month report
August 2021
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
August 2021 closed with 2,317 published CVEs. 253 criticals, сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (322 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
2,317
— MoM— YoY
Severity mix
253 / 932
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
9.8%
227 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
1663.4
n=227
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
230
n=22
Detection gap
KEV pressure, no Nuclei coverage
August 2021 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 8apple154 CVE
- KEV 7apple inc.23 CVE
- KEV 5microsoft corp62 CVE
- KEV 4microsoft49 CVE
- KEV 1google136 CVE
- KEV 1google inc47 CVE
- KEV 1novell inc.21 CVE
Weakness × Vendor
What's spreading where in August 2021
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS787Out-of-bounds Write125Out-of-bounds Read416Use After Free89SQL Injection352CSRF20Improper Input Validation362Race Condition476NULL Pointer Dereference22Path Traversalсообщество свободного программного обеспечения11181113255106apple119157311google19222312111fedoraproject4115203641debian56584313ао "нппкт"110694515ооо «русбитех-астра»1137275123unknown6714132crates.io21333pypi721326111adobe220241133adobe systems inc.219241033
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #2apple154 CVE
- #8unknown94 CVE
- #9crates.io90 CVE
- #14tensorflow58 CVE
- #25foxitsoftware37 CVE
- #26gpac36 CVE
- #30dell31 CVE
- #32foxit28 CVE
- #37apple inc.23 CVE
- #38cybozu23 CVE
Top vendors
Ranked by distinct CVE count this period.
- 227 CVE10 critCVSS 7.1KEV 3Nuclei 12PoC 57debian gnu/linux (202) · gpac (35) · linux (21)
- 154 CVE3 critCVSS 6.9NEWKEV 8PoC 7macos (130) · iphone os (106) · ipados (102)
- 136 CVE2 critCVSS 7.3KEV 1PoC 12tensorflow (58) · chrome (45) · android (32)
- 123 CVE5 critCVSS 7.2KEV 3Nuclei 5PoC 23fedora (123) · extra packages for enterprise linux (1)
- 122 CVE3 critCVSS 7.5KEV 3Nuclei 9PoC 31debian linux (122)
- 117 CVE4 critCVSS 7.6KEV 1Nuclei 4PoC 30осон основа оnyx (117)
- 113 CVE3 critCVSS 7.3KEV 2Nuclei 5PoC 27astra linux special edition (109) · astra linux special edition для «эльбрус» (19) · astra linux common edition (11)
- 94 CVE4 critCVSS 6.1NEWNuclei 94PoC 42workreap (3) · photo gallery by 10web – mobile-friendly image gallery (2) · user registration & user profile – profile builder (2)
- 90 CVE13 critCVSS 8.0NEWPoC 18cgc (3) · libpulse-binding (3) · ckb (3)
- 86 CVE11 critCVSS 6.8Nuclei 1PoC 3tensorflow-gpu (58) · tensorflow (58) · tensorflow-cpu (58)
- 79 CVECVSS 6.4acrobat dc (22) · acrobat reader (22) · acrobat reader dc (22)
- 76 CVECVSS 6.5adobe acrobat 2020 (22) · adobe acrobat document cloud (22) · adobe acrobat reader 2020 (22)
- 62 CVE3 critCVSS 7.9KEV 5PoC 6windows server 2019 (26) · windows 10 21h1 (25) · windows 10 1809 (25)
- 58 CVE1 critCVSS 6.6NEWtensorflow (58)
- 55 CVE3 critCVSS 7.1KEV 1Nuclei 6PoC 16shopware/platform (5) · shopware/core (5) · mautic/core (5)
- 55 CVE2 critCVSS 7.2KEV 1Nuclei 1PoC 10альт 8 сп (42) · альт сп 10 (10) · альт 8 сп рабочая станция (7)
- 51 CVE2 critCVSS 6.7KEV 1Nuclei 5PoC 5com.liferay.portal:release.dxp.bom (17) · com.thoughtworks.xstream:xstream (14) · com.liferay.portal:release.portal.bom (14)
- 49 CVE3 critCVSS 7.7KEV 4PoC 1windows server 2019 (26) · windows 10 version 2004 (25) · windows 10 version 1809 (25)
- 47 CVE1 critCVSS 8.1KEV 1PoC 11google chrome (45) · android (1) · android studio (1)
- 47 CVE2 critCVSS 7.9KEV 1Nuclei 8PoC 13communications cloud native core policy (16) · communications cloud native core binding support function (16) · commerce guided search (16)
- 46 CVE3 critCVSS 7.6Nuclei 1PoC 7ос он «стрелец» (46)
- 44 CVE7 critCVSS 7.8emui (25) · magic ui (25) · harmonyos (11)
- 42 CVE4 critCVSS 7.4PoC 8tar (5) · node-tar (5) · ckeditor4 (3)
- 42 CVE1 critCVSS 7.1KEV 2Nuclei 2PoC 8red hat enterprise linux (41) · red hat software collections (4) · red hat process automation (4)
- 37 CVE9 critCVSS 8.4NEWpdf editor (28) · phantompdf (9) · foxit reader (9)
- 36 CVECVSS 8.2NEWPoC 15gpac (36)
- 35 CVE2 critCVSS 7.1KEV 1Nuclei 7PoC 11snapmanager (14) · solidfire (11) · hci management node (11)
- 35 CVE2 critCVSS 5.8Nuclei 3PoC 7sinec infrastructure network services (16) · logo\! cmr2040 firmware (3) · logo\! cmr2020 firmware (3)
- 32 CVE4 critCVSS 6.7cloud pak for security (5) · aix (4) · vios (4)
- 31 CVE3 critCVSS 6.8NEWpowerscale onefs (15) · emc powerscale onefs (12) · emc idrac9 firmware (6)
- 29 CVE4 critCVSS 7.2PoC 29nx-os (8) · cloud application policy infrastructure controller (6) · cisco application policy infrastructure controller (apic) (6)
- 28 CVE1 critCVSS 7.9NEWPoC 1pdf reader (28) · reader (1)
- 28 CVE5 critCVSS 6.0r6700 firmware (12) · r6400 firmware (11) · r6900 firmware (11)
- 28 CVE2 critCVSS 6.9PoC 4ред ос (28)
- 27 CVECVSS 6.7KEV 2Nuclei 1PoC 6fedora (27)
- 25 CVE4 critCVSS 7.5PoC 25nx-os (6) · application policy infrastructure controller (4) · cisco rv345p (2)
- 23 CVECVSS 7.9NEWKEV 7PoC 1macos (21) · ios (16) · ipados (16)
- 23 CVECVSS 4.9NEWgaroon (23)
- 23 CVECVSS 4.9NEWcybozu garoon (23)
- 22 CVE2 critCVSS 8.2NEWPoC 1firefox (19) · thunderbird (12) · firefox esr (8)
- 22 CVE3 critCVSS 8.4NEWPoC 1firefox (20) · thunderbird (13) · firefox esr (8)
- 21 CVECVSS 5.7PoC 3linux kernel (21)
- 21 CVE1 critCVSS 6.7KEV 1PoC 4opensuse leap (18) · suse linux enterprise server (2) · suse linux enterprise server for sap applications (2)
- 20 CVE1 critCVSS 5.6PoC 2gitlab (20) · gitlab ee (1)
- 20 CVE1 critCVSS 5.6NEWPoC 2gitlab (20)
- 20 CVECVSS 5.8NEWliferay portal (20) · digital experience platform (18) · dxp (1)
- 19 CVE9 critCVSS 8.9NEWPoC 7ecostruxure control expert (12) · scadapack remoteconnect (12) · ecostruxure process expert (10)
- 18 CVE2 critCVSS 6.6fortisandbox (7) · fortinet fortisandbox (6) · fortinet fortiportal (6)
- 16 CVECVSS 5.4NEWPoC 1exiv2 (16)
- 16 CVECVSS 5.7NEWPoC 1exiv2 (16)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | сообщество свободного программного обеспечения | 227 | 10 | 3 | 12 | KEV 3Nuclei 12PoC 57 | debian gnu/linux (202) · gpac (35) · linux (21) | — | |
| 2 | apple | 154 | 3 | 8 | · | NEWKEV 8PoC 7 | macos (130) · iphone os (106) · ipados (102) | — | |
| 3 | 136 | 2 | 1 | · | KEV 1PoC 12 | tensorflow (58) · chrome (45) · android (32) | — | ||
| 4 | fedoraproject | 123 | 5 | 3 | 5 | KEV 3Nuclei 5PoC 23 | fedora (123) · extra packages for enterprise linux (1) | — | |
| 5 | debian | 122 | 3 | 3 | 9 | KEV 3Nuclei 9PoC 31 | debian linux (122) | — | |
| 6 | ао "нппкт" | 117 | 4 | 1 | 4 | KEV 1Nuclei 4PoC 30 | осон основа оnyx (117) | — | |
| 7 | ооо «русбитех-астра» | 113 | 3 | 2 | 5 | KEV 2Nuclei 5PoC 27 | astra linux special edition (109) · astra linux special edition для «эльбрус» (19) · astra linux common edition (11) | — | |
| 8 | unknown | 94 | 4 | · | 94 | NEWNuclei 94PoC 42 | workreap (3) · photo gallery by 10web – mobile-friendly image gallery (2) · user registration & user profile – profile builder (2) | — | |
| 9 | crates.io | 90 | 13 | · | · | NEWPoC 18 | cgc (3) · libpulse-binding (3) · ckb (3) | — | |
| 10 | pypi | 86 | 11 | · | 1 | Nuclei 1PoC 3 | tensorflow-gpu (58) · tensorflow (58) · tensorflow-cpu (58) | — | |
| 11 | adobe | 79 | · | · | · | acrobat dc (22) · acrobat reader (22) · acrobat reader dc (22) | — | ||
| 12 | adobe systems inc. | 76 | · | · | · | adobe acrobat 2020 (22) · adobe acrobat document cloud (22) · adobe acrobat reader 2020 (22) | — | ||
| 13 | microsoft corp | 62 | 3 | 5 | · | KEV 5PoC 6 | windows server 2019 (26) · windows 10 21h1 (25) · windows 10 1809 (25) | — | |
| 14 | tensorflow | 58 | 1 | · | · | NEW | tensorflow (58) | — | |
| 15 | packagist | 55 | 3 | 1 | 6 | KEV 1Nuclei 6PoC 16 | shopware/platform (5) · shopware/core (5) · mautic/core (5) | — | |
| 16 | ао «ивк» | 55 | 2 | 1 | 1 | KEV 1Nuclei 1PoC 10 | альт 8 сп (42) · альт сп 10 (10) · альт 8 сп рабочая станция (7) | — | |
| 17 | maven | 51 | 2 | 1 | 5 | KEV 1Nuclei 5PoC 5 | com.liferay.portal:release.dxp.bom (17) · com.thoughtworks.xstream:xstream (14) · com.liferay.portal:release.portal.bom (14) | — | |
| 18 | microsoft | 49 | 3 | 4 | · | KEV 4PoC 1 | windows server 2019 (26) · windows 10 version 2004 (25) · windows 10 version 1809 (25) | — | |
| 19 | google inc | 47 | 1 | 1 | · | KEV 1PoC 11 | google chrome (45) · android (1) · android studio (1) | — | |
| 20 | oracle | 47 | 2 | 1 | 8 | KEV 1Nuclei 8PoC 13 | communications cloud native core policy (16) · communications cloud native core binding support function (16) · commerce guided search (16) | — | |
| 21 | ао «концерн вниинс» | 46 | 3 | · | 1 | Nuclei 1PoC 7 | ос он «стрелец» (46) | — | |
| 22 | huawei | 44 | 7 | · | · | emui (25) · magic ui (25) · harmonyos (11) | — | ||
| 23 | npm | 42 | 4 | · | · | PoC 8 | tar (5) · node-tar (5) · ckeditor4 (3) | — | |
| 24 | red hat inc. | 42 | 1 | 2 | 2 | KEV 2Nuclei 2PoC 8 | red hat enterprise linux (41) · red hat software collections (4) · red hat process automation (4) | — | |
| 25 | foxitsoftware | 37 | 9 | · | · | NEW | pdf editor (28) · phantompdf (9) · foxit reader (9) | — | |
| 26 | gpac | 36 | · | · | · | NEWPoC 15 | gpac (36) | — | |
| 27 | netapp | 35 | 2 | 1 | 7 | KEV 1Nuclei 7PoC 11 | snapmanager (14) · solidfire (11) · hci management node (11) | — | |
| 28 | siemens | 35 | 2 | · | 3 | Nuclei 3PoC 7 | sinec infrastructure network services (16) · logo\! cmr2040 firmware (3) · logo\! cmr2020 firmware (3) | — | |
| 29 | ibm | 32 | 4 | · | · | cloud pak for security (5) · aix (4) · vios (4) | — | ||
| 30 | dell | 31 | 3 | · | · | NEW | powerscale onefs (15) · emc powerscale onefs (12) · emc idrac9 firmware (6) | — | |
| 31 | cisco | 29 | 4 | · | · | PoC 29 | nx-os (8) · cloud application policy infrastructure controller (6) · cisco application policy infrastructure controller (apic) (6) | — | |
| 32 | foxit | 28 | 1 | · | · | NEWPoC 1 | pdf reader (28) · reader (1) | — | |
| 33 | netgear | 28 | 5 | · | · | r6700 firmware (12) · r6400 firmware (11) · r6900 firmware (11) | — | ||
| 34 | ооо «ред софт» | 28 | 2 | · | · | PoC 4 | ред ос (28) | — | |
| 35 | fedora project | 27 | · | 2 | 1 | KEV 2Nuclei 1PoC 6 | fedora (27) | — | |
| 36 | cisco systems inc. | 25 | 4 | · | · | PoC 25 | nx-os (6) · application policy infrastructure controller (4) · cisco rv345p (2) | — | |
| 37 | apple inc. | 23 | · | 7 | · | NEWKEV 7PoC 1 | macos (21) · ios (16) · ipados (16) | — | |
| 38 | cybozu | 23 | · | · | · | NEW | garoon (23) | — | |
| 39 | cybozu, inc. | 23 | · | · | · | NEW | cybozu garoon (23) | — | |
| 40 | mozilla | 22 | 2 | · | · | NEWPoC 1 | firefox (19) · thunderbird (12) · firefox esr (8) | — | |
| 41 | mozilla corp. | 22 | 3 | · | · | NEWPoC 1 | firefox (20) · thunderbird (13) · firefox esr (8) | — | |
| 42 | linux | 21 | · | · | · | PoC 3 | linux kernel (21) | — | |
| 43 | novell inc. | 21 | 1 | 1 | · | KEV 1PoC 4 | opensuse leap (18) · suse linux enterprise server (2) · suse linux enterprise server for sap applications (2) | — | |
| 44 | gitlab | 20 | 1 | · | · | PoC 2 | gitlab (20) · gitlab ee (1) | — | |
| 45 | gitlab inc. | 20 | 1 | · | · | NEWPoC 2 | gitlab (20) | — | |
| 46 | liferay | 20 | · | · | · | NEW | liferay portal (20) · digital experience platform (18) · dxp (1) | — | |
| 47 | schneider electric | 19 | 9 | · | · | NEWPoC 7 | ecostruxure control expert (12) · scadapack remoteconnect (12) · ecostruxure process expert (10) | — | |
| 48 | fortinet | 18 | 2 | · | · | fortisandbox (7) · fortinet fortisandbox (6) · fortinet fortiportal (6) | — | ||
| 49 | exiv2 | 16 | · | · | · | NEWPoC 1 | exiv2 (16) | — | |
| 50 | exiv2 authors | 16 | · | · | · | NEWPoC 1 | exiv2 (16) | — |