · | · | NEW | graphicsmagick (3) | — | |
| 38 | gwm | 3 | · | · | · | NEWPoC 2 | galatolo webmanager (3) | — | |
| 39 | netartmedia | 3 | · | · | · | NEWPoC 3 | car portal (1) · jobs portal (1) · real estate portal (1) | — | |
| 40 | onlinegrades | 3 | · | · | · | NEWPoC 2 | online grades (3) | — | |
| 41 | openedit | 3 | · | · | · | NEW | openedit digital asset management (3) | — | |
| 42 | opensuse | 3 | · | · | · | opensuse (3) | — | ||
| 43 | rakhisoftware | 3 | · | · | · | NEWPoC 1 | rakhisoftware shopping cart (3) | — | |
| 44 | rockwellautomation | 3 | · | · | · | NEW | controllogix 1756-enbt\/a ethernet\/ ip bridge (3) | — | |
| 45 | scriptsez | 3 | · | · | · | NEWPoC 3 | easy image downloader (1) · ez ringtone manager (1) · mini hosting panel (1) | — | |
| 46 | semanticscuttle | 3 | 1 | · | · | NEW | semanticscuttle (3) | — | |
| 47 | simplecustomer | 3 | · | · | · | NEWPoC 2 | simple customer (3) | — | |
| 48 | socialengine | 3 | · | · | · | NEWPoC 1 | socialengine (3) | — | |
| 49 | vlad alexa mancini | 3 | · | · | · | NEWPoC 1 | phpfootball (3) | — | |
| 50 | wireshark | 3 | · | · | · | PoC 2 | wireshark (3) | — |