month report

April 2022

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

April 2022 closed with 2,106 published CVEs. 301 criticals, 45 added to CISA KEV (10 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (270 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

2,106

— MoM— YoY

Severity mix

301 / 919

critical / high

KEV added

10 ransomware-linked

Nuclei coverage

12.3%

258 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

1422.0

n=258

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

110

n=14

Detection gap

KEV pressure, no Nuclei coverage

April 2022 · vendors with active exploitation listed by CISA but no public detection template.

KEV 2microsoft corp181 CVE
KEV 2microsoft127 CVE
KEV 1google125 CVE
KEV 1google inc60 CVE
KEV 1ао «концерн вниинс»57 CVE

Weakness × Vendor

What's spreading where in April 2022

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#8unknown99 CVE
#10oracle corporation85 CVE
#21samsung mobile55 CVE
#24cgal38 CVE
#25cgal project38 CVE
#30fisglobal28 CVE
#33mariadb25 CVE
#34siemens ag25 CVE
#37mariadb foundation24 CVE
#39mediatek, inc.21 CVE

Top vendors

Ranked by distinct CVE count this period.

1сообщество свободного программного обеспечения—
182 CVE22 critCVSS 8.0
KEV 1Nuclei 5PoC 53
debian gnu/linux (146) · cgal (38) · linux (16)
2microsoft corp—
181 CVE6 critCVSS 7.6
KEV 2PoC 5
windows server 2022 (96) · windows server 2022 (server core installation) (95) · windows server 2019 (server core installation) (91)
3ооо «русбитех-астра»—
138 CVE6 critCVSS 8.0
KEV 1Nuclei 1PoC 42
astra linux special edition (138) · astra linux special edition для «эльбрус» (49) · astra linux common edition (4)
4microsoft—
127 CVE3 critCVSS 7.6
KEV 2
windows server 2022 (97) · windows server 2016 (96) · windows server version 20h2 (96)
5google—
125 CVE3 critCVSS 7.5
KEV 1PoC 2
android (78) · chrome (47)
6ао "нппкт"—
111 CVE10 critCVSS 7.7
KEV 2Nuclei 3PoC 24
осон основа оnyx (111)
7debian—
108 CVE6 critCVSS 7.8
Nuclei 2PoC 41
debian linux (108)
8unknown—
99 CVE12 critCVSS 6.3
NEWNuclei 99PoC 49
mycred (3) · visual form builder (3) · salon booking system pro (2)
9oracle—
97 CVE5 critCVSS 7.2
KEV 3Nuclei 10PoC 3
mysql (16) · mysql server (14) · weblogic server (7)
10oracle corporation—
85 CVE3 critCVSS 5.9
NEWKEV 1Nuclei 7PoC 1
mysql server (24) · mysql cluster (7) · solaris operating system (6)
11oracle corp.—
78 CVE3 critCVSS 6.1
KEV 1Nuclei 6PoC 1
mysql server (23) · graalvm enterprise edition (6) · java se (6)
12ао «ивк»—
78 CVE2 critCVSS 6.4
PoC 15
альт 8 сп (70) · альт сп 10 (14)
13ооо «ред софт»—
72 CVE14 critCVSS 7.6
Nuclei 3PoC 18
ред ос (72)
14netapp—
61 CVECVSS 5.7
Nuclei 1PoC 3
oncommand insight (44) · active iq unified manager (42) · snapcenter (32)
15google inc—
60 CVE4 critCVSS 8.3
KEV 1PoC 2
google chrome (56) · android (4)
16cisco—
59 CVE4 critCVSS 6.6
KEV 1Nuclei 1PoC 59
ios xe (20) · cisco ios (13) · cisco ios xe software (10)
17cisco systems inc.—
58 CVE3 critCVSS 6.0
PoC 58
cisco ios xe (22) · 510 wpan industrial router: industrial routers operating system software (11) · 800 series integrated services routers (11)
18fedoraproject—
58 CVE3 critCVSS 6.9
Nuclei 2PoC 11
fedora (58) · extra packages for enterprise linux (3)
19maven—
58 CVE7 critCVSS 6.7
KEV 3Nuclei 10PoC 8
com.liferay.portal:release.dxp.bom (5) · net.sourceforge.htmlunit:neko-htmlunit (2) · org.owasp.antisamy:antisamy (2)
20ао «концерн вниинс»—
57 CVE3 critCVSS 8.0
KEV 1PoC 5
ос он «стрелец» (57)
21samsung mobile—
55 CVECVSS 5.7
NEW
samsung mobile devices (38) · galaxy store (3) · samsung flow (2)
22packagist—
53 CVE4 critCVSS 7.0
Nuclei 7PoC 18
pimcore/pimcore (4) · remdex/livehelperchat (3) · shopware/shopware (3)
23ibm—
48 CVE3 critCVSS 6.4
qradar security information and event manager (7) · qradar siem (7) · cognos analytics (7)
24cgal—
38 CVECVSS 8.8
NEWPoC 19
computational geometry algorithms library (38)
25cgal project—
38 CVECVSS 8.8
NEWPoC 19
libcgal (38)
26ао «нтц ит роса»—
38 CVE1 critCVSS 6.9
PoC 15
роса хром (29) · роса кобальт (5) · rosa virtualization (4)
27dell—
33 CVE1 critCVSS 6.5
emc powerscale onefs (20) · powerscale onefs (20) · vnx2 (4)
28red hat inc.—
30 CVE2 critCVSS 7.1
PoC 8
red hat enterprise linux (26) · red hat software collections (8) · podman (2)
29npm—
29 CVE9 critCVSS 7.7
Nuclei 5PoC 9
urijs (2) · ghost (2) · fullpage.js (2)
30fisglobal—
28 CVE3 critCVSS 7.7
NEWPoC 5
gt.m (28)
31redhat—
26 CVECVSS 7.2
PoC 2
enterprise linux (16) · openshift container platform (5) · enterprise linux for ibm z systems (2)
32siemens—
26 CVE3 critCVSS 7.6
KEV 1Nuclei 1PoC 2
scalance x320-1 fe (9) · scalance x307-2 eec (230v) (9) · scalance x307-2 eec (230v, coated) (9)
33mariadb—
25 CVECVSS 7.3
NEWPoC 10
mariadb (25)
34siemens ag—
25 CVE2 critCVSS 7.2
NEWPoC 1
scalance x306-1ld fe (9) · scalance x310 (9) · scalance x308-2 (9)
35gitlab—
24 CVE1 critCVSS 5.0
Nuclei 1PoC 3
gitlab (24) · gitlab pages (1)
36go—
24 CVE2 critCVSS 7.2
Nuclei 1PoC 1
github.com/mattermost/mattermost-server/v6 (4) · github.com/rancher/rancher (3) · github.com/beego/beego (3)
37mariadb foundation—
24 CVECVSS 7.5
NEWPoC 10
mariadb (24)
38fedora project—
21 CVE1 critCVSS 6.2
PoC 7
fedora (20) · 389 directory server (1)
39mediatek, inc.—
21 CVECVSS 6.3
NEW
mt6580, mt6731, mt6735, mt6750s, mt6753, mt6755s, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6833, mt6853, mt6853t, mt6873, mt6875, mt6877, mt6883, mt6885, mt6889, mt6891, mt6893, mt8127, mt8135, mt8163, mt8167, mt8167s, mt8168, mt8173, mt8175, mt8176, mt8183, mt8312c, mt8312d, mt8321, mt8362a, mt8365, mt8382, mt8385, mt8389, mt8392, mt8392_90, mt8665, mt8685, mt8693, mt8735, mt8735b, mt8735m, mt8752, mt8765, mt8783, mt8785, mt8788 (2) · mt6781, mt6785, mt6833, mt6853, mt6853t, mt6873, mt6877, mt6883, mt6885, mt6889, mt6891, mt6893, mt8185, mt8789, mt8791, mt8797 (2) · mt6580, mt6735, mt6737, mt6739, mt6753, mt6755, mt6755s, mt6761, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6795, mt6797, mt6799, mt6833, mt6853, mt6853t, mt6873, mt6875, mt6877, mt6879, mt6880, mt6883, mt6885, mt6889, mt6890, mt6891, mt6893, mt6895, mt6983, mt6985, mt8167, mt8167s, mt8168, mt8173, mt8175, mt8183, mt8185, mt8321, mt8362a, mt8365, mt8385, mt8675, mt8765, mt8766, mt8768, mt8786, mt8788, mt8791, mt8797 (1)
40ооо «открытая мобильная платформа»—
20 CVE10 critCVSS 8.5
PoC 2
ос аврора (20)
41sap—
19 CVECVSS 6.5
Nuclei 5PoC 2
3d visual enterprise viewer (6) · businessobjects business intelligence platform (5) · netweaver (2)
42sap se—
19 CVECVSS 6.5
Nuclei 5PoC 2
sap 3d visual enterprise viewer (6) · sap businessobjects business intelligence platform (4) · sap web dispatcher (2)
43janobe—
18 CVE18 critCVSS 9.8
NEWPoC 8
baby care system (18)
44autodesk—
17 CVECVSS 7.8
NEW
autocad (8) · autocad lt (7) · autocad map 3d (7)
45jenkins—
17 CVECVSS 5.4
subversion (2) · promoted builds (2) · publish over ftp (2)
46jenkins project—
17 CVECVSS 5.4
jenkins promoted builds plugin (2) · jenkins publish over ftp plugin (2) · jenkins subversion plugin (2)
47samsung—
17 CVECVSS 5.4
NEW
galaxy store (3) · samsung flow (2) · recovery (1)
48yottadb—
17 CVE2 critCVSS 7.7
NEWPoC 5
yottadb (15) · gt.m (2)
49фссп россии—
17 CVE10 critCVSS 8.8
NEW
ос тд аис фссп россии (17)
50fortinet—
16 CVE2 critCVSS 7.1
NEW
fortiwan (6) · fortinet fortiwan (6) · forticlient (3)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	сообщество свободного программного обеспечения	182	22	1	5	KEV 1Nuclei 5PoC 53	debian gnu/linux (146) · cgal (38) · linux (16)	—
2	microsoft corp	181	6	2	·	KEV 2PoC 5	windows server 2022 (96) · windows server 2022 (server core installation) (95) · windows server 2019 (server core installation) (91)	—
3	ооо «русбитех-астра»	138	6	1	1	KEV 1Nuclei 1PoC 42	astra linux special edition (138) · astra linux special edition для «эльбрус» (49) · astra linux common edition (4)	—
4	microsoft	127	3	2	·	KEV 2	windows server 2022 (97) · windows server 2016 (96) · windows server version 20h2 (96)	—
5	google	125	3	1	·	KEV 1PoC 2	android (78) · chrome (47)	—
6	ао "нппкт"	111	10	2	3	KEV 2Nuclei 3PoC 24	осон основа оnyx (111)	—
7	debian	108	6	·	2	Nuclei 2PoC 41	debian linux (108)	—
8	unknown	99	12	·	99	NEWNuclei 99PoC 49	mycred (3) · visual form builder (3) · salon booking system pro (2)	—
9	oracle	97	5	3	10	KEV 3Nuclei 10PoC 3	mysql (16) · mysql server (14) · weblogic server (7)	—
10	oracle corporation	85	3	1	7	NEWKEV 1Nuclei 7PoC 1	mysql server (24) · mysql cluster (7) · solaris operating system (6)	—
11	oracle corp.	78	3	1	6	KEV 1Nuclei 6PoC 1	mysql server (23) · graalvm enterprise edition (6) · java se (6)	—
12	ао «ивк»	78	2	·	·	PoC 15	альт 8 сп (70) · альт сп 10 (14)	—
13	ооо «ред софт»	72	14	·	3	Nuclei 3PoC 18	ред ос (72)	—
14	netapp	61	·	·	1	Nuclei 1PoC 3	oncommand insight (44) · active iq unified manager (42) · snapcenter (32)	—
15	google inc	60	4	1	·	KEV 1PoC 2	google chrome (56) · android (4)	—
16	cisco	59	4	1	1	KEV 1Nuclei 1PoC 59	ios xe (20) · cisco ios (13) · cisco ios xe software (10)	—
17	cisco systems inc.	58	3	·	·	PoC 58	cisco ios xe (22) · 510 wpan industrial router: industrial routers operating system software (11) · 800 series integrated services routers (11)	—
18	fedoraproject	58	3	·	2	Nuclei 2PoC 11	fedora (58) · extra packages for enterprise linux (3)	—
19	maven	58	7	3	10	KEV 3Nuclei 10PoC 8	com.liferay.portal:release.dxp.bom (5) · net.sourceforge.htmlunit:neko-htmlunit (2) · org.owasp.antisamy:antisamy (2)	—
20	ао «концерн вниинс»	57	3	1	·	KEV 1PoC 5	ос он «стрелец» (57)	—
21	samsung mobile	55	·	·	·	NEW	samsung mobile devices (38) · galaxy store (3) · samsung flow (2)	—
22	packagist	53	4	·	7	Nuclei 7PoC 18	pimcore/pimcore (4) · remdex/livehelperchat (3) · shopware/shopware (3)	—
23	ibm	48	3	·	·		qradar security information and event manager (7) · qradar siem (7) · cognos analytics (7)	—
24	cgal	38	·	·	·	NEWPoC 19	computational geometry algorithms library (38)	—
25	cgal project	38	·	·	·	NEWPoC 19	libcgal (38)	—
26	ао «нтц ит роса»	38	1	·	·	PoC 15	роса хром (29) · роса кобальт (5) · rosa virtualization (4)	—
27	dell	33	1	·	·		emc powerscale onefs (20) · powerscale onefs (20) · vnx2 (4)	—
28	red hat inc.	30	2	·	·	PoC 8	red hat enterprise linux (26) · red hat software collections (8) · podman (2)	—
29	npm	29	9	·	5	Nuclei 5PoC 9	urijs (2) · ghost (2) · fullpage.js (2)	—
30	fisglobal	28	3	·	·	NEWPoC 5	gt.m (28)	—
31	redhat	26	·	·	·	PoC 2	enterprise linux (16) · openshift container platform (5) · enterprise linux for ibm z systems (2)	—
32	siemens	26	3	1	1	KEV 1Nuclei 1PoC 2	scalance x320-1 fe (9) · scalance x307-2 eec (230v) (9) · scalance x307-2 eec (230v, coated) (9)	—
33	mariadb	25	·	·	·	NEWPoC 10	mariadb (25)	—
34	siemens ag	25	2	·	·	NEWPoC 1	scalance x306-1ld fe (9) · scalance x310 (9) · scalance x308-2 (9)	—
35	gitlab	24	1	·	1	Nuclei 1PoC 3	gitlab (24) · gitlab pages (1)	—
36	go	24	2	·	1	Nuclei 1PoC 1	github.com/mattermost/mattermost-server/v6 (4) · github.com/rancher/rancher (3) · github.com/beego/beego (3)	—
37	mariadb foundation	24	·	·	·	NEWPoC 10	mariadb (24)	—
38	fedora project	21	1	·	·	PoC 7	fedora (20) · 389 directory server (1)	—
39	mediatek, inc.	21	·	·	·	NEW	mt6580, mt6731, mt6735, mt6750s, mt6753, mt6755s, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6833, mt6853, mt6853t, mt6873, mt6875, mt6877, mt6883, mt6885, mt6889, mt6891, mt6893, mt8127, mt8135, mt8163, mt8167, mt8167s, mt8168, mt8173, mt8175, mt8176, mt8183, mt8312c, mt8312d, mt8321, mt8362a, mt8365, mt8382, mt8385, mt8389, mt8392, mt8392_90, mt8665, mt8685, mt8693, mt8735, mt8735b, mt8735m, mt8752, mt8765, mt8783, mt8785, mt8788 (2) · mt6781, mt6785, mt6833, mt6853, mt6853t, mt6873, mt6877, mt6883, mt6885, mt6889, mt6891, mt6893, mt8185, mt8789, mt8791, mt8797 (2) · mt6580, mt6735, mt6737, mt6739, mt6753, mt6755, mt6755s, mt6761, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6795, mt6797, mt6799, mt6833, mt6853, mt6853t, mt6873, mt6875, mt6877, mt6879, mt6880, mt6883, mt6885, mt6889, mt6890, mt6891, mt6893, mt6895, mt6983, mt6985, mt8167, mt8167s, mt8168, mt8173, mt8175, mt8183, mt8185, mt8321, mt8362a, mt8365, mt8385, mt8675, mt8765, mt8766, mt8768, mt8786, mt8788, mt8791, mt8797 (1)	—
40	ооо «открытая мобильная платформа»	20	10	·	·	PoC 2	ос аврора (20)	—
41	sap	19	·	·	5	Nuclei 5PoC 2	3d visual enterprise viewer (6) · businessobjects business intelligence platform (5) · netweaver (2)	—
42	sap se	19	·	·	5	Nuclei 5PoC 2	sap 3d visual enterprise viewer (6) · sap businessobjects business intelligence platform (4) · sap web dispatcher (2)	—
43	janobe	18	18	·	·	NEWPoC 8	baby care system (18)	—
44	autodesk	17	·	·	·	NEW	autocad (8) · autocad lt (7) · autocad map 3d (7)	—
45	jenkins	17	·	·	·		subversion (2) · promoted builds (2) · publish over ftp (2)	—
46	jenkins project	17	·	·	·		jenkins promoted builds plugin (2) · jenkins publish over ftp plugin (2) · jenkins subversion plugin (2)	—
47	samsung	17	·	·	·	NEW	galaxy store (3) · samsung flow (2) · recovery (1)	—
48	yottadb	17	2	·	·	NEWPoC 5	yottadb (15) · gt.m (2)	—
49	фссп россии	17	10	·	·	NEW	ос тд аис фссп россии (17)	—
50	fortinet	16	2	·	·	NEW	fortiwan (6) · fortinet fortiwan (6) · forticlient (3)	—