month report

May 2009

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

May 2009 closed with 367 published CVEs. 80 criticals, apple led volume, mostly via mac os x. Top weakness class — CWE-89 (66 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

367

— MoM— YoY

Severity mix

80 / 109

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.8%

3 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6148.2

n=3

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

6200

n=1

Detection gap

KEV pressure, no Nuclei coverage

May 2009 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1microsoft16 CVE

Weakness × Vendor

What's spreading where in May 2009

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#6scripts-for-sites8 CVE
#8collector6 CVE
#112daybiz5 CVE
#12cgi rescue5 CVE
#14easy-scripts5 CVE
#16mini-stream5 CVE
#18aten4 CVE
#20icewarp4 CVE
#23pidgin4 CVE
#24armorlogic3 CVE

Top vendors

Ranked by distinct CVE count this period.

1apple—
21 CVE3 critCVSS 6.3
mac os x (18) · mac os x server (17) · safari (3)
2microsoft—
16 CVE13 critCVSS 9.0
KEV 1PoC 2
office powerpoint (13) · windows xp (3) · office compatibility pack for word excel ppt 2007 (1)
3sun—
9 CVE4 critCVSS 7.1
PoC 3
solaris (3) · jre (2) · java system portal server (1)
4cisco—
8 CVE1 critCVSS 8.4
Nuclei 1PoC 3
wvc54gca (5) · wvc54gc (1) · telepresence readiness assessment manager (1)
5gentoo foundation inc.—
8 CVE2 critCVSS 6.7
PoC 3
gentoo linux (8)
6scripts-for-sites—
8 CVECVSS 7.5
NEWPoC 8
ez adult directory (1) · ez affiliate (1) · ez auction (1)
7ibm—
7 CVE3 critCVSS 8.2
PoC 1
tivoli storage manager client (4) · tivoli storage manager express (3) · aix (1)
8collector—
6 CVECVSS 5.2
NEWPoC 6
mycolex (3) · mygesuad (3)
9red hat inc.—
6 CVE2 critCVSS 6.7
red hat enterprise linux (6)
10сообщество свободного программного обеспечения—
6 CVE1 critCVSS 6.5
PoC 1
debian gnu/linux (6)
112daybiz—
5 CVECVSS 6.4
NEWPoC 5
business community script (2) · custom t-shirt design script (2) · template monster clone (1)
12cgi rescue—
5 CVECVSS 4.6
NEW
form2mail (1) · rescue (1) · cgi rescue minibbs (1)
13drupal—
5 CVECVSS 5.0
drupal (2) · news page (1) · nodeaccess userreference (1)
14easy-scripts—
5 CVECVSS 6.3
NEWPoC 5
answer and question script (5)
15google—
5 CVE2 critCVSS 6.9
PoC 2
chrome (4) · android (1)
16mini-stream—
5 CVE5 critCVSS 9.3
NEWPoC 5
easy rm-mp3 converter (1) · castripper (1) · mini-stream rm downloader (1)
17squirrelmail—
5 CVECVSS 5.8
PoC 1
squirrelmail (5) · imap general.php (1)
18aten—
4 CVE3 critCVSS 9.5
NEW
kh1516i ip kvm switch (4) · kn9116 ip kvm switch (4) · pn9108 power over the net (1)
19hp—
4 CVE2 critCVSS 7.9
PoC 1
openview network node manager (1) · data protector express (1) · remote graphics software (1)
20icewarp—
4 CVECVSS 5.4
NEWPoC 2
webmail server (3) · email server (3) · merak mail server (1)
21linux—
4 CVECVSS 5.7
PoC 1
linux kernel (4)
22novell—
4 CVE1 critCVSS 6.5
groupwise (4)
23pidgin—
4 CVE1 critCVSS 6.6
NEW
pidgin (4)
24armorlogic—
3 CVE1 critCVSS 7.3
NEW
profense web application firewall (3)
25canonical—
3 CVECVSS 5.5
PoC 2
ubuntu linux (3)
26debian—
3 CVECVSS 5.4
PoC 1
debian linux (3)
27electrasoft—
3 CVE3 critCVSS 9.8
NEWPoC 3
32bit ftp (3)
28frax—
3 CVECVSS 7.5
NEWPoC 3
php recommend (3)
29freepbx—
3 CVECVSS 5.4
NEW
freepbx (3)
30gowondesigns—
3 CVECVSS 5.4
NEWPoC 3
leap (3)
31klinzmann—
3 CVECVSS 6.6
NEWPoC 1
application access server (3)
32minddezign—
3 CVECVSS 5.1
NEWPoC 3
photo gallery (3)
33mozilla—
3 CVE1 critCVSS 6.4
PoC 2
firefox (3)
34nullsoft—
3 CVE3 critCVSS 9.3
NEWPoC 2
winamp (3)
35omnisoftsol—
3 CVECVSS 5.9
NEWPoC 3
vidsharepro (3)
36openssl—
3 CVECVSS 5.0
NEWPoC 2
openssl (3)
37openssl software foundation—
3 CVECVSS 5.0
NEWPoC 2
openssl (3)
38r020—
3 CVECVSS 4.9
NEWPoC 2
tematres (3)
39sangoma—
3 CVECVSS 5.4
NEW
freepbx (3)
40teraway—
3 CVECVSS 7.5
NEWPoC 3
filestream (1) · linktracker (1) · livehelp (1)
41ubuntu—
3 CVECVSS 5.5
NEW
linux (3)
42ао «нтц ит роса»—
3 CVECVSS 5.0
NEWPoC 2
rosa virtualization (3) · rosa virtualization 3.0 (3)
43activecollab—
2 CVECVSS 4.7
NEW
activecollab (2)
44baofeng—
2 CVE2 critCVSS 9.3
PoC 1
storm (2)
45bitweaver—
2 CVECVSS 7.0
PoC 2
bitweaver (2)
46bookingcentre—
2 CVECVSS 7.5
NEWPoC 2
booking system for hotels group (2)
47cscope—
2 CVE2 critCVSS 9.3
NEWPoC 1
cscope (2)
48dew-code—
2 CVECVSS 4.7
NEWPoC 2
dew-newphplinks (2)
49directadmin—
2 CVECVSS 7.7
NEWPoC 1
directadmin (2)
50flyspeck—
2 CVECVSS 7.5
NEWPoC 2
flyspeck cms (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	apple	21	3	·	·		mac os x (18) · mac os x server (17) · safari (3)	—
2	microsoft	16	13	1	·	KEV 1PoC 2	office powerpoint (13) · windows xp (3) · office compatibility pack for word excel ppt 2007 (1)	—
3	sun	9	4	·	·	PoC 3	solaris (3) · jre (2) · java system portal server (1)	—
4	cisco	8	1	·	1	Nuclei 1PoC 3	wvc54gca (5) · wvc54gc (1) · telepresence readiness assessment manager (1)	—
5	gentoo foundation inc.	8	2	·	·	PoC 3	gentoo linux (8)	—
6	scripts-for-sites	8	·	·	·	NEWPoC 8	ez adult directory (1) · ez affiliate (1) · ez auction (1)	—
7	ibm	7	3	·	·	PoC 1	tivoli storage manager client (4) · tivoli storage manager express (3) · aix (1)	—
8	collector	6	·	·	·	NEWPoC 6	mycolex (3) · mygesuad (3)	—
9	red hat inc.	6	2	·	·		red hat enterprise linux (6)	—
10	сообщество свободного программного обеспечения	6	1	·	·	PoC 1	debian gnu/linux (6)	—
11	2daybiz	5	·	·	·	NEWPoC 5	business community script (2) · custom t-shirt design script (2) · template monster clone (1)	—
12	cgi rescue	5	·	·	·	NEW	form2mail (1) · rescue (1) · cgi rescue minibbs (1)	—
13	drupal	5	·	·	·		drupal (2) · news page (1) · nodeaccess userreference (1)	—
14	easy-scripts	5	·	·	·	NEWPoC 5	answer and question script (5)	—
15	google	5	2	·	·	PoC 2	chrome (4) · android (1)	—
16	mini-stream	5	5	·	·	NEWPoC 5	easy rm-mp3 converter (1) · castripper (1) · mini-stream rm downloader (1)	—
17	squirrelmail	5	·	·	·	PoC 1	squirrelmail (5) · imap general.php (1)	—
18	aten	4	3	·	·	NEW	kh1516i ip kvm switch (4) · kn9116 ip kvm switch (4) · pn9108 power over the net (1)	—
19	hp	4	2	·	·	PoC 1	openview network node manager (1) · data protector express (1) · remote graphics software (1)	—
20	icewarp	4	·	·	·	NEWPoC 2	webmail server (3) · email server (3) · merak mail server (1)	—
21	linux	4	·	·	·	PoC 1	linux kernel (4)	—
22	novell	4	1	·	·		groupwise (4)	—
23	pidgin	4	1	·	·	NEW	pidgin (4)	—
24	armorlogic	3	1	·	·	NEW	profense web application firewall (3)	—
25	canonical	3	·	·	·	PoC 2	ubuntu linux (3)	—
26	debian	3	·	·	·	PoC 1	debian linux (3)	—
27	electrasoft	3	3	·	·	NEWPoC 3	32bit ftp (3)	—
28	frax	3	·	·	·	NEWPoC 3	php recommend (3)	—
29	freepbx	3	·	·	·	NEW	freepbx (3)	—
30	gowondesigns	3	·	·	·	NEWPoC 3	leap (3)	—
31	klinzmann	3	·	·	·	NEWPoC 1	application access server (3)	—
32	minddezign	3	·	·	·	NEWPoC 3	photo gallery (3)	—
33	mozilla	3	1	·	·	PoC 2	firefox (3)	—
34	nullsoft	3	3	·	·	NEWPoC 2	winamp (3)	—
35	omnisoftsol	3	·	·	·	NEWPoC 3	vidsharepro (3)	—
36	openssl	3	·	·	·	NEWPoC 2	openssl (3)	—
37	openssl software foundation	3	·	·	·	NEWPoC 2	openssl (3)	—
38	r020	3	·	·	·	NEWPoC 2	tematres (3)	—
39	sangoma	3	·	·	·	NEW	freepbx (3)	—
40	teraway	3	·	·	·	NEWPoC 3	filestream (1) · linktracker (1) · livehelp (1)	—
41	ubuntu	3	·	·	·	NEW	linux (3)	—
42	ао «нтц ит роса»	3	·	·	·	NEWPoC 2	rosa virtualization (3) · rosa virtualization 3.0 (3)	—
43	activecollab	2	·	·	·	NEW	activecollab (2)	—
44	baofeng	2	2	·	·	PoC 1	storm (2)	—
45	bitweaver	2	·	·	·	PoC 2	bitweaver (2)	—
46	bookingcentre	2	·	·	·	NEWPoC 2	booking system for hotels group (2)	—
47	cscope	2	2	·	·	NEWPoC 1	cscope (2)	—
48	dew-code	2	·	·	·	NEWPoC 2	dew-newphplinks (2)	—
49	directadmin	2	·	·	·	NEWPoC 1	directadmin (2)	—
50	flyspeck	2	·	·	·	NEWPoC 2	flyspeck cms (2)	—