month report
January 2014
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
January 2014 closed with 579 published CVEs. 63 criticals, oracle led volume, mostly via jre. Biggest breakout: oracle corp. at ×19.5 their 12-month median. Top weakness class — CWE-79 (80 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
579
— MoM— YoY
Severity mix
63 / 82
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
4.1%
24 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
4432.0
n=24
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
2969
n=1
Detection gap
KEV pressure, no Nuclei coverage
January 2014 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1adobe7 CVE
Weakness × Vendor
What's spreading where in January 2014
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
Breakout vendors
CVE count ≥3× their own 12-period median.
- 19.5×oracle corp.39 CVE
- 6.7×wordpress10 CVE
- 5.0×microsoft corp5 CVE
- 4.7×gentoo foundation inc.14 CVE
- 4.0×juniper6 CVE
- 4.0×dell4 CVE
- 3.0×icinga3 CVE
- 3.0×symantec3 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #23atmail6 CVE
- #28conceptronic5 CVE
- #29fatfreecrm5 CVE
- #33open-xchange5 CVE
- #37libreswan4 CVE
- #39memcached4 CVE
- #44mariadb foundation3 CVE
- #46opsview3 CVE
- #48projectforge3 CVE
- #51thecus3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 120 CVE10 critCVSS 5.3PoC 2jre (36) · jdk (31) · mysql (18)
- 39 CVE5 critCVSS 5.3×19.5mysql (15) · java runtime environment (9) · java development kit (8)
- 38 CVE4 critCVSS 6.5secure access control system (8) · context directory agent (4) · mediasense (3)
- 33 CVECVSS 4.8PoC 2enterprise linux desktop (11) · enterprise linux workstation (11) · enterprise linux server (11)
- 22 CVECVSS 4.8PoC 2debian linux (19) · axiom (1) · localepurge (1)
- 21 CVE1 critCVSS 5.2qradar security information and event manager (4) · websphere application server (3) · lotus quickr for domino (2)
- 16 CVE9 critCVSS 7.2PoC 2storage data protector (9) · jdk (6) · jre (6)
- 15 CVECVSS 3.7PoC 2ubuntu linux (15)
- 15 CVE1 critCVSS 7.1PoC 1chrome (11) · picasa (4)
- 14 CVE2 critCVSS 4.5×4.7PoC 1gentoo linux (14)
- 14 CVECVSS 4.2linux kernel (14)
- 13 CVECVSS 5.8PoC 2opensuse (13)
- 10 CVECVSS 4.0mariadb (10)
- 10 CVECVSS 4.5×6.7Nuclei 10PoC 2wordpress (10)
- 9 CVECVSS 3.8PoC 1nova (2) · httplib2 (1) · plone (1)
- 9 CVECVSS 6.0PoC 2debian gnu/linux (8) · libxml2 (1) · linux (1)
- 8 CVE1 critCVSS 6.1PoC 3org.springframework:spring-oxm (2) · org.apache.santuario:xmlsec (1) · com.jamonapi:jamon (1)
- 8 CVECVSS 4.6PoC 5fat_free_crm (5) · passenger (1) · paratrooper-newrelic (1)
- 7 CVE6 critCVSS 9.9KEV 1acrobat (4) · flash player (2) · adobe air (2)
- 7 CVECVSS 3.9PoC 2cloudstack (2) · ofbiz (1) · santuario xml security for java (1)
- 7 CVECVSS 4.3sunos (7)
- 7 CVECVSS 5.6xen (7)
- 6 CVE4 critCVSS 8.5NEWatmail (6)
- 6 CVECVSS 7.2×4.0junos (6) · srx240 (2) · srx100 (2)
- 6 CVE3 critCVSS 8.6PoC 1word (3) · office compatibility pack (3) · word viewer (2)
- 6 CVECVSS 4.8spring framework (3) · esxi (2) · esx (2)
- 5 CVECVSS 6.4PoC 1iphone os (2) · mac os x (2) · watchos (1)
- 5 CVECVSS 5.8NEWPoC 3c54apm (4) · c54apm firmware (4) · cipcamptiwl (1)
- 5 CVECVSS 5.7NEWPoC 2fat free crm (5)
- 5 CVECVSS 4.8PoC 1websphere application server (3) · aix (1) · tivoli business service manager (1)
- 5 CVE3 critCVSS 7.7×5.0microsoft dynamics ax (1) · microsoft office (1) · microsoft sharepoint server (1)
- 5 CVECVSS 3.5PoC 1suse linux enterprise (4) · opensuse (1)
- 5 CVECVSS 4.2NEWopen-xchange appsuite (5)
- 4 CVECVSS 4.7PoC 1security gateway (1) · ipso os (1) · management server (1)
- 4 CVE1 critCVSS 7.6×4.0powerconnect 5324 (3) · powerconnect 3524p (3) · powerconnect 3348 (3)
- 4 CVECVSS 4.6PoC 1drupal (4)
- 4 CVE1 critCVSS 6.1NEWPoC 1libreswan (4)
- 4 CVECVSS 4.9PoC 2vulnerability manager (3) · superscan (1)
- 4 CVECVSS 2.5NEWPoC 1memcached (4)
- 4 CVECVSS 4.5havana (1) · nova (1) · python-keystoneclient (1)
- 3 CVECVSS 4.3f5d8236-4 (1) · n300 (1) · n900 (1)
- 3 CVECVSS 5.2PoC 1fedora (3)
- 3 CVECVSS 6.3×3.0icinga (3)
- 3 CVECVSS 6.1NEWmariadb (3)
- 3 CVECVSS 5.4moodle (3)
- 3 CVECVSS 5.6NEWopsview (3)
- 3 CVE1 critCVSS 6.1ec-cube/ec-cube (1) · civicrm/civicrm-core (1) · typo3/cms-core (1)
- 3 CVECVSS 4.6NEWPoC 1projectforge (3)
- 3 CVECVSS 4.1PoC 1python (1) · pyxdg (1) · rply (1)
- 3 CVECVSS 6.4×3.0endpoint protection (3)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | oracle | 120 | 10 | · | · | PoC 2 | jre (36) · jdk (31) · mysql (18) | — | |
| 2 | oracle corp. | 39 | 5 | · | · | ×19.5 | mysql (15) · java runtime environment (9) · java development kit (8) | — | |
| 3 | cisco | 38 | 4 | · | · | secure access control system (8) · context directory agent (4) · mediasense (3) | — | ||
| 4 | redhat | 33 | · | · | · | PoC 2 | enterprise linux desktop (11) · enterprise linux workstation (11) · enterprise linux server (11) | — | |
| 5 | debian | 22 | · | · | · | PoC 2 | debian linux (19) · axiom (1) · localepurge (1) | — | |
| 6 | ibm | 21 | 1 | · | · | qradar security information and event manager (4) · websphere application server (3) · lotus quickr for domino (2) | — | ||
| 7 | hp | 16 | 9 | · | · | PoC 2 | storage data protector (9) · jdk (6) · jre (6) | — | |
| 8 | canonical | 15 | · | · | · | PoC 2 | ubuntu linux (15) | — | |
| 9 | 15 | 1 | · | · | PoC 1 | chrome (11) · picasa (4) | — | ||
| 10 | gentoo foundation inc. | 14 | 2 | · | · | ×4.7PoC 1 | gentoo linux (14) | — | |
| 11 | linux | 14 | · | · | · | linux kernel (14) | — | ||
| 12 | opensuse | 13 | · | · | · | PoC 2 | opensuse (13) | — | |
| 13 | mariadb | 10 | · | · | · | mariadb (10) | — | ||
| 14 | wordpress | 10 | · | · | 10 | ×6.7Nuclei 10PoC 2 | wordpress (10) | — | |
| 15 | pypi | 9 | · | · | · | PoC 1 | nova (2) · httplib2 (1) · plone (1) | — | |
| 16 | сообщество свободного программного обеспечения | 9 | · | · | · | PoC 2 | debian gnu/linux (8) · libxml2 (1) · linux (1) | — | |
| 17 | maven | 8 | 1 | · | · | PoC 3 | org.springframework:spring-oxm (2) · org.apache.santuario:xmlsec (1) · com.jamonapi:jamon (1) | — | |
| 18 | rubygems | 8 | · | · | · | PoC 5 | fat_free_crm (5) · passenger (1) · paratrooper-newrelic (1) | — | |
| 19 | adobe | 7 | 6 | 1 | · | KEV 1 | acrobat (4) · flash player (2) · adobe air (2) | — | |
| 20 | apache | 7 | · | · | · | PoC 2 | cloudstack (2) · ofbiz (1) · santuario xml security for java (1) | — | |
| 21 | sun | 7 | · | · | · | sunos (7) | — | ||
| 22 | xen | 7 | · | · | · | xen (7) | — | ||
| 23 | atmail | 6 | 4 | · | · | NEW | atmail (6) | — | |
| 24 | juniper | 6 | · | · | · | ×4.0 | junos (6) · srx240 (2) · srx100 (2) | — | |
| 25 | microsoft | 6 | 3 | · | · | PoC 1 | word (3) · office compatibility pack (3) · word viewer (2) | — | |
| 26 | vmware | 6 | · | · | · | spring framework (3) · esxi (2) · esx (2) | — | ||
| 27 | apple | 5 | · | · | · | PoC 1 | iphone os (2) · mac os x (2) · watchos (1) | — | |
| 28 | conceptronic | 5 | · | · | · | NEWPoC 3 | c54apm (4) · c54apm firmware (4) · cipcamptiwl (1) | — | |
| 29 | fatfreecrm | 5 | · | · | · | NEWPoC 2 | fat free crm (5) | — | |
| 30 | ibm corp. | 5 | · | · | · | PoC 1 | websphere application server (3) · aix (1) · tivoli business service manager (1) | — | |
| 31 | microsoft corp | 5 | 3 | · | · | ×5.0 | microsoft dynamics ax (1) · microsoft office (1) · microsoft sharepoint server (1) | — | |
| 32 | novell inc. | 5 | · | · | · | PoC 1 | suse linux enterprise (4) · opensuse (1) | — | |
| 33 | open-xchange | 5 | · | · | · | NEW | open-xchange appsuite (5) | — | |
| 34 | checkpoint | 4 | · | · | · | PoC 1 | security gateway (1) · ipso os (1) · management server (1) | — | |
| 35 | dell | 4 | 1 | · | · | ×4.0 | powerconnect 5324 (3) · powerconnect 3524p (3) · powerconnect 3348 (3) | — | |
| 36 | drupal | 4 | · | · | · | PoC 1 | drupal (4) | — | |
| 37 | libreswan | 4 | 1 | · | · | NEWPoC 1 | libreswan (4) | — | |
| 38 | mcafee | 4 | · | · | · | PoC 2 | vulnerability manager (3) · superscan (1) | — | |
| 39 | memcached | 4 | · | · | · | NEWPoC 1 | memcached (4) | — | |
| 40 | openstack | 4 | · | · | · | havana (1) · nova (1) · python-keystoneclient (1) | — | ||
| 41 | belkin | 3 | · | · | · | f5d8236-4 (1) · n300 (1) · n900 (1) | — | ||
| 42 | fedoraproject | 3 | · | · | · | PoC 1 | fedora (3) | — | |
| 43 | icinga | 3 | · | · | · | ×3.0 | icinga (3) | — | |
| 44 | mariadb foundation | 3 | · | · | · | NEW | mariadb (3) | — | |
| 45 | moodle | 3 | · | · | · | moodle (3) | — | ||
| 46 | opsview | 3 | · | · | · | NEW | opsview (3) | — | |
| 47 | packagist | 3 | 1 | · | · | ec-cube/ec-cube (1) · civicrm/civicrm-core (1) · typo3/cms-core (1) | — | ||
| 48 | projectforge | 3 | · | · | · | NEWPoC 1 | projectforge (3) | — | |
| 49 | python | 3 | · | · | · | PoC 1 | python (1) · pyxdg (1) · rply (1) | — | |
| 50 | symantec | 3 | · | · | · | ×3.0 | endpoint protection (3) | — |