month report

July 2021

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

July 2021 closed with 1,650 published CVEs. 187 criticals, oracle led volume, mostly via mysql server. Top weakness class — CWE-79 (263 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,650

— MoM— YoY

Severity mix

187 / 612

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

8.4%

138 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

1698.1

n=138

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

112

n=16

Detection gap

KEV pressure, no Nuclei coverage

July 2021 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1google33 CVE
KEV 1fedora project27 CVE
KEV 1linux18 CVE

Weakness × Vendor

What's spreading where in July 2021

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#17qsan30 CVE
#22nchsoftware26 CVE
#25dell24 CVE
#33juniper networks19 CVE
#37fortinet inc.17 CVE
#38samsung mobile17 CVE
#40apache software foundation16 CVE
#41fortinet16 CVE
#42mikrotik16 CVE
#43schneider electric16 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
156 CVE8 critCVSS 6.8
Nuclei 13PoC 5
mysql server (28) · outside in technology (10) · insurance policy administration (8)
2сообщество свободного программного обеспечения—
136 CVE8 critCVSS 6.9
KEV 1Nuclei 4PoC 38
debian gnu/linux (118) · linux (7) · phplist (3)
3oracle corp.—
132 CVE8 critCVSS 6.3
Nuclei 9PoC 1
mysql (33) · e-business suite (13) · database server (12)
4oracle corporation—
131 CVE8 critCVSS 6.3
Nuclei 9PoC 1
mysql server (33) · outside in technology (10) · database - enterprise edition (9)
5microsoft corp—
124 CVE3 critCVSS 7.3
KEV 10Nuclei 2PoC 5
windows server 2004 (server core installation) (77) · windows server 2019 (77) · windows server 20h2 (server core installation) (75)
6microsoft—
119 CVE3 critCVSS 7.4
KEV 9Nuclei 2PoC 5
windows server 2016 (84) · windows server 2019 (79) · windows server version 20h2 (77)
7ibm—
74 CVE3 critCVSS 6.0
PoC 1
security verify access (15) · security verify access docker (15) · cloud pak for applications (12)
8ооо «русбитех-астра»—
69 CVE1 critCVSS 5.6
KEV 2Nuclei 1PoC 13
astra linux special edition (69) · astra linux special edition для «эльбрус» (9) · astra-openvpn-server (5)
9fedoraproject—
63 CVE2 critCVSS 6.1
KEV 1Nuclei 1PoC 14
fedora (63)
10siemens—
58 CVECVSS 7.4
Nuclei 1PoC 1
teamcenter visualization (43) · jt2go (43) · solid edge (4)
11netapp—
50 CVE1 critCVSS 6.4
KEV 1Nuclei 1PoC 4
oncommand insight (39) · active iq unified manager (10) · oncommand workflow automation (6)
12ао «ивк»—
50 CVE2 critCVSS 5.8
KEV 1Nuclei 3PoC 3
альт 8 сп (48) · альт сп 10 (2)
13red hat inc.—
49 CVE2 critCVSS 5.9
KEV 1Nuclei 2PoC 11
red hat enterprise linux (43) · red hat software collections (22) · red hat quay (3)
14ао "нппкт"—
48 CVE2 critCVSS 7.0
KEV 1Nuclei 3PoC 15
осон основа оnyx (48)
15debian—
47 CVE2 critCVSS 6.9
Nuclei 1PoC 16
debian linux (47)
16google—
33 CVE1 critCVSS 7.3
KEV 1PoC 1
android (29) · chrome (4)
17qsan—
30 CVE14 critCVSS 8.2
NEW
storage manager (23) · xevo (7) · sanos (7)
18ао «концерн вниинс»—
29 CVE1 critCVSS 7.0
KEV 1Nuclei 1PoC 8
ос он «стрелец» (29)
19maven—
28 CVE1 critCVSS 6.4
Nuclei 4PoC 1
org.apache.commons:commons-compress (4) · org.webjars.npm:xlsx (3) · org.apache.tomcat:tomcat (3)
20fedora project—
27 CVE1 critCVSS 6.7
KEV 1PoC 5
fedora (27)
21ооо «ред софт»—
27 CVE1 critCVSS 6.9
KEV 1Nuclei 1PoC 7
ред ос (27)
22nchsoftware—
26 CVECVSS 5.8
NEWPoC 26
axon pbx (10) · quorum (8) · ivm attendant (7)
23cisco—
25 CVECVSS 6.4
PoC 24
identity services engine (5) · cisco identity services engine software (5) · cisco intersight virtual appliance (4)
24cisco systems inc.—
25 CVECVSS 6.5
PoC 24
cisco identity services engine (5) · intersight virtual appliance (4) · video surveillance 7000 series ip camera (4)
25dell—
24 CVE5 critCVSS 7.8
NEW
emc openmanage enterprise-modular (4) · emc openmanage enterprise (4) · emc unity xt operating environment (3)
26npm—
24 CVE4 critCVSS 6.7
Nuclei 1PoC 4
xlsx (3) · curly-bracket-parser (1) · deepmergefn (1)
27packagist—
23 CVE4 critCVSS 6.9
PoC 7
lavalite/cms (5) · typo3/cms (4) · typo3/cms-core (4)
28qualcomm—
23 CVE2 critCVSS 7.7
PoC 1
wcn3998 firmware (22) · sdx55 firmware (22) · wcn3991 firmware (22)
29qualcomm, inc.—
23 CVE2 critCVSS 7.2
PoC 1
snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon voice & music, snapdragon wearables (4) · snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (3) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon wired infrastructure and networking (2)
30schneider-electric—
23 CVE6 critCVSS 7.8
Nuclei 1
evlink smart wallbox evb1a firmware (13) · evlink parking evw2 firmware (13) · evlink city evc1s22p4 firmware (13)
31canonical ltd.—
22 CVECVSS 5.3
PoC 2
ubuntu (22)
32juniper—
19 CVE1 critCVSS 7.1
PoC 18
junos (15) · junos os evolved (4) · steel-belted radius carrier (1)
33juniper networks—
19 CVE1 critCVSS 7.1
NEWPoC 18
junos os (15) · junos os evolved (7) · sbr carrier (1)
34juniper networks inc.—
19 CVE1 critCVSS 7.1
PoC 18
junos (15) · junos os evolved (6) · sbr carrier (1)
35linux—
18 CVE4 critCVSS 8.0
KEV 1PoC 3
linux kernel (7) · acrn (6) · tizen (5)
36sap—
18 CVECVSS 6.0
Nuclei 1PoC 3
sap netweaver portal (4) · netweaver application server abap (3) · netweaver application server java (3)
37fortinet inc.—
17 CVE2 critCVSS 7.1
NEW
fortimail (9) · fortisandbox (2) · fortiap-s (1)
38samsung mobile—
17 CVE4 critCVSS 6.9
NEWPoC 1
tizen wearable devices (5) · samsung mobile devices (5) · samsung members (3)
39apache—
16 CVE1 critCVSS 6.7
Nuclei 2PoC 1
commons compress (4) · tomcat (3) · ant (2)
40apache software foundation—
16 CVE1 critCVSS 6.9
NEWNuclei 2
apache commons compress (4) · commons compress (4) · apache tomcat (3)
41fortinet—
16 CVE1 critCVSS 6.9
NEW
fortimail (9) · fortinet fortimail (9) · fortinet fortisandbox (2)
42mikrotik—
16 CVECVSS 6.5
NEWPoC 10
routeros (16)
43schneider electric—
16 CVE6 critCVSS 7.9
NEWNuclei 1
evlink city evc1s22p4 (8) · evlink parking ev.2 (8) · evlink smart wallbox evb1a (8)
44nextcloud—
15 CVECVSS 5.1
security-advisories (15) · nextcloud server (11) · nextcloud (1)
45nvidia—
15 CVECVSS 6.4
NEW
gpu display driver (8) · nvidia gpu display driver (8) · nvidia virtual gpu software (7)
46unknown—
15 CVE1 critCVSS 6.1
NEWNuclei 15PoC 7
sign-up sheets (2) · backup by 10web – backup and restore plugin (1) · browser screenshots (1)
47arubanetworks—
14 CVECVSS 6.6
NEW
clearpass policy manager (11) · aos-cx firmware (3)
48flowpaper—
13 CVECVSS 5.5
NEWPoC 5
pdf2json (13)
49sap se—
13 CVECVSS 6.1
Nuclei 1PoC 3
sap netweaver as abap and abap platform (2) · sap 3d visual enterprise viewer (2) · sap lumira server (1)
50ао «нтц ит роса»—
13 CVECVSS 6.0
NEWNuclei 1PoC 3
роса хром (9) · роса кобальт (3) · rosa virtualization (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	156	8	·	13	Nuclei 13PoC 5	mysql server (28) · outside in technology (10) · insurance policy administration (8)	—
2	сообщество свободного программного обеспечения	136	8	1	4	KEV 1Nuclei 4PoC 38	debian gnu/linux (118) · linux (7) · phplist (3)	—
3	oracle corp.	132	8	·	9	Nuclei 9PoC 1	mysql (33) · e-business suite (13) · database server (12)	—
4	oracle corporation	131	8	·	9	Nuclei 9PoC 1	mysql server (33) · outside in technology (10) · database - enterprise edition (9)	—
5	microsoft corp	124	3	10	2	KEV 10Nuclei 2PoC 5	windows server 2004 (server core installation) (77) · windows server 2019 (77) · windows server 20h2 (server core installation) (75)	—
6	microsoft	119	3	9	2	KEV 9Nuclei 2PoC 5	windows server 2016 (84) · windows server 2019 (79) · windows server version 20h2 (77)	—
7	ibm	74	3	·	·	PoC 1	security verify access (15) · security verify access docker (15) · cloud pak for applications (12)	—
8	ооо «русбитех-астра»	69	1	2	1	KEV 2Nuclei 1PoC 13	astra linux special edition (69) · astra linux special edition для «эльбрус» (9) · astra-openvpn-server (5)	—
9	fedoraproject	63	2	1	1	KEV 1Nuclei 1PoC 14	fedora (63)	—
10	siemens	58	·	·	1	Nuclei 1PoC 1	teamcenter visualization (43) · jt2go (43) · solid edge (4)	—
11	netapp	50	1	1	1	KEV 1Nuclei 1PoC 4	oncommand insight (39) · active iq unified manager (10) · oncommand workflow automation (6)	—
12	ао «ивк»	50	2	1	3	KEV 1Nuclei 3PoC 3	альт 8 сп (48) · альт сп 10 (2)	—
13	red hat inc.	49	2	1	2	KEV 1Nuclei 2PoC 11	red hat enterprise linux (43) · red hat software collections (22) · red hat quay (3)	—
14	ао "нппкт"	48	2	1	3	KEV 1Nuclei 3PoC 15	осон основа оnyx (48)	—
15	debian	47	2	·	1	Nuclei 1PoC 16	debian linux (47)	—
16	google	33	1	1	·	KEV 1PoC 1	android (29) · chrome (4)	—
17	qsan	30	14	·	·	NEW	storage manager (23) · xevo (7) · sanos (7)	—
18	ао «концерн вниинс»	29	1	1	1	KEV 1Nuclei 1PoC 8	ос он «стрелец» (29)	—
19	maven	28	1	·	4	Nuclei 4PoC 1	org.apache.commons:commons-compress (4) · org.webjars.npm:xlsx (3) · org.apache.tomcat:tomcat (3)	—
20	fedora project	27	1	1	·	KEV 1PoC 5	fedora (27)	—
21	ооо «ред софт»	27	1	1	1	KEV 1Nuclei 1PoC 7	ред ос (27)	—
22	nchsoftware	26	·	·	·	NEWPoC 26	axon pbx (10) · quorum (8) · ivm attendant (7)	—
23	cisco	25	·	·	·	PoC 24	identity services engine (5) · cisco identity services engine software (5) · cisco intersight virtual appliance (4)	—
24	cisco systems inc.	25	·	·	·	PoC 24	cisco identity services engine (5) · intersight virtual appliance (4) · video surveillance 7000 series ip camera (4)	—
25	dell	24	5	·	·	NEW	emc openmanage enterprise-modular (4) · emc openmanage enterprise (4) · emc unity xt operating environment (3)	—
26	npm	24	4	·	1	Nuclei 1PoC 4	xlsx (3) · curly-bracket-parser (1) · deepmergefn (1)	—
27	packagist	23	4	·	·	PoC 7	lavalite/cms (5) · typo3/cms (4) · typo3/cms-core (4)	—
28	qualcomm	23	2	·	·	PoC 1	wcn3998 firmware (22) · sdx55 firmware (22) · wcn3991 firmware (22)	—
29	qualcomm, inc.	23	2	·	·	PoC 1	snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon voice & music, snapdragon wearables (4) · snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (3) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon wired infrastructure and networking (2)	—
30	schneider-electric	23	6	·	1	Nuclei 1	evlink smart wallbox evb1a firmware (13) · evlink parking evw2 firmware (13) · evlink city evc1s22p4 firmware (13)	—
31	canonical ltd.	22	·	·	·	PoC 2	ubuntu (22)	—
32	juniper	19	1	·	·	PoC 18	junos (15) · junos os evolved (4) · steel-belted radius carrier (1)	—
33	juniper networks	19	1	·	·	NEWPoC 18	junos os (15) · junos os evolved (7) · sbr carrier (1)	—
34	juniper networks inc.	19	1	·	·	PoC 18	junos (15) · junos os evolved (6) · sbr carrier (1)	—
35	linux	18	4	1	·	KEV 1PoC 3	linux kernel (7) · acrn (6) · tizen (5)	—
36	sap	18	·	·	1	Nuclei 1PoC 3	sap netweaver portal (4) · netweaver application server abap (3) · netweaver application server java (3)	—
37	fortinet inc.	17	2	·	·	NEW	fortimail (9) · fortisandbox (2) · fortiap-s (1)	—
38	samsung mobile	17	4	·	·	NEWPoC 1	tizen wearable devices (5) · samsung mobile devices (5) · samsung members (3)	—
39	apache	16	1	·	2	Nuclei 2PoC 1	commons compress (4) · tomcat (3) · ant (2)	—
40	apache software foundation	16	1	·	2	NEWNuclei 2	apache commons compress (4) · commons compress (4) · apache tomcat (3)	—
41	fortinet	16	1	·	·	NEW	fortimail (9) · fortinet fortimail (9) · fortinet fortisandbox (2)	—
42	mikrotik	16	·	·	·	NEWPoC 10	routeros (16)	—
43	schneider electric	16	6	·	1	NEWNuclei 1	evlink city evc1s22p4 (8) · evlink parking ev.2 (8) · evlink smart wallbox evb1a (8)	—
44	nextcloud	15	·	·	·		security-advisories (15) · nextcloud server (11) · nextcloud (1)	—
45	nvidia	15	·	·	·	NEW	gpu display driver (8) · nvidia gpu display driver (8) · nvidia virtual gpu software (7)	—
46	unknown	15	1	·	15	NEWNuclei 15PoC 7	sign-up sheets (2) · backup by 10web – backup and restore plugin (1) · browser screenshots (1)	—
47	arubanetworks	14	·	·	·	NEW	clearpass policy manager (11) · aos-cx firmware (3)	—
48	flowpaper	13	·	·	·	NEWPoC 5	pdf2json (13)	—
49	sap se	13	·	·	1	Nuclei 1PoC 3	sap netweaver as abap and abap platform (2) · sap 3d visual enterprise viewer (2) · sap lumira server (1)	—
50	ао «нтц ит роса»	13	·	·	1	NEWNuclei 1PoC 3	роса хром (9) · роса кобальт (3) · rosa virtualization (1)	—