CVE Tools
Sign in
month report

April 2021

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

April 2021 closed with 1,970 published CVEs. 228 criticals, oracle led volume, mostly via mysql. Top weakness class — CWE-79 (198 CVE). 10 vendors cracked the top-100 for the first time.

Print view
Total CVEs
1,970
— MoM— YoY
Severity mix
228 / 792
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
8.2%
161 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)
1789.3
n=161
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
208
n=18
Detection gap

KEV pressure, no Nuclei coverage

April 2021 · vendors with active exploitation listed by CISA but no public detection template.

Weakness × Vendor

What's spreading where in April 2021

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

79XSS787Out-of-bounds Write125Out-of-bounds Read120Buffer Overflow89SQL Injection78OS Command Injection20Improper Input Validation22Path Traversal200Information Exposure352CSRForacle1113oracle corp.12oracle corporation1сообщество свободного программного обеспечения4181131723microsoft corp1614apple2332822fedoraproject212721513debian51362623ооо «русбитех-астра»21582522microsoft121ао "нппкт"21171524ао «ивк»46151

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

  • 1oracle
    191 CVE16 critCVSS 6.2
    Nuclei 12PoC 7
    mysql (39) · vm virtualbox (21) · istore (11)
  • 2oracle corp.
    183 CVE15 critCVSS 6.5
    Nuclei 12PoC 6
    mysql server (39) · e-business suite (28) · vm virtualbox (21)
  • 3oracle corporation
    179 CVE15 critCVSS 6.7
    Nuclei 10PoC 3
    mysql server (39) · vm virtualbox (21) · istore (11)
  • 4сообщество свободного программного обеспечения
    144 CVE17 critCVSS 7.1
    KEV 8Nuclei 3PoC 23
    debian gnu/linux (133) · linux (14) · mediawiki (6)
  • 5microsoft corp
    136 CVE5 critCVSS 7.6
    KEV 2Nuclei 3PoC 7
    windows 10 2004 (78) · windows server 2004 (server core installation) (78) · windows 10 20h2 (78)
  • 6apple
    130 CVE6 critCVSS 7.3
    NEWKEV 5PoC 1
    macos (119) · mac os x (102) · iphone os (89)
  • 7fedoraproject
    124 CVE8 critCVSS 6.7
    KEV 7Nuclei 1PoC 18
    fedora (124)
  • 8debian
    116 CVE17 critCVSS 7.2
    KEV 3Nuclei 4PoC 17
    debian linux (116)
  • 9ооо «русбитех-астра»
    111 CVE15 critCVSS 7.1
    KEV 5Nuclei 1PoC 20
    astra linux special edition (108) · astra linux special edition для «эльбрус» (32) · astra linux common edition (4)
  • 10microsoft
    109 CVE3 critCVSS 7.6
    KEV 1Nuclei 2PoC 7
    windows server version 20h2 (79) · windows server version 2004 (79) · windows 10 version 2004 (79)
  • 11ао "нппкт"
    91 CVE5 critCVSS 6.9
    KEV 4Nuclei 3PoC 18
    осон основа оnyx (91)
  • 12ао «ивк»
    86 CVE1 critCVSS 6.0
    PoC 6
    альт 8 сп (86) · альт сп 10 (1)
  • 13ао «концерн вниинс»
    78 CVE8 critCVSS 7.1
    KEV 2Nuclei 1PoC 10
    ос он «стрелец» (78)
  • 14google
    76 CVE5 critCVSS 7.5
    KEV 3Nuclei 1PoC 5
    chrome (39) · android (35) · bazel (1)
  • 15unknown
    66 CVE9 critCVSS 6.8
    NEWNuclei 66PoC 27
    elementor website builder (6) · tutor lms – elearning and online course solution (6) · patreon wordpress (5)
  • 16netapp
    55 CVECVSS 5.6
    Nuclei 2PoC 6
    active iq unified manager (46) · snapcenter (42) · oncommand workflow automation (39)
  • 17juniper
    53 CVE2 critCVSS 7.0
    PoC 52
    junos (48) · junos os evolved (8) · appformix (1)
  • 18juniper networks
    53 CVE2 critCVSS 7.0
    NEWPoC 52
    junos os (48) · junos os evolved (8) · paragon active assurance (1)
  • 19maven
    53 CVE6 critCVSS 6.2
    Nuclei 7PoC 4
    com.vaadin:vaadin-bom (12) · com.vaadin:flow-server (7) · org.jenkins-ci.plugins:hp-application-automation-tools-plugin (4)
  • 20cisco
    46 CVE1 critCVSS 6.8
    Nuclei 2PoC 42
    firepower threat defense (10) · cisco small business rv series router firmware (9) · rv340 firmware (8)
  • 21npm
    46 CVE8 critCVSS 7.2
    Nuclei 4PoC 14
    postcss (2) · @azure/ms-rest-nodeauth (1) · backbone-query-parameters (1)
  • 22cisco systems inc.
    43 CVE1 critCVSS 6.8
    Nuclei 2PoC 42
    firepower threat defense (10) · cisco rv340w (8) · cisco rv345 (8)
  • 23google inc
    41 CVE4 critCVSS 7.8
    NEWKEV 3Nuclei 1PoC 3
    google chrome (39) · android studio (2)
  • 24asus
    38 CVECVSS 5.0
    NEW
    z10pr-d16 firmware (18) · bmc firmware for z10pr-d16 (18) · bmc firmware for asmb8-ikvm (18)
  • 25red hat inc.
    31 CVE6 critCVSS 7.1
    KEV 2PoC 5
    red hat enterprise linux (27) · ansible (2) · red hat ceph storage (1)
  • 26fedora project
    30 CVE2 critCVSS 6.0
    KEV 3PoC 6
    fedora (30)
  • 27ibm
    27 CVECVSS 5.9
    collaborative lifecycle management (4) · doors next (4) · engineering insights (4)
  • 28pypi
    27 CVE1 critCVSS 6.5
    PoC 1
    matrix-sydent (4) · matrix-synapse (3) · vyper (2)
  • 29siemens
    27 CVE4 critCVSS 8.4
    PoC 3
    nucleus net (9) · nucleus source code (9) · nucleus readystart v3 (7)
  • 30canonical ltd.
    25 CVE5 critCVSS 7.2
    KEV 1PoC 4
    ubuntu (25)
  • 31gpac
    25 CVE1 critCVSS 6.4
    NEWPoC 10
    gpac (25)
  • 32packagist
    25 CVE5 critCVSS 7.1
    Nuclei 1PoC 11
    tribalsystems/zenario (3) · openmage/magento-lts (2) · shopware/core (2)
  • 33ооо «ред софт»
    22 CVE1 critCVSS 6.3
    PoC 7
    ред ос (22)
  • 34arubanetworks
    21 CVE1 critCVSS 7.4
    NEW
    airwave (11) · clearpass (9) · clearpass policy manager (1)
  • 35dell
    21 CVE1 critCVSS 6.8
    NEW
    integrated dell remote access controller (idrac) (6) · idrac9 firmware (6) · dell hybrid client (dhc) (4)
  • 36samsung mobile
    20 CVE1 critCVSS 5.7
    NEWPoC 1
    samsung mobile devices (11) · samsung email (2) · customization service (1)
  • 37crates.io
    19 CVE7 critCVSS 8.3
    NEWPoC 4
    id-map (3) · arenavec (2) · reorder (2)
  • 38novell inc.
    19 CVECVSS 7.6
    KEV 1PoC 5
    opensuse leap (16) · suse linux enterprise server (9) · suse linux enterprise server for sap applications (7)
  • 39parallels
    19 CVECVSS 7.0
    NEW
    desktop (19) · parallels desktop (19)
  • 40mediawiki
    18 CVECVSS 5.3
    PoC 2
    mediawiki (18)
  • 41adobe
    16 CVECVSS 7.0
    Nuclei 1
    bridge (6) · gocart (3) · genuine service (3)
  • 42apache
    15 CVE6 critCVSS 7.5
    Nuclei 4PoC 2
    solr (4) · ofbiz (2) · tapestry (2)
  • 43go
    15 CVECVSS 6.3
    Nuclei 1
    github.com/pomerium/pomerium (2) · github.com/cortexproject/cortex (1) · github.com/filecoin-project/lotus (1)
  • 44qualcomm
    15 CVE1 critCVSS 8.0
    wcn3998 firmware (14) · wsa8815 firmware (14) · wcd9341 firmware (14)
  • 45qualcomm, inc.
    15 CVE1 critCVSS 8.1
    snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon mobile (3) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (2) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon wearables (1)
  • 46adobe systems inc.
    14 CVECVSS 7.0
    Nuclei 1
    adobe bridge (6) · adobe genuine service (3) · photoshop 2020 (2)
  • 47nvidia
    14 CVECVSS 7.0
    NEW
    nvidia virtual gpu software (8) · virtual gpu manager (8) · gpu display driver (5)
  • 48redhat
    14 CVECVSS 6.4
    PoC 2
    enterprise linux (10) · ansible tower (2) · ansible engine (1)
  • 49sap
    14 CVE1 critCVSS 6.3
    netweaver application server java (4) · netweaver process integration (2) · focused run (1)
  • 50sap se
    14 CVE1 critCVSS 6.3
    sap commerce (1) · sap fiori apps 2.0 for travel management in sap erp (1) · sap focused run (1)

Top weaknesses

CWE classes by distinct CVE count.

1CWE-79198
2CWE-787119
3CWE-12569
4CWE-12062
5CWE-8961
6CWE-7859
7CWE-2056
8CWE-2245
9CWE-20040
10CWE-35240
11CWE-41636
12CWE-28731
13CWE-26930
14CWE-47630
15CWE-86327
16CWE-11925
17CWE-19025
18CWE-40023
19CWE-28419
20CWE-91819