month report
February 2021
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
February 2021 closed with 1,557 published CVEs. 231 criticals, сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (142 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
1,557
— MoM— YoY
Severity mix
231 / 625
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
4.8%
74 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
1849.6
n=74
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
268
n=19
Detection gap
KEV pressure, no Nuclei coverage
February 2021 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 2microsoft corp97 CVE
- KEV 1google100 CVE
- KEV 1microsoft84 CVE
- KEV 1ао «концерн вниинс»68 CVE
- KEV 1adobe53 CVE
- KEV 1adobe systems inc.50 CVE
- KEV 1google inc43 CVE
Weakness × Vendor
What's spreading where in February 2021
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS787Out-of-bounds Write78OS Command Injection20Improper Input Validation89SQL Injection121CWE-121798Hard-coded Credentials125Out-of-bounds Read22Path Traversal416Use After Freeсообщество свободного программного обеспечения2161611312ао "нппкт"155314google265219microsoft corp114313ооо «русбитех-астра»1851211microsoft1528fedoraproject114131246cisco1468302cisco systems inc.1468302ао «концерн вниинс»142113ао «ивк»82110npm311212
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #20google inc43 CVE
- #21fiberhome41 CVE
- #36trend micro23 CVE
- #37trendmicro23 CVE
- #39hpe17 CVE
- #40magento17 CVE
- #41crates.io15 CVE
- #44huawei14 CVE
- #47mbconnectline13 CVE
- #50arubanetworks12 CVE
Top vendors
Ranked by distinct CVE count this period.
- 115 CVE17 critCVSS 7.2KEV 2Nuclei 12PoC 20debian gnu/linux (97) · linux (13) · libmysofa (5)
- 102 CVE18 critCVSS 7.5KEV 1Nuclei 9PoC 21осон основа оnyx (102)
- 100 CVE12 critCVSS 7.6KEV 1PoC 7android (55) · chrome (42) · gerrit (1)
- 97 CVE14 critCVSS 7.8KEV 2PoC 15microsoft edge (41) · windows server 2004 (server core installation) (27) · windows 10 2004 (26)
- 92 CVE7 critCVSS 7.1KEV 1Nuclei 3PoC 18astra linux special edition (91) · astra linux special edition для «эльбрус» (22) · astra linux common edition (12)
- 84 CVE7 critCVSS 7.7KEV 1PoC 7windows server 2019 (29) · windows server 2016 (29) · windows server version 2004 (29)
- 82 CVE17 critCVSS 7.2KEV 1Nuclei 9PoC 23fedora (82) · extra packages for enterprise linux (1)
- 75 CVE11 critCVSS 7.5PoC 75cisco small business rv series router firmware (44) · rv082 dual wan vpn router firmware (35) · rv016 multi-wan vpn router firmware (35)
- 75 CVE11 critCVSS 7.5PoC 75cisco small business rv320 (35) · cisco small business rv042g (35) · cisco small business rv082 (35)
- 68 CVE10 critCVSS 7.6KEV 1PoC 11ос он «стрелец» (68)
- 64 CVE12 critCVSS 7.5KEV 1Nuclei 6PoC 8альт 8 сп (63) · альт сп 10 (3) · альт 8 сп рабочая станция (1)
- 63 CVE13 critCVSS 7.4KEV 1Nuclei 5PoC 18marked (4) · lodash (2) · lodash-es (2)
- 62 CVE10 critCVSS 7.0KEV 2Nuclei 9PoC 14debian linux (62)
- 62 CVECVSS 6.1graphics drivers (22) · ethernet network adapter e810 firmware (7) · bmc firmware (6)
- 59 CVECVSS 6.5intel graphics driver (21) · intel compute module hns2600bp (4) · e810 ethernet controllers (4)
- 53 CVE6 critCVSS 7.2KEV 1acrobat (24) · acrobat dc (24) · acrobat reader (24)
- 50 CVE6 critCVSS 7.2KEV 1adobe acrobat 2017 (24) · adobe acrobat 2020 (24) · adobe acrobat document cloud (24)
- 45 CVE4 critCVSS 7.4KEV 1Nuclei 1PoC 3opensuse leap (43) · suse package hub for suse linux enterprise (27) · suse linux enterprise server (8)
- 44 CVE3 critCVSS 6.8Nuclei 4PoC 3org.jenkins-ci.plugins:claim (2) · com.adobe.acs:acs-aem-commons (2) · io.undertow:undertow-core (2)
- 43 CVE9 critCVSS 8.1NEWKEV 1PoC 7google chrome (43)
- 41 CVE32 critCVSS 9.3NEWPoC 16hg6245d firmware (40) · an5506-04-fa firmware (1)
- 40 CVECVSS 5.9security verify information queue (11) · api connect (5) · security identity governance and intelligence (5)
- 33 CVE10 critCVSS 7.6KEV 1Nuclei 6PoC 8fedora (33)
- 31 CVE9 critCVSS 7.1KEV 1Nuclei 5PoC 4magento/community-edition (16) · magento/project-community-edition (11) · vrana/adminer (3)
- 31 CVE1 critCVSS 7.3Nuclei 1PoC 2teamcenter visualization (12) · jt2go (12) · solid edge se2020 firmware (5)
- 30 CVE8 critCVSS 7.0Nuclei 8PoC 6salt (10) · matrix-synapse (2) · apache-airflow (2)
- 29 CVE6 critCVSS 8.1qet4101 firmware (25) · smr526 firmware (25) · qca6391 firmware (25)
- 29 CVE6 critCVSS 8.0snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wired infrastructure and networking (5) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wired infrastructure and networking (3) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables, snapdragon wired infrastructure and networking (2)
- 27 CVE2 critCVSS 6.9PoC 6ред ос (27)
- 26 CVE1 critCVSS 5.8youtrack (8) · teamcity (8) · ktor (3)
- 25 CVECVSS 6.9PoC 2firefox (25) · firefox esr (8) · thunderbird (8)
- 25 CVECVSS 6.3edoclib (25)
- 24 CVECVSS 7.3foxit studio photo (22) · foxit reader (2) · phantompdf (1)
- 24 CVECVSS 6.0Nuclei 3PoC 5cloud backup (7) · clustered data ontap (6) · active iq unified manager (5)
- 23 CVECVSS 7.2studio photo (22) · reader (1)
- 23 CVECVSS 5.5NEWtrend micro apex one (17) · trend micro officescan (17) · trend micro worry-free business security (16)
- 23 CVECVSS 5.7NEWofficescan (17) · apex one (17) · worry-free business security (16)
- 22 CVE2 critCVSS 6.6Nuclei 3PoC 7communications cloud native core policy (7) · peoplesoft enterprise peopletools (4) · enterprise manager ops center (4)
- 17 CVECVSS 7.1NEWbaseboard management controller (14) · web viewpoint (2) · 8200 zl firmware (1)
- 17 CVE6 critCVSS 6.8NEWmagento (16) · upward connector (1) · upward php (1)
- 15 CVE7 critCVSS 8.1NEWPoC 4xcb (4) · openssl-src (2) · qwutils (1)
- 15 CVECVSS 7.0red hat enterprise linux (13) · openshift container platform (2) · quarkus (1)
- 14 CVECVSS 6.3PoC 1github.com/moby/moby (2) · github.com/cosmos/ethermint (2) · github.com/hashicorp/nomad (1)
- 14 CVECVSS 6.2NEWmate 30 firmware (4) · manageone (4) · taurus-al00a firmware (4)
- 13 CVECVSS 5.4Nuclei 1jira data center (7) · jira server (7) · jira (6)
- 13 CVECVSS 7.0big-ip application security manager (10) · big-ip global traffic manager (8) · big-ip advanced web application firewall (8)
- 13 CVE1 critCVSS 6.2NEWmbconnect24 (13) · mymbconnect24 (13)
- 13 CVECVSS 7.6PoC 1firefox (13) · firefox esr (6) · thunderbird (6)
- 12 CVE1 critCVSS 6.8KEV 1Nuclei 4PoC 1airflow (2) · hive (1) · activemq (1)
- 12 CVECVSS 5.6NEWclearpass policy manager (11) · aruba 2930f firmware (1) · aruba 2530ya firmware (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | сообщество свободного программного обеспечения | 115 | 17 | 2 | 12 | KEV 2Nuclei 12PoC 20 | debian gnu/linux (97) · linux (13) · libmysofa (5) | — | |
| 2 | ао "нппкт" | 102 | 18 | 1 | 9 | KEV 1Nuclei 9PoC 21 | осон основа оnyx (102) | — | |
| 3 | 100 | 12 | 1 | · | KEV 1PoC 7 | android (55) · chrome (42) · gerrit (1) | — | ||
| 4 | microsoft corp | 97 | 14 | 2 | · | KEV 2PoC 15 | microsoft edge (41) · windows server 2004 (server core installation) (27) · windows 10 2004 (26) | — | |
| 5 | ооо «русбитех-астра» | 92 | 7 | 1 | 3 | KEV 1Nuclei 3PoC 18 | astra linux special edition (91) · astra linux special edition для «эльбрус» (22) · astra linux common edition (12) | — | |
| 6 | microsoft | 84 | 7 | 1 | · | KEV 1PoC 7 | windows server 2019 (29) · windows server 2016 (29) · windows server version 2004 (29) | — | |
| 7 | fedoraproject | 82 | 17 | 1 | 9 | KEV 1Nuclei 9PoC 23 | fedora (82) · extra packages for enterprise linux (1) | — | |
| 8 | cisco | 75 | 11 | · | · | PoC 75 | cisco small business rv series router firmware (44) · rv082 dual wan vpn router firmware (35) · rv016 multi-wan vpn router firmware (35) | — | |
| 9 | cisco systems inc. | 75 | 11 | · | · | PoC 75 | cisco small business rv320 (35) · cisco small business rv042g (35) · cisco small business rv082 (35) | — | |
| 10 | ао «концерн вниинс» | 68 | 10 | 1 | · | KEV 1PoC 11 | ос он «стрелец» (68) | — | |
| 11 | ао «ивк» | 64 | 12 | 1 | 6 | KEV 1Nuclei 6PoC 8 | альт 8 сп (63) · альт сп 10 (3) · альт 8 сп рабочая станция (1) | — | |
| 12 | npm | 63 | 13 | 1 | 5 | KEV 1Nuclei 5PoC 18 | marked (4) · lodash (2) · lodash-es (2) | — | |
| 13 | debian | 62 | 10 | 2 | 9 | KEV 2Nuclei 9PoC 14 | debian linux (62) | — | |
| 14 | intel | 62 | · | · | · | graphics drivers (22) · ethernet network adapter e810 firmware (7) · bmc firmware (6) | — | ||
| 15 | intel corp. | 59 | · | · | · | intel graphics driver (21) · intel compute module hns2600bp (4) · e810 ethernet controllers (4) | — | ||
| 16 | adobe | 53 | 6 | 1 | · | KEV 1 | acrobat (24) · acrobat dc (24) · acrobat reader (24) | — | |
| 17 | adobe systems inc. | 50 | 6 | 1 | · | KEV 1 | adobe acrobat 2017 (24) · adobe acrobat 2020 (24) · adobe acrobat document cloud (24) | — | |
| 18 | novell inc. | 45 | 4 | 1 | 1 | KEV 1Nuclei 1PoC 3 | opensuse leap (43) · suse package hub for suse linux enterprise (27) · suse linux enterprise server (8) | — | |
| 19 | maven | 44 | 3 | · | 4 | Nuclei 4PoC 3 | org.jenkins-ci.plugins:claim (2) · com.adobe.acs:acs-aem-commons (2) · io.undertow:undertow-core (2) | — | |
| 20 | google inc | 43 | 9 | 1 | · | NEWKEV 1PoC 7 | google chrome (43) | — | |
| 21 | fiberhome | 41 | 32 | · | · | NEWPoC 16 | hg6245d firmware (40) · an5506-04-fa firmware (1) | — | |
| 22 | ibm | 40 | · | · | · | security verify information queue (11) · api connect (5) · security identity governance and intelligence (5) | — | ||
| 23 | fedora project | 33 | 10 | 1 | 6 | KEV 1Nuclei 6PoC 8 | fedora (33) | — | |
| 24 | packagist | 31 | 9 | 1 | 5 | KEV 1Nuclei 5PoC 4 | magento/community-edition (16) · magento/project-community-edition (11) · vrana/adminer (3) | — | |
| 25 | siemens | 31 | 1 | · | 1 | Nuclei 1PoC 2 | teamcenter visualization (12) · jt2go (12) · solid edge se2020 firmware (5) | — | |
| 26 | pypi | 30 | 8 | · | 8 | Nuclei 8PoC 6 | salt (10) · matrix-synapse (2) · apache-airflow (2) | — | |
| 27 | qualcomm | 29 | 6 | · | · | qet4101 firmware (25) · smr526 firmware (25) · qca6391 firmware (25) | — | ||
| 28 | qualcomm, inc. | 29 | 6 | · | · | snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wired infrastructure and networking (5) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wired infrastructure and networking (3) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables, snapdragon wired infrastructure and networking (2) | — | ||
| 29 | ооо «ред софт» | 27 | 2 | · | · | PoC 6 | ред ос (27) | — | |
| 30 | jetbrains | 26 | 1 | · | · | youtrack (8) · teamcity (8) · ktor (3) | — | ||
| 31 | mozilla | 25 | · | · | · | PoC 2 | firefox (25) · firefox esr (8) · thunderbird (8) | — | |
| 32 | ооо «электронные офисные системы» | 25 | · | · | · | edoclib (25) | — | ||
| 33 | foxitsoftware | 24 | · | · | · | foxit studio photo (22) · foxit reader (2) · phantompdf (1) | — | ||
| 34 | netapp | 24 | · | · | 3 | Nuclei 3PoC 5 | cloud backup (7) · clustered data ontap (6) · active iq unified manager (5) | — | |
| 35 | foxit | 23 | · | · | · | studio photo (22) · reader (1) | — | ||
| 36 | trend micro | 23 | · | · | · | NEW | trend micro apex one (17) · trend micro officescan (17) · trend micro worry-free business security (16) | — | |
| 37 | trendmicro | 23 | · | · | · | NEW | officescan (17) · apex one (17) · worry-free business security (16) | — | |
| 38 | oracle | 22 | 2 | · | 3 | Nuclei 3PoC 7 | communications cloud native core policy (7) · peoplesoft enterprise peopletools (4) · enterprise manager ops center (4) | — | |
| 39 | hpe | 17 | · | · | · | NEW | baseboard management controller (14) · web viewpoint (2) · 8200 zl firmware (1) | — | |
| 40 | magento | 17 | 6 | · | · | NEW | magento (16) · upward connector (1) · upward php (1) | — | |
| 41 | crates.io | 15 | 7 | · | · | NEWPoC 4 | xcb (4) · openssl-src (2) · qwutils (1) | — | |
| 42 | red hat inc. | 15 | · | · | · | red hat enterprise linux (13) · openshift container platform (2) · quarkus (1) | — | ||
| 43 | go | 14 | · | · | · | PoC 1 | github.com/moby/moby (2) · github.com/cosmos/ethermint (2) · github.com/hashicorp/nomad (1) | — | |
| 44 | huawei | 14 | · | · | · | NEW | mate 30 firmware (4) · manageone (4) · taurus-al00a firmware (4) | — | |
| 45 | atlassian | 13 | · | · | 1 | Nuclei 1 | jira data center (7) · jira server (7) · jira (6) | — | |
| 46 | f5 | 13 | · | · | · | big-ip application security manager (10) · big-ip global traffic manager (8) · big-ip advanced web application firewall (8) | — | ||
| 47 | mbconnectline | 13 | 1 | · | · | NEW | mbconnect24 (13) · mymbconnect24 (13) | — | |
| 48 | mozilla corp. | 13 | · | · | · | PoC 1 | firefox (13) · firefox esr (6) · thunderbird (6) | — | |
| 49 | apache | 12 | 1 | 1 | 4 | KEV 1Nuclei 4PoC 1 | airflow (2) · hive (1) · activemq (1) | — | |
| 50 | arubanetworks | 12 | · | · | · | NEW | clearpass policy manager (11) · aruba 2930f firmware (1) · aruba 2530ya firmware (1) | — |