month report

June 2009

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

June 2009 closed with 452 published CVEs. 101 criticals, apple led volume, mostly via safari. Top weakness class — CWE-79 (72 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

452

— MoM— YoY

Severity mix

101 / 112

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

1.1%

5 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6104.1

n=5

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

4746

n=3

Detection gap

KEV pressure, no Nuclei coverage

June 2009 · vendors with active exploitation listed by CISA but no public detection template.

KEV 3microsoft35 CVE

Weakness × Vendor

What's spreading where in June 2009

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#10elvinbts8 CVE
#18virtuenetz5 CVE
#20fuzzylime4 CVE
#24aaronoutpost3 CVE
#25campusvirtualcomputrade3 CVE
#26campware.org3 CVE
#28david degner3 CVE
#33php.s33 CVE
#35skybluecanvas3 CVE
#36strongswan3 CVE

Top vendors

Ranked by distinct CVE count this period.

1apple—
63 CVE21 critCVSS 6.5
PoC 20
safari (41) · iphone os (14) · ipod touch (12)
2microsoft—
35 CVE17 critCVSS 8.3
KEV 3PoC 2
windows 2000 (10) · internet explorer (10) · office (10)
3ibm—
17 CVE6 critCVSS 6.6
websphere application server (6) · db2 (5) · rational clearquest (2)
4adobe—
16 CVE16 critCVSS 9.3
acrobat (14) · acrobat reader (14) · shockwave player (2)
5mozilla—
16 CVE8 critCVSS 7.9
PoC 5
firefox (15) · seamonkey (10) · thunderbird (8)
6sun—
15 CVE4 critCVSS 6.3
PoC 3
opensolaris (8) · solaris (6) · one web server (2)
7сообщество свободного программного обеспечения—
9 CVE5 critCVSS 8.1
PoC 8
debian gnu/linux (9)
8canonical—
8 CVECVSS 6.2
PoC 7
ubuntu linux (8)
9cisco—
8 CVECVSS 5.8
adaptive security appliance (3) · ironport asyncos (1) · ironport email security appliances (1)
10elvinbts—
8 CVECVSS 5.9
NEWPoC 5
elvinbts (8)
11apache—
7 CVECVSS 5.5
PoC 2
tomcat (4) · apr-util (3) · http server (3)
12debian—
6 CVECVSS 6.2
PoC 4
debian linux (6)
13dokeos—
6 CVECVSS 5.5
PoC 1
dokeos (6)
14drupal—
6 CVECVSS 4.0
PoC 2
drupal (1) · nodequeue (1) · quiz (1)
15joomla—
5 CVECVSS 6.1
PoC 5
joomla (3) · com school (1) · com casinobase (1)
16opera—
5 CVECVSS 6.6
opera browser (4) · opera (1)
17torrenttrader—
5 CVECVSS 5.3
PoC 5
torrenttrader classic (5)
18virtuenetz—
5 CVECVSS 6.9
NEWPoC 5
virtue news manager (2) · virtue book store (1) · virtue classifieds (1)
19fedoraproject—
4 CVECVSS 6.1
PoC 2
fedora (4)
20fuzzylime—
4 CVE2 critCVSS 8.6
NEWPoC 4
fuzzylime \(cms\) (2) · fuzzylime cms (2)
21google—
4 CVE2 critCVSS 7.8
PoC 2
chrome (4)
22linux—
4 CVECVSS 6.8
PoC 3
linux kernel (4) · kernel (2)
23maven—
4 CVECVSS 4.6
org.apache.tomcat:tomcat (4)
24aaronoutpost—
3 CVECVSS 6.2
NEWPoC 2
asp inline corporate calendar (3)
25campusvirtualcomputrade—
3 CVECVSS 6.2
NEWPoC 3
campus virtual-lms (3)
26campware.org—
3 CVECVSS 6.2
NEWPoC 3
campsite (3)
27citrix—
3 CVECVSS 5.5
netscaler access gateway (1) · netscaler access gateway firmware (1) · secure gateway (1)
28david degner—
3 CVECVSS 6.2
NEWPoC 3
phpcollegeexchange (3)
29gentoo foundation inc.—
3 CVECVSS 4.8
gentoo linux (3)
30netgear—
3 CVECVSS 7.8
PoC 3
dg632 (3) · dg632 firmware (1)
31novell inc.—
3 CVECVSS 6.8
PoC 3
opensuse (3)
32opensuse—
3 CVECVSS 6.6
PoC 3
opensuse (3)
33php.s3—
3 CVECVSS 4.5
NEW
php-i-board (2) · tree bbs (1)
34redhat—
3 CVECVSS 6.9
PoC 1
openssl (2) · enterprise linux desktop (1) · enterprise linux eus (1)
35skybluecanvas—
3 CVECVSS 5.0
NEW
skybluecanvas (3)
36strongswan—
3 CVECVSS 5.0
NEW
strongswan (3)
37suse—
3 CVECVSS 5.8
PoC 3
linux enterprise (2) · linux enterprise server (2) · linux enterprise desktop (1)
384homepages—
2 CVECVSS 5.2
NEWPoC 2
4images (2)
39a-link—
2 CVE1 critCVSS 8.4
NEWPoC 2
wl54ap2 (2) · wl54ap3 (2)
40angrydonuts—
2 CVECVSS 5.8
NEW
nodequeue (1) · views (1)
41atlassian—
2 CVECVSS 5.5
NEW
jira (2)
42benjamin curtis—
2 CVECVSS 7.5
NEWPoC 1
phpbugtracker (2)
43egyplus—
2 CVE1 critCVSS 8.3
NEWPoC 2
7ammel (2)
44firestats—
2 CVECVSS 7.5
NEWNuclei 2PoC 1
firestats (2)
45foxitsoftware—
2 CVE2 critCVSS 9.3
NEW
foxit reader (2) · jpeg2000 jbig2 decoder add-on (1) · jpeg2000\/jbig2 decoder add-on (1)
46freebsd—
2 CVECVSS 4.3
freebsd (2)
47fretsweb project—
2 CVECVSS 6.3
NEWPoC 2
fretsweb (2)
48hp—
2 CVE1 critCVSS 7.0
discovery\&dependency mapping inventory (1) · openview network node manager (1)
49jnmsolutions—
2 CVE1 critCVSS 8.8
NEWPoC 2
db top sites (2)
50kasseler-cms—
2 CVECVSS 4.7
NEWPoC 2
kasseler cms (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	apple	63	21	·	·	PoC 20	safari (41) · iphone os (14) · ipod touch (12)	—
2	microsoft	35	17	3	·	KEV 3PoC 2	windows 2000 (10) · internet explorer (10) · office (10)	—
3	ibm	17	6	·	·		websphere application server (6) · db2 (5) · rational clearquest (2)	—
4	adobe	16	16	·	·		acrobat (14) · acrobat reader (14) · shockwave player (2)	—
5	mozilla	16	8	·	·	PoC 5	firefox (15) · seamonkey (10) · thunderbird (8)	—
6	sun	15	4	·	·	PoC 3	opensolaris (8) · solaris (6) · one web server (2)	—
7	сообщество свободного программного обеспечения	9	5	·	·	PoC 8	debian gnu/linux (9)	—
8	canonical	8	·	·	·	PoC 7	ubuntu linux (8)	—
9	cisco	8	·	·	·		adaptive security appliance (3) · ironport asyncos (1) · ironport email security appliances (1)	—
10	elvinbts	8	·	·	·	NEWPoC 5	elvinbts (8)	—
11	apache	7	·	·	·	PoC 2	tomcat (4) · apr-util (3) · http server (3)	—
12	debian	6	·	·	·	PoC 4	debian linux (6)	—
13	dokeos	6	·	·	·	PoC 1	dokeos (6)	—
14	drupal	6	·	·	·	PoC 2	drupal (1) · nodequeue (1) · quiz (1)	—
15	joomla	5	·	·	·	PoC 5	joomla (3) · com school (1) · com casinobase (1)	—
16	opera	5	·	·	·		opera browser (4) · opera (1)	—
17	torrenttrader	5	·	·	·	PoC 5	torrenttrader classic (5)	—
18	virtuenetz	5	·	·	·	NEWPoC 5	virtue news manager (2) · virtue book store (1) · virtue classifieds (1)	—
19	fedoraproject	4	·	·	·	PoC 2	fedora (4)	—
20	fuzzylime	4	2	·	·	NEWPoC 4	fuzzylime \(cms\) (2) · fuzzylime cms (2)	—
21	google	4	2	·	·	PoC 2	chrome (4)	—
22	linux	4	·	·	·	PoC 3	linux kernel (4) · kernel (2)	—
23	maven	4	·	·	·		org.apache.tomcat:tomcat (4)	—
24	aaronoutpost	3	·	·	·	NEWPoC 2	asp inline corporate calendar (3)	—
25	campusvirtualcomputrade	3	·	·	·	NEWPoC 3	campus virtual-lms (3)	—
26	campware.org	3	·	·	·	NEWPoC 3	campsite (3)	—
27	citrix	3	·	·	·		netscaler access gateway (1) · netscaler access gateway firmware (1) · secure gateway (1)	—
28	david degner	3	·	·	·	NEWPoC 3	phpcollegeexchange (3)	—
29	gentoo foundation inc.	3	·	·	·		gentoo linux (3)	—
30	netgear	3	·	·	·	PoC 3	dg632 (3) · dg632 firmware (1)	—
31	novell inc.	3	·	·	·	PoC 3	opensuse (3)	—
32	opensuse	3	·	·	·	PoC 3	opensuse (3)	—
33	php.s3	3	·	·	·	NEW	php-i-board (2) · tree bbs (1)	—
34	redhat	3	·	·	·	PoC 1	openssl (2) · enterprise linux desktop (1) · enterprise linux eus (1)	—
35	skybluecanvas	3	·	·	·	NEW	skybluecanvas (3)	—
36	strongswan	3	·	·	·	NEW	strongswan (3)	—
37	suse	3	·	·	·	PoC 3	linux enterprise (2) · linux enterprise server (2) · linux enterprise desktop (1)	—
38	4homepages	2	·	·	·	NEWPoC 2	4images (2)	—
39	a-link	2	1	·	·	NEWPoC 2	wl54ap2 (2) · wl54ap3 (2)	—
40	angrydonuts	2	·	·	·	NEW	nodequeue (1) · views (1)	—
41	atlassian	2	·	·	·	NEW	jira (2)	—
42	benjamin curtis	2	·	·	·	NEWPoC 1	phpbugtracker (2)	—
43	egyplus	2	1	·	·	NEWPoC 2	7ammel (2)	—
44	firestats	2	·	·	2	NEWNuclei 2PoC 1	firestats (2)	—
45	foxitsoftware	2	2	·	·	NEW	foxit reader (2) · jpeg2000 jbig2 decoder add-on (1) · jpeg2000\/jbig2 decoder add-on (1)	—
46	freebsd	2	·	·	·		freebsd (2)	—
47	fretsweb project	2	·	·	·	NEWPoC 2	fretsweb (2)	—
48	hp	2	1	·	·		discovery\&dependency mapping inventory (1) · openview network node manager (1)	—
49	jnmsolutions	2	1	·	·	NEWPoC 2	db top sites (2)	—
50	kasseler-cms	2	·	·	·	NEWPoC 2	kasseler cms (2)	—