month report
March 2022
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
March 2022 closed with 2,136 published CVEs. 391 criticals, 226 added to CISA KEV (48 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (310 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
2,136
— MoM— YoY
Severity mix
391 / 760
critical / high
KEV added
226
48 ransomware-linked
Nuclei coverage
13.3%
284 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
1452.1
n=284
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
74
n=13
Detection gap
KEV pressure, no Nuclei coverage
March 2022 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 2netapp50 CVE
- KEV 2linux43 CVE
- KEV 1novell inc.27 CVE
- KEV 1siemens25 CVE
- KEV 1ооо «открытая мобильная платформа»17 CVE
Weakness × Vendor
What's spreading where in March 2022
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS787Out-of-bounds Write89SQL Injection22Path Traversal434Unrestricted File Upload862Missing Authorization125Out-of-bounds Read78OS Command Injection200Information Exposure20Improper Input Validationсообщество свободного программного обеспечения51922564google201597unknown66274661ооо «русбитех-астра»4152563ао "нппкт"31611343fedoraproject91722146packagist4693132262debian5111763maven23127122apple18131microsoft5microsoft corp5
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #1сообщество свободного программного обеспечения160 CVE
- #2google136 CVE
- #3unknown128 CVE
- #4ооо «русбитех-астра»123 CVE
- #5ао "нппкт"114 CVE
- #6fedoraproject111 CVE
- #7packagist110 CVE
- #8debian99 CVE
- #9maven88 CVE
- #10apple82 CVE
Top vendors
Ranked by distinct CVE count this period.
- 160 CVE11 critCVSS 7.0NEWKEV 3Nuclei 1PoC 43debian gnu/linux (126) · linux (55) · webkitgtk (5)
- 136 CVE6 critCVSS 6.6NEWKEV 1Nuclei 1PoC 2android (132) · data transfer project (1) · firebase php-jwt (1)
- 128 CVE19 critCVSS 6.6NEWNuclei 128PoC 59amelia – events & appointments booking calendar (4) · custom content shortcode (3) · wordpress file upload (3)
- 123 CVE7 critCVSS 6.9NEWKEV 3Nuclei 4PoC 30astra linux special edition (117) · astra linux special edition для «эльбрус» (35) · astra linux common edition (8)
- 114 CVE12 critCVSS 7.1NEWKEV 3Nuclei 4PoC 32осон основа оnyx (114)
- 111 CVE11 critCVSS 7.0NEWKEV 2Nuclei 7PoC 37fedora (111) · extra packages for enterprise linux (4)
- 110 CVE13 critCVSS 6.5NEWNuclei 26PoC 49showdoc/showdoc (19) · microweber/microweber (16) · moodle/moodle (8)
- 99 CVE11 critCVSS 7.0NEWKEV 1Nuclei 4PoC 25debian linux (99)
- 88 CVE13 critCVSS 6.5NEWKEV 1Nuclei 10PoC 9com.liferay.portal:release.dxp.bom (7) · org.jenkins-ci.plugins:proxmox (4) · org.jenkins-ci.plugins:extended-choice-parameter (4)
- 82 CVE8 critCVSS 7.2NEWKEV 2Nuclei 3PoC 4macos (55) · ipados (45) · iphone os (44)
- 71 CVECVSS 6.9NEWPoC 4windows 10 (31) · windows 10 version 21h2 (30) · windows 10 version 21h1 (30)
- 71 CVECVSS 6.9NEWPoC 4windows 10 21h2 (31) · windows 10 21h1 (31) · windows 10 1909 (30)
- 64 CVE9 critCVSS 7.3NEWKEV 2Nuclei 6PoC 21ред ос (64)
- 61 CVE44 critCVSS 9.2NEWPoC 30ac6 firmware (17) · ax1806 firmware (13) · ac9 firmware (13)
- 54 CVE7 critCVSS 7.2NEWNuclei 5PoC 8salt (4) · freetakserver-ui (4) · ansible (2)
- 53 CVECVSS 6.9NEWaudition (9) · bridge (9) · character animator (preview 4) (8)
- 52 CVE1 critCVSS 6.8NEWadobe audition (9) · adobe bridge (9) · character animator 2022 (8)
- 52 CVECVSS 6.0NEWproxmox (4) · continuous integration with toad edge (4) · job and node ownership (4)
- 52 CVECVSS 6.0NEWjenkins job and node ownership plugin (4) · jenkins extended choice parameter plugin (4) · jenkins continuous integration with toad edge plugin (4)
- 52 CVE1 critCVSS 7.5NEWKEV 2Nuclei 1PoC 15red hat enterprise linux (42) · red hat virtualization (7) · red hat openshift container platform (4)
- 51 CVE6 critCVSS 7.2NEWKEV 1Nuclei 4PoC 13альт 8 сп (43) · альт сп 10 (10)
- 50 CVE1 critCVSS 7.3NEWKEV 2PoC 19h700s firmware (29) · h300s firmware (29) · h410s firmware (29)
- 48 CVE8 critCVSS 7.0NEWNuclei 4PoC 17node-forge (3) · node-ipc (3) · vditor (2)
- 46 CVE2 critCVSS 7.4NEWKEV 2Nuclei 3PoC 13enterprise linux (30) · enterprise linux for power little endian (14) · enterprise linux for ibm z systems (13)
- 43 CVE1 critCVSS 6.8NEWKEV 2PoC 14linux kernel (43) · kernel (2)
- 41 CVE5 critCVSS 7.4NEWKEV 1Nuclei 1PoC 17ubuntu (41)
- 36 CVE5 critCVSS 7.3NEWNuclei 5PoC 7gogs.io/gogs (5) · code.gitea.io/gitea (3) · github.com/argoproj/argo-cd (3)
- 30 CVE1 critCVSS 6.0NEWaix (6) · vios (6) · spectrum copy data management (4)
- 28 CVE20 critCVSS 9.5NEWNuclei 4PoC 12a3100r firmware (13) · a810r firmware (8) · a3000ru firmware (8)
- 27 CVE1 critCVSS 7.6NEWKEV 1PoC 9opensuse leap (20) · suse linux enterprise server (17) · suse linux enterprise server for sap applications (15)
- 26 CVE3 critCVSS 7.1NEWNuclei 4PoC 5ос он «стрелец» (26)
- 25 CVE4 critCVSS 7.4NEWPoC 9fedora (23) · 389 directory server (2)
- 25 CVE5 critCVSS 7.3NEWKEV 1Nuclei 6PoC 4communications cloud native core binding support function (15) · communications cloud native core network exposure function (11) · communications cloud native core policy (9)
- 25 CVE3 critCVSS 7.1NEWKEV 1PoC 2ruggedcom rs416p (7) · ruggedcom rs416 (7) · ruggedcom rmc8388 v4.x (7)
- 22 CVECVSS 4.1NEWsamsung mobile devices (12) · galaxy watch plugin (2) · watch active plugin (1)
- 22 CVE3 critCVSS 7.5NEWKEV 1Nuclei 4PoC 5rosa virtualization (15) · роса хром (8) · rosa virtualization 3.0 (7)
- 20 CVE2 critCVSS 8.8NEWpc bios (11) · probook 440 g8 firmware (6) · prodesk 405 g6 small form factor firmware (6)
- 19 CVE16 critCVSS 9.4NEWdiaenergie (18) · cncsoft (1)
- 19 CVE16 critCVSS 9.4NEWdiaenergie (18) · cncsoft screeneditor (1)
- 19 CVE2 critCVSS 7.6NEWmagic ui (18) · emui (18) · harmonyos (11)
- 19 CVECVSS 5.5NEWPoC 10showdoc (19)
- 19 CVECVSS 5.5NEWPoC 10star7th/showdoc (19)
- 19 CVE6 critCVSS 8.1NEWNuclei 5PoC 7ос тд аис фссп россии (19)
- 17 CVE1 critCVSS 6.3NEWNuclei 10PoC 7microweber (16) · microweber/microweber (16) · whmcs (1)
- 17 CVE10 critCVSS 8.8NEWfactorytalk assetcentre (9) · isagraf runtime (5) · connected components workbench (3)
- 17 CVE10 critCVSS 7.8NEWfactorytalk assetcentre (9) · micro810 firmware (5) · aadvance controller (5)
- 17 CVE11 critCVSS 9.0NEWNuclei 1PoC 6tl-wr886n firmware (10) · tl-wr840n firmware (4) · tapo c200 (1)
- 17 CVE1 critCVSS 7.6NEWKEV 1PoC 7ос аврора (17)
- 16 CVE6 critCVSS 8.0NEWpacis gtw (5) · saitel dp (5) · saitel dr (5)
- 16 CVE6 critCVSS 8.3NEWscd2200 firmware (5) · micom c264 firmware (5) · easergy t300 firmware (5)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | сообщество свободного программного обеспечения | 160 | 11 | 3 | 1 | NEWKEV 3Nuclei 1PoC 43 | debian gnu/linux (126) · linux (55) · webkitgtk (5) | — | |
| 2 | 136 | 6 | 1 | 1 | NEWKEV 1Nuclei 1PoC 2 | android (132) · data transfer project (1) · firebase php-jwt (1) | — | ||
| 3 | unknown | 128 | 19 | · | 128 | NEWNuclei 128PoC 59 | amelia – events & appointments booking calendar (4) · custom content shortcode (3) · wordpress file upload (3) | — | |
| 4 | ооо «русбитех-астра» | 123 | 7 | 3 | 4 | NEWKEV 3Nuclei 4PoC 30 | astra linux special edition (117) · astra linux special edition для «эльбрус» (35) · astra linux common edition (8) | — | |
| 5 | ао "нппкт" | 114 | 12 | 3 | 4 | NEWKEV 3Nuclei 4PoC 32 | осон основа оnyx (114) | — | |
| 6 | fedoraproject | 111 | 11 | 2 | 7 | NEWKEV 2Nuclei 7PoC 37 | fedora (111) · extra packages for enterprise linux (4) | — | |
| 7 | packagist | 110 | 13 | · | 26 | NEWNuclei 26PoC 49 | showdoc/showdoc (19) · microweber/microweber (16) · moodle/moodle (8) | — | |
| 8 | debian | 99 | 11 | 1 | 4 | NEWKEV 1Nuclei 4PoC 25 | debian linux (99) | — | |
| 9 | maven | 88 | 13 | 1 | 10 | NEWKEV 1Nuclei 10PoC 9 | com.liferay.portal:release.dxp.bom (7) · org.jenkins-ci.plugins:proxmox (4) · org.jenkins-ci.plugins:extended-choice-parameter (4) | — | |
| 10 | apple | 82 | 8 | 2 | 3 | NEWKEV 2Nuclei 3PoC 4 | macos (55) · ipados (45) · iphone os (44) | — | |
| 11 | microsoft | 71 | · | · | · | NEWPoC 4 | windows 10 (31) · windows 10 version 21h2 (30) · windows 10 version 21h1 (30) | — | |
| 12 | microsoft corp | 71 | · | · | · | NEWPoC 4 | windows 10 21h2 (31) · windows 10 21h1 (31) · windows 10 1909 (30) | — | |
| 13 | ооо «ред софт» | 64 | 9 | 2 | 6 | NEWKEV 2Nuclei 6PoC 21 | ред ос (64) | — | |
| 14 | tenda | 61 | 44 | · | · | NEWPoC 30 | ac6 firmware (17) · ax1806 firmware (13) · ac9 firmware (13) | — | |
| 15 | pypi | 54 | 7 | · | 5 | NEWNuclei 5PoC 8 | salt (4) · freetakserver-ui (4) · ansible (2) | — | |
| 16 | adobe | 53 | · | · | · | NEW | audition (9) · bridge (9) · character animator (preview 4) (8) | — | |
| 17 | adobe systems inc. | 52 | 1 | · | · | NEW | adobe audition (9) · adobe bridge (9) · character animator 2022 (8) | — | |
| 18 | jenkins | 52 | · | · | · | NEW | proxmox (4) · continuous integration with toad edge (4) · job and node ownership (4) | — | |
| 19 | jenkins project | 52 | · | · | · | NEW | jenkins job and node ownership plugin (4) · jenkins extended choice parameter plugin (4) · jenkins continuous integration with toad edge plugin (4) | — | |
| 20 | red hat inc. | 52 | 1 | 2 | 1 | NEWKEV 2Nuclei 1PoC 15 | red hat enterprise linux (42) · red hat virtualization (7) · red hat openshift container platform (4) | — | |
| 21 | ао «ивк» | 51 | 6 | 1 | 4 | NEWKEV 1Nuclei 4PoC 13 | альт 8 сп (43) · альт сп 10 (10) | — | |
| 22 | netapp | 50 | 1 | 2 | · | NEWKEV 2PoC 19 | h700s firmware (29) · h300s firmware (29) · h410s firmware (29) | — | |
| 23 | npm | 48 | 8 | · | 4 | NEWNuclei 4PoC 17 | node-forge (3) · node-ipc (3) · vditor (2) | — | |
| 24 | redhat | 46 | 2 | 2 | 3 | NEWKEV 2Nuclei 3PoC 13 | enterprise linux (30) · enterprise linux for power little endian (14) · enterprise linux for ibm z systems (13) | — | |
| 25 | linux | 43 | 1 | 2 | · | NEWKEV 2PoC 14 | linux kernel (43) · kernel (2) | — | |
| 26 | canonical ltd. | 41 | 5 | 1 | 1 | NEWKEV 1Nuclei 1PoC 17 | ubuntu (41) | — | |
| 27 | go | 36 | 5 | · | 5 | NEWNuclei 5PoC 7 | gogs.io/gogs (5) · code.gitea.io/gitea (3) · github.com/argoproj/argo-cd (3) | — | |
| 28 | ibm | 30 | 1 | · | · | NEW | aix (6) · vios (6) · spectrum copy data management (4) | — | |
| 29 | totolink | 28 | 20 | · | 4 | NEWNuclei 4PoC 12 | a3100r firmware (13) · a810r firmware (8) · a3000ru firmware (8) | — | |
| 30 | novell inc. | 27 | 1 | 1 | · | NEWKEV 1PoC 9 | opensuse leap (20) · suse linux enterprise server (17) · suse linux enterprise server for sap applications (15) | — | |
| 31 | ао «концерн вниинс» | 26 | 3 | · | 4 | NEWNuclei 4PoC 5 | ос он «стрелец» (26) | — | |
| 32 | fedora project | 25 | 4 | · | · | NEWPoC 9 | fedora (23) · 389 directory server (2) | — | |
| 33 | oracle | 25 | 5 | 1 | 6 | NEWKEV 1Nuclei 6PoC 4 | communications cloud native core binding support function (15) · communications cloud native core network exposure function (11) · communications cloud native core policy (9) | — | |
| 34 | siemens | 25 | 3 | 1 | · | NEWKEV 1PoC 2 | ruggedcom rs416p (7) · ruggedcom rs416 (7) · ruggedcom rmc8388 v4.x (7) | — | |
| 35 | samsung mobile | 22 | · | · | · | NEW | samsung mobile devices (12) · galaxy watch plugin (2) · watch active plugin (1) | — | |
| 36 | ао «нтц ит роса» | 22 | 3 | 1 | 4 | NEWKEV 1Nuclei 4PoC 5 | rosa virtualization (15) · роса хром (8) · rosa virtualization 3.0 (7) | — | |
| 37 | hp | 20 | 2 | · | · | NEW | pc bios (11) · probook 440 g8 firmware (6) · prodesk 405 g6 small form factor firmware (6) | — | |
| 38 | delta electronics | 19 | 16 | · | · | NEW | diaenergie (18) · cncsoft (1) | — | |
| 39 | deltaww | 19 | 16 | · | · | NEW | diaenergie (18) · cncsoft screeneditor (1) | — | |
| 40 | huawei | 19 | 2 | · | · | NEW | magic ui (18) · emui (18) · harmonyos (11) | — | |
| 41 | showdoc | 19 | · | · | · | NEWPoC 10 | showdoc (19) | — | |
| 42 | star7th | 19 | · | · | · | NEWPoC 10 | star7th/showdoc (19) | — | |
| 43 | фссп россии | 19 | 6 | · | 5 | NEWNuclei 5PoC 7 | ос тд аис фссп россии (19) | — | |
| 44 | microweber | 17 | 1 | · | 10 | NEWNuclei 10PoC 7 | microweber (16) · microweber/microweber (16) · whmcs (1) | — | |
| 45 | rockwell automation | 17 | 10 | · | · | NEW | factorytalk assetcentre (9) · isagraf runtime (5) · connected components workbench (3) | — | |
| 46 | rockwellautomation | 17 | 10 | · | · | NEW | factorytalk assetcentre (9) · micro810 firmware (5) · aadvance controller (5) | — | |
| 47 | tp-link | 17 | 11 | · | 1 | NEWNuclei 1PoC 6 | tl-wr886n firmware (10) · tl-wr840n firmware (4) · tapo c200 (1) | — | |
| 48 | ооо «открытая мобильная платформа» | 17 | 1 | 1 | · | NEWKEV 1PoC 7 | ос аврора (17) | — | |
| 49 | schneider electric | 16 | 6 | · | · | NEW | pacis gtw (5) · saitel dp (5) · saitel dr (5) | — | |
| 50 | schneider-electric | 16 | 6 | · | · | NEW | scd2200 firmware (5) · micom c264 firmware (5) · easergy t300 firmware (5) | — |