month report

January 2023

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

January 2023 closed with 2,619 published CVEs. 338 criticals, 5 added to CISA KEV (3 ransomware-linked). unknown led volume, mostly via welcart e-commerce. Top weakness class — CWE-79 (268 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

2,619

— MoM— YoY

Severity mix

338 / 799

critical / high

KEV added

3 ransomware-linked

Nuclei coverage

12.1%

317 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

1143.9

n=317

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

n=7

Detection gap

KEV pressure, no Nuclei coverage

January 2023 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1microsoft corp107 CVE
KEV 1microsoft103 CVE
KEV 1ао «ивк»56 CVE
KEV 1adobe31 CVE
KEV 1adobe systems inc.31 CVE
KEV 1debian23 CVE

Weakness × Vendor

What's spreading where in January 2023

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#1unknown186 CVE
#2google112 CVE
#3microsoft corp107 CVE
#4microsoft103 CVE
#5сообщество свободного программного обеспечения102 CVE
#6insteon82 CVE
#7oracle corp.80 CVE
#8maven78 CVE
#9ао "нппкт"76 CVE
#10oracle74 CVE

Top vendors

Ranked by distinct CVE count this period.

1unknown—
186 CVE15 critCVSS 6.2
NEWNuclei 186PoC 179
welcart e-commerce (4) · letsrecover (3) · wp rss by publishers (3)
2google—
112 CVECVSS 6.8
NEWPoC 3
android (84) · chrome (28) · chrome os (1)
3microsoft corp—
107 CVECVSS 7.5
NEWKEV 1PoC 4
windows 11 22h2 (63) · windows 10 21h2 (62) · windows 10 20h2 (61)
4microsoft—
103 CVECVSS 7.5
NEWKEV 1PoC 5
windows 11 version 22h2 (64) · windows 11 version 21h2 (64) · windows 10 version 21h2 (63)
5сообщество свободного программного обеспечения—
102 CVE10 critCVSS 7.0
NEWKEV 1Nuclei 5PoC 33
debian gnu/linux (60) · linux (23) · vim (7)
6insteon—
82 CVE80 critCVSS 9.9
NEWPoC 16
hub (82) · hub firmware (76) · insteon hub firmware (6)
7oracle corp.—
80 CVE1 critCVSS 6.1
NEWKEV 2Nuclei 6PoC 2
mysql server (23) · e-business suite (12) · oracle exadata (7)
8maven—
78 CVE15 critCVSS 7.3
NEWNuclei 2PoC 6
org.jenkins-ci.plugins:jira-steps (4) · io.jenkins.plugins:macstadium-orka (3) · org.jenkins-ci.plugins:testquality-updater (3)
9ао "нппкт"—
76 CVE6 critCVSS 7.1
NEWKEV 1Nuclei 1PoC 20
осон основа оnyx (76)
10oracle—
74 CVE1 critCVSS 5.8
NEWKEV 1Nuclei 6PoC 1
mysql server (14) · mysql (10) · vm virtualbox (6)
11oracle corporation—
74 CVE1 critCVSS 5.9
NEWKEV 1Nuclei 6PoC 1
mysql server (24) · vm virtualbox (6) · weblogic server (5)
12ооо «русбитех-астра»—
66 CVE6 critCVSS 7.4
NEWKEV 1Nuclei 1PoC 16
astra linux special edition (58) · astra linux common edition (11) · astra linux special edition для «эльбрус» (9)
13packagist—
65 CVE6 critCVSS 5.9
NEWNuclei 6PoC 7
thorsten/phpmyfaq (9) · cakephp/cakephp (7) · froxlor/froxlor (6)
14pdf-xchange—
65 CVECVSS 6.8
NEW
pdf-xchange editor (65)
15siretta—
64 CVE43 critCVSS 9.1
NEWPoC 21
quartz-gold (64) · quartz-gold firmware (64)
16red hat inc.—
58 CVE7 critCVSS 6.6
NEWPoC 10
red hat enterprise linux (47) · red hat software collections (27) · red hat openstack platform (5)
17ооо «ред софт»—
58 CVE7 critCVSS 6.8
NEWKEV 1Nuclei 1PoC 17
ред ос (58)
18ао «ивк»—
56 CVE3 critCVSS 5.8
NEWKEV 1PoC 10
альт 8 сп (51) · альт сп 10 (31) · альт рабочая станция к (1)
19npm—
47 CVE2 critCVSS 6.3
NEWNuclei 2PoC 10
papaparse (2) · serve-lite (2) · @builder.io/qwik (1)
20unisoc (shanghai) technologies co., ltd.—
39 CVECVSS 5.7
NEW
sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (39)
21jenkins—
38 CVE7 critCVSS 7.3
NEW
jira pipeline steps (4) · openid (3) · orka by macstadium (3)
22jenkins project—
38 CVE7 critCVSS 7.3
NEW
jenkins jira pipeline steps plugin (4) · jenkins orka by macstadium plugin (3) · jenkins testquality updater plugin (3)
23pypi—
38 CVE3 critCVSS 6.3
NEWNuclei 9PoC 12
pyload-ng (8) · apache-superset (7) · modoboa (5)
24go—
33 CVE2 critCVSS 6.7
NEWNuclei 3PoC 6
github.com/usememos/memos (6) · github.com/kubeoperator/kubepi (3) · www.velocidex.com/golang/velociraptor (2)
25adobe—
31 CVECVSS 7.1
NEWKEV 1PoC 1
acrobat reader dc (17) · acrobat dc (17) · acrobat reader (17)
26adobe systems inc.—
31 CVECVSS 7.2
NEWKEV 1PoC 1
adobe acrobat 2020 (16) · adobe acrobat document cloud (16) · adobe acrobat reader 2020 (16)
27lenovo group limited—
31 CVECVSS 5.8
NEW
sr645 (20) · sr665 (20) · sr635 (18)
28qualcomm—
30 CVE2 critCVSS 7.7
NEW
qca6574au firmware (27) · wsa8815 firmware (25) · qca6696 firmware (24)
29qualcomm, inc.—
30 CVE2 critCVSS 7.5
NEW
snapdragon (30)
30amd—
28 CVECVSS 6.3
NEW
3rd gen epyc (24) · epyc 7373x firmware (16) · epyc 7343 firmware (16)
31schneider electric—
28 CVE10 critCVSS 8.4
NEW
igss data server (igssdataserver.exe) (8) · interactive graphical scada system (8) · data center expert (4)
32schneider-electric—
28 CVE10 critCVSS 7.9
NEW
interactive graphical scada system (8) · data center expert (4) · conext combox firmware (3)
33ао «нтц ит роса»—
28 CVE6 critCVSS 7.6
NEWNuclei 1PoC 9
роса хром (17) · rosa virtualization 3.0 (9) · rosa virtualization (7)
34ibm—
27 CVECVSS 5.4
NEW
sterling b2b integrator (7) · sterling b2b integrator standard edition (6) · robotic process automation for cloud pak (6)
35sourcecodester—
27 CVECVSS 5.5
NEWNuclei 1PoC 21
online tours & travels management system (13) · online food ordering system (7) · online flight booking management system (3)
36hewlett packard enterprise (hpe)—
26 CVECVSS 7.4
NEW
aruba edgeconnect enterprise orchestration software (13) · aruba clearpass policy manager (11) · hpe officeconnect 1820 and 1850 switch series (1)
37juniper—
26 CVECVSS 6.9
NEWPoC 26
junos (23) · junos os evolved (8)
38juniper networks—
26 CVECVSS 6.9
NEWPoC 26
junos os (23) · junos os evolved (8)
39juniper networks inc.—
26 CVECVSS 6.9
NEWPoC 26
junos (23) · junos os evolved (8)
40advanced micro devices inc.—
25 CVECVSS 6.2
NEW
3rd gen amd epyc (23) · 2nd gen amd epyc (17) · 1st gen amd epyc (4)
41apache—
25 CVE6 critCVSS 7.4
NEWNuclei 1PoC 1
superset (7) · http server (3) · iotdb (2)
42apache software foundation—
25 CVE5 critCVSS 7.5
NEWNuclei 1PoC 1
apache superset (7) · http server (3) · apache http server (3)
43gpac—
25 CVECVSS 7.3
NEWPoC 10
gpac (25) · gpac/gpac (1)
44arubanetworks—
24 CVECVSS 7.4
NEW
aruba edgeconnect enterprise orchestrator (13) · clearpass policy manager (11)
45cisco—
24 CVE1 critCVSS 6.6
NEWPoC 22
cisco identity services engine software (4) · cisco small business rv series router firmware (4) · identity services engine (4)
46gitlab—
24 CVE1 critCVSS 5.5
NEWNuclei 2PoC 4
gitlab (23) · runner (1) · gitlab runner (1)
47debian—
23 CVE2 critCVSS 7.1
NEWKEV 1PoC 8
debian linux (23)
48mediatek, inc.—
23 CVE1 critCVSS 6.7
NEW
mt7603, mt7613, mt7615, mt7622, mt7628, mt7629, mt7915, mt7916, mt7981, mt7986 (2) · mt6879, mt6895, mt6983 (2) · mt6580, mt6731, mt6735, mt6737, mt6739, mt6753, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6853t, mt6855, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt6895, mt6983, mt8167, mt8168, mt8173, mt8185, mt8321, mt8362a, mt8365, mt8385, mt8666, mt8675, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791, mt8791t, mt8797 (2)
49google inc—
22 CVECVSS 7.7
NEWPoC 2
google chrome (21) · chrome os (1) · android (1)
50cisco systems inc.—
21 CVE1 critCVSS 6.2
NEWPoC 21
cisco identity services engine (4) · cisco industrial network director (2) · cisco small business rv016 (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	unknown	186	15	·	186	NEWNuclei 186PoC 179	welcart e-commerce (4) · letsrecover (3) · wp rss by publishers (3)	—
2	google	112	·	·	·	NEWPoC 3	android (84) · chrome (28) · chrome os (1)	—
3	microsoft corp	107	·	1	·	NEWKEV 1PoC 4	windows 11 22h2 (63) · windows 10 21h2 (62) · windows 10 20h2 (61)	—
4	microsoft	103	·	1	·	NEWKEV 1PoC 5	windows 11 version 22h2 (64) · windows 11 version 21h2 (64) · windows 10 version 21h2 (63)	—
5	сообщество свободного программного обеспечения	102	10	1	5	NEWKEV 1Nuclei 5PoC 33	debian gnu/linux (60) · linux (23) · vim (7)	—
6	insteon	82	80	·	·	NEWPoC 16	hub (82) · hub firmware (76) · insteon hub firmware (6)	—
7	oracle corp.	80	1	2	6	NEWKEV 2Nuclei 6PoC 2	mysql server (23) · e-business suite (12) · oracle exadata (7)	—
8	maven	78	15	·	2	NEWNuclei 2PoC 6	org.jenkins-ci.plugins:jira-steps (4) · io.jenkins.plugins:macstadium-orka (3) · org.jenkins-ci.plugins:testquality-updater (3)	—
9	ао "нппкт"	76	6	1	1	NEWKEV 1Nuclei 1PoC 20	осон основа оnyx (76)	—
10	oracle	74	1	1	6	NEWKEV 1Nuclei 6PoC 1	mysql server (14) · mysql (10) · vm virtualbox (6)	—
11	oracle corporation	74	1	1	6	NEWKEV 1Nuclei 6PoC 1	mysql server (24) · vm virtualbox (6) · weblogic server (5)	—
12	ооо «русбитех-астра»	66	6	1	1	NEWKEV 1Nuclei 1PoC 16	astra linux special edition (58) · astra linux common edition (11) · astra linux special edition для «эльбрус» (9)	—
13	packagist	65	6	·	6	NEWNuclei 6PoC 7	thorsten/phpmyfaq (9) · cakephp/cakephp (7) · froxlor/froxlor (6)	—
14	pdf-xchange	65	·	·	·	NEW	pdf-xchange editor (65)	—
15	siretta	64	43	·	·	NEWPoC 21	quartz-gold (64) · quartz-gold firmware (64)	—
16	red hat inc.	58	7	·	·	NEWPoC 10	red hat enterprise linux (47) · red hat software collections (27) · red hat openstack platform (5)	—
17	ооо «ред софт»	58	7	1	1	NEWKEV 1Nuclei 1PoC 17	ред ос (58)	—
18	ао «ивк»	56	3	1	·	NEWKEV 1PoC 10	альт 8 сп (51) · альт сп 10 (31) · альт рабочая станция к (1)	—
19	npm	47	2	·	2	NEWNuclei 2PoC 10	papaparse (2) · serve-lite (2) · @builder.io/qwik (1)	—
20	unisoc (shanghai) technologies co., ltd.	39	·	·	·	NEW	sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (39)	—
21	jenkins	38	7	·	·	NEW	jira pipeline steps (4) · openid (3) · orka by macstadium (3)	—
22	jenkins project	38	7	·	·	NEW	jenkins jira pipeline steps plugin (4) · jenkins orka by macstadium plugin (3) · jenkins testquality updater plugin (3)	—
23	pypi	38	3	·	9	NEWNuclei 9PoC 12	pyload-ng (8) · apache-superset (7) · modoboa (5)	—
24	go	33	2	·	3	NEWNuclei 3PoC 6	github.com/usememos/memos (6) · github.com/kubeoperator/kubepi (3) · www.velocidex.com/golang/velociraptor (2)	—
25	adobe	31	·	1	·	NEWKEV 1PoC 1	acrobat reader dc (17) · acrobat dc (17) · acrobat reader (17)	—
26	adobe systems inc.	31	·	1	·	NEWKEV 1PoC 1	adobe acrobat 2020 (16) · adobe acrobat document cloud (16) · adobe acrobat reader 2020 (16)	—
27	lenovo group limited	31	·	·	·	NEW	sr645 (20) · sr665 (20) · sr635 (18)	—
28	qualcomm	30	2	·	·	NEW	qca6574au firmware (27) · wsa8815 firmware (25) · qca6696 firmware (24)	—
29	qualcomm, inc.	30	2	·	·	NEW	snapdragon (30)	—
30	amd	28	·	·	·	NEW	3rd gen epyc (24) · epyc 7373x firmware (16) · epyc 7343 firmware (16)	—
31	schneider electric	28	10	·	·	NEW	igss data server (igssdataserver.exe) (8) · interactive graphical scada system (8) · data center expert (4)	—
32	schneider-electric	28	10	·	·	NEW	interactive graphical scada system (8) · data center expert (4) · conext combox firmware (3)	—
33	ао «нтц ит роса»	28	6	·	1	NEWNuclei 1PoC 9	роса хром (17) · rosa virtualization 3.0 (9) · rosa virtualization (7)	—
34	ibm	27	·	·	·	NEW	sterling b2b integrator (7) · sterling b2b integrator standard edition (6) · robotic process automation for cloud pak (6)	—
35	sourcecodester	27	·	·	1	NEWNuclei 1PoC 21	online tours & travels management system (13) · online food ordering system (7) · online flight booking management system (3)	—
36	hewlett packard enterprise (hpe)	26	·	·	·	NEW	aruba edgeconnect enterprise orchestration software (13) · aruba clearpass policy manager (11) · hpe officeconnect 1820 and 1850 switch series (1)	—
37	juniper	26	·	·	·	NEWPoC 26	junos (23) · junos os evolved (8)	—
38	juniper networks	26	·	·	·	NEWPoC 26	junos os (23) · junos os evolved (8)	—
39	juniper networks inc.	26	·	·	·	NEWPoC 26	junos (23) · junos os evolved (8)	—
40	advanced micro devices inc.	25	·	·	·	NEW	3rd gen amd epyc (23) · 2nd gen amd epyc (17) · 1st gen amd epyc (4)	—
41	apache	25	6	·	1	NEWNuclei 1PoC 1	superset (7) · http server (3) · iotdb (2)	—
42	apache software foundation	25	5	·	1	NEWNuclei 1PoC 1	apache superset (7) · http server (3) · apache http server (3)	—
43	gpac	25	·	·	·	NEWPoC 10	gpac (25) · gpac/gpac (1)	—
44	arubanetworks	24	·	·	·	NEW	aruba edgeconnect enterprise orchestrator (13) · clearpass policy manager (11)	—
45	cisco	24	1	·	·	NEWPoC 22	cisco identity services engine software (4) · cisco small business rv series router firmware (4) · identity services engine (4)	—
46	gitlab	24	1	·	2	NEWNuclei 2PoC 4	gitlab (23) · runner (1) · gitlab runner (1)	—
47	debian	23	2	1	·	NEWKEV 1PoC 8	debian linux (23)	—
48	mediatek, inc.	23	1	·	·	NEW	mt7603, mt7613, mt7615, mt7622, mt7628, mt7629, mt7915, mt7916, mt7981, mt7986 (2) · mt6879, mt6895, mt6983 (2) · mt6580, mt6731, mt6735, mt6737, mt6739, mt6753, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6853t, mt6855, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt6895, mt6983, mt8167, mt8168, mt8173, mt8185, mt8321, mt8362a, mt8365, mt8385, mt8666, mt8675, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791, mt8791t, mt8797 (2)	—
49	google inc	22	·	·	·	NEWPoC 2	google chrome (21) · chrome os (1) · android (1)	—
50	cisco systems inc.	21	1	·	·	NEWPoC 21	cisco identity services engine (4) · cisco industrial network director (2) · cisco small business rv016 (2)	—