month report
June 2019
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
June 2019 closed with 1,394 published CVEs. 187 criticals, ооо «русбитех-астра» led volume, mostly via astra linux special edition. Biggest breakout: fedora project at ×12.0 their 12-month median. Top weakness class — CWE-79 (136 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
1,394
— MoM— YoY
Severity mix
187 / 566
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
2.4%
34 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
2455.1
n=34
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
979
n=8
Detection gap
KEV pressure, no Nuclei coverage
June 2019 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 2microsoft88 CVE
- KEV 2microsoft corp88 CVE
- KEV 1google116 CVE
- KEV 1google inc69 CVE
- KEV 1npm61 CVE
Weakness × Vendor
What's spreading where in June 2019
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS787Out-of-bounds Write20Improper Input Validation917Expression Language Injection200Information Exposure89SQL Injection416Use After Free125Out-of-bounds Read22Path Traversal78OS Command Injectionооо «русбитех-астра»22566121013сообщество свободного программного обеспечения122639913google23810614141hp323581111microsoft416717microsoft corp416717google inc121651071novell inc.16217312ibm15512red hat inc.2123210412debian1721642npm5145126
Breakout vendors
CVE count ≥3× their own 12-period median.
- 12.0×fedora project48 CVE
- 9.5×fedoraproject57 CVE
- 6.4×opensuse58 CVE
- 5.5×npm61 CVE
- 5.1×google inc69 CVE
- 5.0×ао «концерн вниинс»55 CVE
- 4.7×foxit28 CVE
- 4.1×foxitsoftware37 CVE
- 4.0×fortinet8 CVE
- 3.8×hp114 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #32android12 CVE
- #33getvera12 CVE
- #42securifi10 CVE
- #47stopzilla9 CVE
- #48abb8 CVE
- #51asea brown boveri ltd.8 CVE
- #60ishekar7 CVE
- #62livezilla7 CVE
- #66advantech co., ltd6 CVE
- #69cesanta6 CVE
Top vendors
Ranked by distinct CVE count this period.
- 175 CVE8 critCVSS 6.7KEV 2Nuclei 1PoC 22astra linux special edition (168) · astra linux common edition (26) · astra linux special edition для «эльбрус» (21)
- 150 CVE8 critCVSS 6.8KEV 1Nuclei 1PoC 25debian gnu/linux (100) · linux (37) · rubygems (6)
- 116 CVE3 critCVSS 7.3KEV 1PoC 2chrome (74) · android (41) · nexus 9 firmware (1)
- 114 CVE14 critCVSS 8.2×3.8PoC 1intelligent management center (104) · t6b82a firmware (4) · t6b83a firmware (4)
- 88 CVECVSS 6.7KEV 2PoC 2windows 10 version 1809 (47) · windows server 2019 (server core installation) (47) · windows 10 (47)
- 88 CVECVSS 6.7KEV 2PoC 2windows server 2019 (server core installation) (47) · windows 10 1809 (47) · windows server 2019 (47)
- 69 CVECVSS 7.3×5.1KEV 1PoC 2google chrome (67) · android (2)
- 69 CVE6 critCVSS 7.8×3.6PoC 19opensuse leap (64) · suse package hub for suse linux enterprise (24) · suse linux enterprise module for open buildservice development tools (8)
- 66 CVECVSS 5.7rational quality manager (13) · rational doors next generation (13) · rational collaborative lifecycle management (13)
- 65 CVE5 critCVSS 7.3PoC 13red hat enterprise linux (58) · red hat software collections (5) · cloudforms management engine (5)
- 63 CVE7 critCVSS 7.4KEV 1Nuclei 1PoC 14debian linux (63)
- 61 CVECVSS 5.6×5.5KEV 1ids-enterprise (3) · js-yaml (2) · bl (1)
- 58 CVE5 critCVSS 7.4×6.4PoC 13leap (58) · backports (32)
- 57 CVE3 critCVSS 7.2×9.5PoC 7fedora (57)
- 55 CVE4 critCVSS 7.4×5.0PoC 11ос он «стрелец» (55)
- 48 CVE1 critCVSS 7.1×12.0PoC 6fedora (48)
- 38 CVE5 critCVSS 7.1KEV 1Nuclei 1PoC 20ubuntu (38)
- 38 CVE3 critCVSS 6.6Nuclei 3PoC 38unified computing system (7) · integrated management controller (7) · cisco unified computing system (management software) (7)
- 38 CVE3 critCVSS 6.3Nuclei 3PoC 38integrated management controller (7) · unified computing system (6) · cisco data center network manager (4)
- 37 CVECVSS 7.1×4.1foxit reader (22) · phantompdf (22) · foxit pdf sdk activex (9)
- 34 CVE6 critCVSS 7.7PoC 11enterprise linux (15) · enterprise linux eus (7) · enterprise linux server aus (6)
- 31 CVE5 critCVSS 7.0KEV 1Nuclei 1PoC 11ubuntu linux (31)
- 28 CVECVSS 7.0×4.7reader (18) · studio photo (6) · phantompdf (4)
- 27 CVE7 critCVSS 7.8qcs605 firmware (25) · mdm9650 firmware (25) · sd 636 firmware (24)
- 27 CVE7 critCVSS 7.8snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables, snapdragon wired infrastructure and networking (4) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (3) · snapdragon auto, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile (3)
- 26 CVE1 critCVSS 3.9PoC 1open cloud integrity tehnology (9) · openattestation (9) · nuc kit firmware (7)
- 24 CVE1 critCVSS 6.5×3.4PoC 1open cloud integrity technology (9) · openattestation (8) · intel nuc kit nuc8i7bex (7)
- 23 CVECVSS 6.3×3.5mate 10 firmware (3) · p20 (2) · p20 firmware (2)
- 23 CVE2 critCVSS 6.7Nuclei 1PoC 5org.jenkins-ci.plugins:electricflow (6) · org.jenkins-ci.plugins:jx-resources (2) · com.fasterxml.jackson.core:jackson-databind (2)
- 14 CVE1 critCVSS 8.3PoC 14awk-3121 firmware (14)
- 13 CVE1 critCVSS 6.9PoC 9linux kernel (13)
- 12 CVE1 critCVSS 7.9NEWPoC 1android (12)
- 12 CVE2 critCVSS 8.1NEWPoC 11veraedge firmware (12) · veralite firmware (12)
- 12 CVE2 critCVSS 6.7Nuclei 2PoC 5oracle communications session router (3) · oracle communications session border controller (3) · oracle communications subscriber-aware load balancer (3)
- 11 CVECVSS 7.2PoC 1huawei mate 9 pro (6) · hedex lite (1) · huawei ac6605 (1)
- 11 CVE2 critCVSS 7.4PoC 1aubio (3) · twisted (2) · linotp (1)
- 11 CVE1 critCVSS 6.2netweaver process integration (4) · advanced business application programming platform krnl32nuc (1) · advanced business application programming platform krnl32uc (1)
- 11 CVE1 critCVSS 6.6sap netweaver process integration(sap_xitool) (3) · sap netweaver process integration(sap_xiesr) (3) · sap hana extended application services (advanced model) (1)
- 11 CVE1 critCVSS 6.9PoC 2tim 1531 irc (3) · cloudconnect 712 (3) · ruggedcom rm1224 (3)
- 10 CVECVSS 4.2microsoft.chakracore (9) · gw2sharp (1)
- 10 CVE2 critCVSS 7.0Nuclei 2PoC 3moodle/moodle (3) · shopware/shopware (2) · phpmyadmin/phpmyadmin (2)
- 10 CVECVSS 8.2NEWPoC 10almond 2015 firmware (10) · almond firmware (10) · almond\+firmware (10)
- 10 CVE2 critCVSS 7.2PoC 3осон основа оnyx (10)
- 9 CVECVSS 6.2PoC 1electricflow (6) · jx resources (2) · token macro (1)
- 9 CVECVSS 6.2PoC 1jenkins electricflow plugin (6) · jenkins jx resources plugin (2) · jenkins token macro plugin (1)
- 9 CVE1 critCVSS 7.5PoC 8rubygems (6) · rubygems-update (6) · chartkick (1)
- 9 CVECVSS 5.5NEWPoC 1antimalware (9)
- 8 CVECVSS 8.5NEWPoC 8pb610 panel builder 600 firmware (6) · cp630-web firmware (2) · cp635-b firmware (2)
- 8 CVE6 critCVSS 9.3PoC 1webaccess (8)
- 8 CVE2 critCVSS 7.4http server (3) · apache fineract (2) · fineract (2)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | ооо «русбитех-астра» | 175 | 8 | 2 | 1 | KEV 2Nuclei 1PoC 22 | astra linux special edition (168) · astra linux common edition (26) · astra linux special edition для «эльбрус» (21) | — | |
| 2 | сообщество свободного программного обеспечения | 150 | 8 | 1 | 1 | KEV 1Nuclei 1PoC 25 | debian gnu/linux (100) · linux (37) · rubygems (6) | — | |
| 3 | 116 | 3 | 1 | · | KEV 1PoC 2 | chrome (74) · android (41) · nexus 9 firmware (1) | — | ||
| 4 | hp | 114 | 14 | · | · | ×3.8PoC 1 | intelligent management center (104) · t6b82a firmware (4) · t6b83a firmware (4) | — | |
| 5 | microsoft | 88 | · | 2 | · | KEV 2PoC 2 | windows 10 version 1809 (47) · windows server 2019 (server core installation) (47) · windows 10 (47) | — | |
| 6 | microsoft corp | 88 | · | 2 | · | KEV 2PoC 2 | windows server 2019 (server core installation) (47) · windows 10 1809 (47) · windows server 2019 (47) | — | |
| 7 | google inc | 69 | · | 1 | · | ×5.1KEV 1PoC 2 | google chrome (67) · android (2) | — | |
| 8 | novell inc. | 69 | 6 | · | · | ×3.6PoC 19 | opensuse leap (64) · suse package hub for suse linux enterprise (24) · suse linux enterprise module for open buildservice development tools (8) | — | |
| 9 | ibm | 66 | · | · | · | rational quality manager (13) · rational doors next generation (13) · rational collaborative lifecycle management (13) | — | ||
| 10 | red hat inc. | 65 | 5 | · | · | PoC 13 | red hat enterprise linux (58) · red hat software collections (5) · cloudforms management engine (5) | — | |
| 11 | debian | 63 | 7 | 1 | 1 | KEV 1Nuclei 1PoC 14 | debian linux (63) | — | |
| 12 | npm | 61 | · | 1 | · | ×5.5KEV 1 | ids-enterprise (3) · js-yaml (2) · bl (1) | — | |
| 13 | opensuse | 58 | 5 | · | · | ×6.4PoC 13 | leap (58) · backports (32) | — | |
| 14 | fedoraproject | 57 | 3 | · | · | ×9.5PoC 7 | fedora (57) | — | |
| 15 | ао «концерн вниинс» | 55 | 4 | · | · | ×5.0PoC 11 | ос он «стрелец» (55) | — | |
| 16 | fedora project | 48 | 1 | · | · | ×12.0PoC 6 | fedora (48) | — | |
| 17 | canonical ltd. | 38 | 5 | 1 | 1 | KEV 1Nuclei 1PoC 20 | ubuntu (38) | — | |
| 18 | cisco | 38 | 3 | · | 3 | Nuclei 3PoC 38 | unified computing system (7) · integrated management controller (7) · cisco unified computing system (management software) (7) | — | |
| 19 | cisco systems inc. | 38 | 3 | · | 3 | Nuclei 3PoC 38 | integrated management controller (7) · unified computing system (6) · cisco data center network manager (4) | — | |
| 20 | foxitsoftware | 37 | · | · | · | ×4.1 | foxit reader (22) · phantompdf (22) · foxit pdf sdk activex (9) | — | |
| 21 | redhat | 34 | 6 | · | · | PoC 11 | enterprise linux (15) · enterprise linux eus (7) · enterprise linux server aus (6) | — | |
| 22 | canonical | 31 | 5 | 1 | 1 | KEV 1Nuclei 1PoC 11 | ubuntu linux (31) | — | |
| 23 | foxit | 28 | · | · | · | ×4.7 | reader (18) · studio photo (6) · phantompdf (4) | — | |
| 24 | qualcomm | 27 | 7 | · | · | qcs605 firmware (25) · mdm9650 firmware (25) · sd 636 firmware (24) | — | ||
| 25 | qualcomm, inc. | 27 | 7 | · | · | snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables, snapdragon wired infrastructure and networking (4) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (3) · snapdragon auto, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile (3) | — | ||
| 26 | intel | 26 | 1 | · | · | PoC 1 | open cloud integrity tehnology (9) · openattestation (9) · nuc kit firmware (7) | — | |
| 27 | intel corp. | 24 | 1 | · | · | ×3.4PoC 1 | open cloud integrity technology (9) · openattestation (8) · intel nuc kit nuc8i7bex (7) | — | |
| 28 | huawei | 23 | · | · | · | ×3.5 | mate 10 firmware (3) · p20 (2) · p20 firmware (2) | — | |
| 29 | maven | 23 | 2 | · | 1 | Nuclei 1PoC 5 | org.jenkins-ci.plugins:electricflow (6) · org.jenkins-ci.plugins:jx-resources (2) · com.fasterxml.jackson.core:jackson-databind (2) | — | |
| 30 | moxa | 14 | 1 | · | · | PoC 14 | awk-3121 firmware (14) | — | |
| 31 | linux | 13 | 1 | · | · | PoC 9 | linux kernel (13) | — | |
| 32 | android | 12 | 1 | · | · | NEWPoC 1 | android (12) | — | |
| 33 | getvera | 12 | 2 | · | · | NEWPoC 11 | veraedge firmware (12) · veralite firmware (12) | — | |
| 34 | oracle corp. | 12 | 2 | · | 2 | Nuclei 2PoC 5 | oracle communications session router (3) · oracle communications session border controller (3) · oracle communications subscriber-aware load balancer (3) | — | |
| 35 | huawei technologies co., ltd. | 11 | · | · | · | PoC 1 | huawei mate 9 pro (6) · hedex lite (1) · huawei ac6605 (1) | — | |
| 36 | pypi | 11 | 2 | · | · | PoC 1 | aubio (3) · twisted (2) · linotp (1) | — | |
| 37 | sap | 11 | 1 | · | · | netweaver process integration (4) · advanced business application programming platform krnl32nuc (1) · advanced business application programming platform krnl32uc (1) | — | ||
| 38 | sap se | 11 | 1 | · | · | sap netweaver process integration(sap_xitool) (3) · sap netweaver process integration(sap_xiesr) (3) · sap hana extended application services (advanced model) (1) | — | ||
| 39 | siemens ag | 11 | 1 | · | · | PoC 2 | tim 1531 irc (3) · cloudconnect 712 (3) · ruggedcom rm1224 (3) | — | |
| 40 | nuget | 10 | · | · | · | microsoft.chakracore (9) · gw2sharp (1) | — | ||
| 41 | packagist | 10 | 2 | · | 2 | Nuclei 2PoC 3 | moodle/moodle (3) · shopware/shopware (2) · phpmyadmin/phpmyadmin (2) | — | |
| 42 | securifi | 10 | · | · | · | NEWPoC 10 | almond 2015 firmware (10) · almond firmware (10) · almond\+firmware (10) | — | |
| 43 | ао "нппкт" | 10 | 2 | · | · | PoC 3 | осон основа оnyx (10) | — | |
| 44 | jenkins | 9 | · | · | · | PoC 1 | electricflow (6) · jx resources (2) · token macro (1) | — | |
| 45 | jenkins project | 9 | · | · | · | PoC 1 | jenkins electricflow plugin (6) · jenkins jx resources plugin (2) · jenkins token macro plugin (1) | — | |
| 46 | rubygems | 9 | 1 | · | · | PoC 8 | rubygems (6) · rubygems-update (6) · chartkick (1) | — | |
| 47 | stopzilla | 9 | · | · | · | NEWPoC 1 | antimalware (9) | — | |
| 48 | abb | 8 | · | · | · | NEWPoC 8 | pb610 panel builder 600 firmware (6) · cp630-web firmware (2) · cp635-b firmware (2) | — | |
| 49 | advantech | 8 | 6 | · | · | PoC 1 | webaccess (8) | — | |
| 50 | apache | 8 | 2 | · | · | http server (3) · apache fineract (2) · fineract (2) | — |