month report
April 2020
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
April 2020 closed with 2,225 published CVEs. 303 criticals, netgear led volume, mostly via r7800 firmware. Top weakness class — CWE-79 (235 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
2,225
— MoM— YoY
Severity mix
303 / 926
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
3.9%
86 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
2151.3
n=86
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
567
n=16
Detection gap
KEV pressure, no Nuclei coverage
April 2020 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 4microsoft corp114 CVE
- KEV 4microsoft113 CVE
- KEV 1cisco systems inc.22 CVE
- KEV 1cisco20 CVE
Weakness × Vendor
What's spreading where in April 2020
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS787Out-of-bounds Write20Improper Input Validation120Buffer Overflow200Information Exposure78OS Command Injection125Out-of-bounds Read74Injection22Path Traversal287Improper Authenticationnetgear861011136202339113oracle22224oracle corp.222214oracle corporation22113google2622132110216сообщество свободного программного обеспечения81551211212fedoraproject48491microsoft corp1210221microsoft1210221debian81151021opensuse2115111canonical2134292
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #1netgear463 CVE
- #4oracle corporation230 CVE
- #26abb35 CVE
- #35juniper24 CVE
- #36juniper networks24 CVE
- #37juniper networks inc.24 CVE
- #41mcafee19 CVE
- #42prestashop18 CVE
- #49cipplanner14 CVE
- #50hitachienergy14 CVE
Top vendors
Ranked by distinct CVE count this period.
- 463 CVE18 critCVSS 7.0NEWr7800 firmware (170) · r9000 firmware (141) · wndr4500 firmware (119)
- 246 CVE12 critCVSS 6.5KEV 2Nuclei 12PoC 9mysql (38) · vm virtualbox (20) · weblogic server (17)
- 246 CVE12 critCVSS 6.4KEV 2Nuclei 12PoC 8mysql server (33) · vm virtualbox (20) · weblogic server (16)
- 230 CVE10 critCVSS 6.6NEWKEV 1Nuclei 9PoC 4mysql server (34) · vm virtualbox (20) · java (14)
- 207 CVE57 critCVSS 7.3PoC 2android (179) · chrome (26) · openthread (1)
- 138 CVE11 critCVSS 6.6KEV 5Nuclei 12PoC 25debian gnu/linux (129) · linux (19) · libgit2 (2)
- 115 CVE4 critCVSS 6.1KEV 1Nuclei 4PoC 16fedora (115)
- 114 CVE2 critCVSS 7.3KEV 4PoC 3windows 10 1903 (67) · windows 10 1909 (67) · windows server 1909 (server core installation) (66)
- 113 CVE1 critCVSS 7.3KEV 4PoC 3windows server, version 1903 (server core installation) (66) · windows 10 version 1903 for x64-based systems (66) · windows 10 version 1909 for x64-based systems (66)
- 111 CVE12 critCVSS 6.6KEV 3Nuclei 11PoC 21debian linux (111)
- 107 CVE6 critCVSS 6.7KEV 2Nuclei 4PoC 16leap (102) · backports sle (16) · backports (15)
- 93 CVE7 critCVSS 6.0KEV 2Nuclei 4PoC 19ubuntu linux (90) · apport (3) · microk8s (1)
- 89 CVE9 critCVSS 6.9KEV 3Nuclei 4PoC 17astra linux special edition (79) · astra linux special edition для «эльбрус» (39) · astra linux common edition (33)
- 79 CVE5 critCVSS 6.5KEV 3Nuclei 2PoC 14ос он «стрелец» (79)
- 77 CVE2 critCVSS 6.1KEV 1Nuclei 2PoC 9fedora (77)
- 73 CVE1 critCVSS 6.3KEV 3Nuclei 3PoC 7red hat enterprise linux (67) · red hat software collections (16) · jboss fuse (6)
- 72 CVE3 critCVSS 6.1KEV 4Nuclei 4PoC 8альт 8 сп (72)
- 71 CVE3 critCVSS 5.8KEV 2Nuclei 3PoC 8ubuntu (70) · apport (1) · pc-kernel (1)
- 70 CVE3 critCVSS 5.8KEV 1Nuclei 2PoC 7active iq unified manager (53) · oncommand insight (49) · oncommand workflow automation (45)
- 64 CVE6 critCVSS 7.1KEV 3Nuclei 5PoC 11opensuse leap (56) · suse linux enterprise server (12) · suse linux enterprise server for sap applications (10)
- 61 CVE9 critCVSS 7.1PoC 7iphone os (39) · mac os x (38) · ios (31)
- 51 CVE2 critCVSS 5.8PoC 6qradar security information and event manager (11) · qradar (10) · security information queue (6)
- 48 CVE23 critCVSS 8.0KEV 1Nuclei 1PoC 10xdlocalstorage (4) · jquery (2) · adb-driver (1)
- 48 CVE21 critCVSS 8.4sm8150 firmware (40) · sm7150 firmware (33) · qcs605 firmware (32)
- 48 CVE21 critCVSS 8.2snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon wearables (7) · snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (6) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wired infrastructure and networking (5)
- 35 CVE5 critCVSS 7.2NEWPoC 1esoms (13) · opc data link (5) · manufacturing operations management (5)
- 33 CVE3 critCVSS 6.7KEV 2Nuclei 4PoC 6io.undertow:undertow-core (2) · com.fasterxml.jackson.core:jackson-databind (2) · org.sonatype.nexus:nexus-core (2)
- 30 CVE6 critCVSS 7.7big-ip access policy manager (22) · big-ip application security manager (19) · big-ip policy enforcement manager (18)
- 30 CVE5 critCVSS 7.0KEV 3Nuclei 2PoC 9осон основа оnyx (30)
- 28 CVE1 critCVSS 6.9PoC 1google chrome (26) · android (2)
- 28 CVE2 critCVSS 6.7PoC 2businessobjects business intelligence platform (12) · netweaver as abap business server pages (4) · s\/4hana (2)
- 28 CVE2 critCVSS 6.6PoC 2sap business objects business intelligence platform (5) · sap commerce (2) · sap business objects business intelligence platform (web intelligence html interface) (2)
- 25 CVECVSS 7.2phantompdf (21) · reader (4)
- 25 CVECVSS 7.2phantompdf (25) · reader (24) · foxit reader (1)
- 24 CVE2 critCVSS 6.9NEWPoC 23junos (17) · junos os evolved (8) · virtual advanced threat protection (1)
- 24 CVE2 critCVSS 6.9NEWPoC 23junos os (16) · junos os evolved (8) · jatp (1)
- 24 CVE2 critCVSS 6.9NEWPoC 23junos (17) · junos os evolved (8) · juniper atp (1)
- 22 CVE6 critCVSS 8.2KEV 1PoC 20ucs director (9) · ucs director express for big data (8) · hyperion infrastructure technology (2)
- 21 CVECVSS 6.6PoC 2enterprise linux (8) · ceph storage (4) · openshift container platform (4)
- 20 CVE5 critCVSS 7.8KEV 1PoC 20ucs director (9) · cisco ucs director (9) · ucs director express for big data (9)
- 19 CVECVSS 5.7NEWendpoint security (12) · epolicy orchestrator (5) · threat intelligence exchange server (2)
- 18 CVECVSS 4.4NEWprestashop (14) · ps_linklist (2) · prestashop linklist (1)
- 17 CVE1 critCVSS 5.5honor v20 firmware (3) · huawei mate 20 (3) · honor v10 (3)
- 17 CVECVSS 6.4PoC 4linux kernel (17)
- 16 CVE3 critCVSS 6.8Nuclei 5PoC 1ofbiz (3) · apache ofbiz (3) · apache http server (2)
- 16 CVECVSS 6.6KEV 1Nuclei 4PoC 6intelliants/subrion (3) · nilsteampassnet/teampass (3) · dolibarr/dolibarr (2)
- 15 CVE1 critCVSS 6.7Nuclei 1PoC 4github.com/argoproj/argo-cd (4) · github.com/grafana/grafana (3) · github.com/kiali/kiali (1)
- 14 CVE4 critCVSS 8.1ios (13) · tvos (13) · itunes (12)
- 14 CVE3 critCVSS 7.5NEWPoC 6cipace (14)
- 14 CVE1 critCVSS 6.0NEWPoC 1esoms (13) · microscada pro sys600 (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | netgear | 463 | 18 | · | · | NEW | r7800 firmware (170) · r9000 firmware (141) · wndr4500 firmware (119) | — | |
| 2 | oracle | 246 | 12 | 2 | 12 | KEV 2Nuclei 12PoC 9 | mysql (38) · vm virtualbox (20) · weblogic server (17) | — | |
| 3 | oracle corp. | 246 | 12 | 2 | 12 | KEV 2Nuclei 12PoC 8 | mysql server (33) · vm virtualbox (20) · weblogic server (16) | — | |
| 4 | oracle corporation | 230 | 10 | 1 | 9 | NEWKEV 1Nuclei 9PoC 4 | mysql server (34) · vm virtualbox (20) · java (14) | — | |
| 5 | 207 | 57 | · | · | PoC 2 | android (179) · chrome (26) · openthread (1) | — | ||
| 6 | сообщество свободного программного обеспечения | 138 | 11 | 5 | 12 | KEV 5Nuclei 12PoC 25 | debian gnu/linux (129) · linux (19) · libgit2 (2) | — | |
| 7 | fedoraproject | 115 | 4 | 1 | 4 | KEV 1Nuclei 4PoC 16 | fedora (115) | — | |
| 8 | microsoft corp | 114 | 2 | 4 | · | KEV 4PoC 3 | windows 10 1903 (67) · windows 10 1909 (67) · windows server 1909 (server core installation) (66) | — | |
| 9 | microsoft | 113 | 1 | 4 | · | KEV 4PoC 3 | windows server, version 1903 (server core installation) (66) · windows 10 version 1903 for x64-based systems (66) · windows 10 version 1909 for x64-based systems (66) | — | |
| 10 | debian | 111 | 12 | 3 | 11 | KEV 3Nuclei 11PoC 21 | debian linux (111) | — | |
| 11 | opensuse | 107 | 6 | 2 | 4 | KEV 2Nuclei 4PoC 16 | leap (102) · backports sle (16) · backports (15) | — | |
| 12 | canonical | 93 | 7 | 2 | 4 | KEV 2Nuclei 4PoC 19 | ubuntu linux (90) · apport (3) · microk8s (1) | — | |
| 13 | ооо «русбитех-астра» | 89 | 9 | 3 | 4 | KEV 3Nuclei 4PoC 17 | astra linux special edition (79) · astra linux special edition для «эльбрус» (39) · astra linux common edition (33) | — | |
| 14 | ао «концерн вниинс» | 79 | 5 | 3 | 2 | KEV 3Nuclei 2PoC 14 | ос он «стрелец» (79) | — | |
| 15 | fedora project | 77 | 2 | 1 | 2 | KEV 1Nuclei 2PoC 9 | fedora (77) | — | |
| 16 | red hat inc. | 73 | 1 | 3 | 3 | KEV 3Nuclei 3PoC 7 | red hat enterprise linux (67) · red hat software collections (16) · jboss fuse (6) | — | |
| 17 | ао «ивк» | 72 | 3 | 4 | 4 | KEV 4Nuclei 4PoC 8 | альт 8 сп (72) | — | |
| 18 | canonical ltd. | 71 | 3 | 2 | 3 | KEV 2Nuclei 3PoC 8 | ubuntu (70) · apport (1) · pc-kernel (1) | — | |
| 19 | netapp | 70 | 3 | 1 | 2 | KEV 1Nuclei 2PoC 7 | active iq unified manager (53) · oncommand insight (49) · oncommand workflow automation (45) | — | |
| 20 | novell inc. | 64 | 6 | 3 | 5 | KEV 3Nuclei 5PoC 11 | opensuse leap (56) · suse linux enterprise server (12) · suse linux enterprise server for sap applications (10) | — | |
| 21 | apple | 61 | 9 | · | · | PoC 7 | iphone os (39) · mac os x (38) · ios (31) | — | |
| 22 | ibm | 51 | 2 | · | · | PoC 6 | qradar security information and event manager (11) · qradar (10) · security information queue (6) | — | |
| 23 | npm | 48 | 23 | 1 | 1 | KEV 1Nuclei 1PoC 10 | xdlocalstorage (4) · jquery (2) · adb-driver (1) | — | |
| 24 | qualcomm | 48 | 21 | · | · | sm8150 firmware (40) · sm7150 firmware (33) · qcs605 firmware (32) | — | ||
| 25 | qualcomm, inc. | 48 | 21 | · | · | snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon wearables (7) · snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (6) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wired infrastructure and networking (5) | — | ||
| 26 | abb | 35 | 5 | · | · | NEWPoC 1 | esoms (13) · opc data link (5) · manufacturing operations management (5) | — | |
| 27 | maven | 33 | 3 | 2 | 4 | KEV 2Nuclei 4PoC 6 | io.undertow:undertow-core (2) · com.fasterxml.jackson.core:jackson-databind (2) · org.sonatype.nexus:nexus-core (2) | — | |
| 28 | f5 | 30 | 6 | · | · | big-ip access policy manager (22) · big-ip application security manager (19) · big-ip policy enforcement manager (18) | — | ||
| 29 | ао "нппкт" | 30 | 5 | 3 | 2 | KEV 3Nuclei 2PoC 9 | осон основа оnyx (30) | — | |
| 30 | google inc | 28 | 1 | · | · | PoC 1 | google chrome (26) · android (2) | — | |
| 31 | sap | 28 | 2 | · | · | PoC 2 | businessobjects business intelligence platform (12) · netweaver as abap business server pages (4) · s\/4hana (2) | — | |
| 32 | sap se | 28 | 2 | · | · | PoC 2 | sap business objects business intelligence platform (5) · sap commerce (2) · sap business objects business intelligence platform (web intelligence html interface) (2) | — | |
| 33 | foxit | 25 | · | · | · | phantompdf (21) · reader (4) | — | ||
| 34 | foxitsoftware | 25 | · | · | · | phantompdf (25) · reader (24) · foxit reader (1) | — | ||
| 35 | juniper | 24 | 2 | · | · | NEWPoC 23 | junos (17) · junos os evolved (8) · virtual advanced threat protection (1) | — | |
| 36 | juniper networks | 24 | 2 | · | · | NEWPoC 23 | junos os (16) · junos os evolved (8) · jatp (1) | — | |
| 37 | juniper networks inc. | 24 | 2 | · | · | NEWPoC 23 | junos (17) · junos os evolved (8) · juniper atp (1) | — | |
| 38 | cisco systems inc. | 22 | 6 | 1 | · | KEV 1PoC 20 | ucs director (9) · ucs director express for big data (8) · hyperion infrastructure technology (2) | — | |
| 39 | redhat | 21 | · | · | · | PoC 2 | enterprise linux (8) · ceph storage (4) · openshift container platform (4) | — | |
| 40 | cisco | 20 | 5 | 1 | · | KEV 1PoC 20 | ucs director (9) · cisco ucs director (9) · ucs director express for big data (9) | — | |
| 41 | mcafee | 19 | · | · | · | NEW | endpoint security (12) · epolicy orchestrator (5) · threat intelligence exchange server (2) | — | |
| 42 | prestashop | 18 | · | · | · | NEW | prestashop (14) · ps_linklist (2) · prestashop linklist (1) | — | |
| 43 | huawei | 17 | 1 | · | · | honor v20 firmware (3) · huawei mate 20 (3) · honor v10 (3) | — | ||
| 44 | linux | 17 | · | · | · | PoC 4 | linux kernel (17) | — | |
| 45 | apache | 16 | 3 | · | 5 | Nuclei 5PoC 1 | ofbiz (3) · apache ofbiz (3) · apache http server (2) | — | |
| 46 | packagist | 16 | · | 1 | 4 | KEV 1Nuclei 4PoC 6 | intelliants/subrion (3) · nilsteampassnet/teampass (3) · dolibarr/dolibarr (2) | — | |
| 47 | go | 15 | 1 | · | 1 | Nuclei 1PoC 4 | github.com/argoproj/argo-cd (4) · github.com/grafana/grafana (3) · github.com/kiali/kiali (1) | — | |
| 48 | apple inc. | 14 | 4 | · | · | ios (13) · tvos (13) · itunes (12) | — | ||
| 49 | cipplanner | 14 | 3 | · | · | NEWPoC 6 | cipace (14) | — | |
| 50 | hitachienergy | 14 | 1 | · | · | NEWPoC 1 | esoms (13) · microscada pro sys600 (1) | — |