month report

March 2023

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

March 2023 closed with 2,798 published CVEs. 286 criticals, 18 added to CISA KEV (2 ransomware-linked). google led volume, mostly via android. Top weakness class — CWE-79 (367 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

2,798

— MoM— YoY

Severity mix

286 / 893

critical / high

KEV added

2 ransomware-linked

Nuclei coverage

11.5%

322 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

1085.3

n=322

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

n=13

Detection gap

KEV pressure, no Nuclei coverage

March 2023 · vendors with active exploitation listed by CISA but no public detection template.

KEV 2microsoft corp83 CVE
KEV 2microsoft75 CVE
KEV 1google244 CVE
KEV 1linux44 CVE
KEV 1google inc42 CVE
KEV 1debian35 CVE
KEV 1redhat26 CVE

Weakness × Vendor

What's spreading where in March 2023

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#1google244 CVE
#2сообщество свободного программного обеспечения162 CVE
#3ао "нппкт"117 CVE
#4ооо «ред софт»114 CVE
#5ооо «русбитех-астра»112 CVE
#6adobe106 CVE
#7adobe systems inc.106 CVE
#8sourcecodester105 CVE
#9packagist99 CVE
#10microsoft corp83 CVE

Top vendors

Ranked by distinct CVE count this period.

1google—
244 CVE9 critCVSS 6.5
NEWKEV 1PoC 7
android (191) · chrome (31) · tensorflow (21)
2сообщество свободного программного обеспечения—
162 CVE7 critCVSS 6.9
NEWKEV 1Nuclei 4PoC 42
debian gnu/linux (114) · linux (44) · webkitgtk (5)
3ао "нппкт"—
117 CVE6 critCVSS 6.7
NEWKEV 1Nuclei 1PoC 24
осон основа оnyx (117)
4ооо «ред софт»—
114 CVE8 critCVSS 6.7
NEWKEV 3Nuclei 4PoC 21
ред ос (114)
5ооо «русбитех-астра»—
112 CVE5 critCVSS 6.9
NEWKEV 1Nuclei 1PoC 25
astra linux special edition (110) · astra linux special edition для «эльбрус» (17) · astra linux common edition (4)
6adobe—
106 CVE1 critCVSS 6.7
NEWKEV 2Nuclei 1PoC 1
dimension (58) · experience manager cloud service (18) · experience manager (18)
7adobe systems inc.—
106 CVE1 critCVSS 6.8
NEWKEV 2Nuclei 1PoC 1
dimension (58) · adobe experience manager (18) · substance 3d stager (16)
8sourcecodester—
105 CVECVSS 5.4
NEWPoC 74
automatic question paper generator system (7) · student study center desk management system (7) · young entrepreneur e-negosyo system (7)
9packagist—
99 CVE19 critCVSS 6.7
NEWNuclei 8PoC 23
pimcore/pimcore (24) · moodle/moodle (22) · funadmin/funadmin (8)
10microsoft corp—
83 CVE4 critCVSS 7.6
NEWKEV 2PoC 3
windows 11 22h2 (52) · windows server 2022 (52) · windows server 2022 (server core installation) (52)
11unknown—
79 CVE2 critCVSS 6.2
NEWNuclei 79PoC 79
wp oauth server (oauth authentication) (2) · wp meta seo (2) · wordpress shortcodes plugin — shortcodes ultimate (2)
12maven—
77 CVE14 critCVSS 7.2
NEWNuclei 4PoC 16
org.jenkins-ci.main:jenkins-core (7) · org.jenkinsci.plugins:octoperf (5) · org.jeecgframework.boot:jeecg-boot-parent (3)
13go—
75 CVE3 critCVSS 6.1
NEWKEV 1Nuclei 2PoC 11
github.com/answerdev/answer (18) · github.com/grafana/grafana (5) · github.com/mattermost/mattermost-server/v6 (4)
14microsoft—
75 CVE4 critCVSS 7.6
NEWKEV 2PoC 3
windows server 2022 (52) · windows 11 version 22h2 (52) · windows 11 22h2 (52)
15ао «ивк»—
60 CVE3 critCVSS 6.6
NEWNuclei 1PoC 16
альт 8 сп (51) · альт сп 10 (31)
16pypi—
50 CVE4 critCVSS 7.2
NEWNuclei 2PoC 5
tensorflow-cpu (21) · tensorflow (21) · tensorflow-gpu (18)
17ао «нтц ит роса»—
49 CVE4 critCVSS 6.9
NEWKEV 1Nuclei 1PoC 11
rosa virtualization 3.0 (23) · роса хром (22) · rosa virtualization (12)
18red hat inc.—
48 CVE1 critCVSS 6.9
NEWNuclei 1PoC 13
red hat enterprise linux (41) · jboss core services (5) · red hat openshift container platform (5)
19fedoraproject—
44 CVE3 critCVSS 6.9
NEWPoC 11
fedora (44) · extra packages for enterprise linux (2)
20linux—
44 CVECVSS 6.3
NEWKEV 1PoC 6
linux kernel (44) · kernel (1)
21google inc—
42 CVE3 critCVSS 6.7
NEWKEV 1PoC 6
google chrome (31) · android (7) · angular (3)
22fedora project—
37 CVE1 critCVSS 7.3
NEWPoC 8
fedora (37)
23npm—
36 CVE5 critCVSS 7.1
NEWNuclei 1PoC 4
directus (4) · vega (3) · angular (3)
24debian—
35 CVE7 critCVSS 7.2
NEWKEV 1PoC 13
debian linux (34) · debmany (1)
25ibm—
31 CVE2 critCVSS 5.7
NEWPoC 1
security key lifecycle manager (7) · aspera faspex (4) · financial transaction manager (4)
26dlink—
30 CVE3 critCVSS 8.1
NEWKEV 1Nuclei 3PoC 3
dir-1935 firmware (15) · dir-825\/ee firmware (6) · dir-825\/ac firmware (6)
27bentley—
29 CVECVSS 7.4
NEW
microstation (28) · view (28) · microstation connect (23)
28mediatek, inc.—
29 CVECVSS 6.0
NEW
mt6879, mt6895, mt6983, mt8321, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791t, mt8797 (3) · mt6580, mt6735, mt6739, mt6761, mt6763, mt6765, mt6768, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6855, mt6873, mt6885, mt6893, mt6895, mt6983, mt8167, mt8168, mt8666, mt8675 (3) · mt6879, mt6895, mt6983, mt8791, mt8791t, mt8797 (2)
29novell inc.—
29 CVE2 critCVSS 7.0
NEWNuclei 1PoC 9
suse linux enterprise server (19) · suse linux enterprise server for sap applications (16) · suse linux enterprise desktop (16)
30cisco—
28 CVE2 critCVSS 7.7
NEWPoC 28
ios xe (12) · cisco ios xe software (8) · cisco aironet access point software (3)
31cisco systems inc.—
28 CVE2 critCVSS 7.1
NEWPoC 28
cisco ios xe (12) · adaptive security appliance (2) · cisco ios (2)
32pdf-xchange—
28 CVECVSS 7.0
NEW
pdf-xchange editor (28)
33jenkins—
26 CVE4 critCVSS 6.9
NEWPoC 6
jenkins (7) · octoperf load testing (5) · convert to pipeline (2)
34jenkins project—
26 CVE4 critCVSS 6.9
NEWPoC 6
jenkins (7) · jenkins octoperf load testing plugin plugin (5) · jenkins convert to pipeline plugin (2)
35redhat—
26 CVECVSS 7.2
NEWKEV 1PoC 2
enterprise linux (17) · openshift container platform (4) · enterprise linux server (3)
36qualcomm—
25 CVE2 critCVSS 7.8
NEW
wsa8835 firmware (25) · wsa8830 firmware (25) · wcd9385 firmware (24)
37qualcomm, inc.—
25 CVE2 critCVSS 7.8
NEW
snapdragon (25)
38samsung—
25 CVE1 critCVSS 7.2
NEWPoC 6
android (10) · exynos modem 5123 firmware (9) · exynos modem 5300 firmware (9)
39dell—
24 CVECVSS 7.4
NEW
r830 firmware (18) · c4130 firmware (18) · c4140 firmware (18)
40d-link corp.—
24 CVE3 critCVSS 7.8
NEWKEV 1Nuclei 3PoC 3
dir-1935 (15) · dir820la1 (3) · dir-820l a1 (2)
41foxit—
24 CVECVSS 7.0
NEW
pdf editor (24) · pdf reader (24)
42unisoc (shanghai) technologies co., ltd.—
24 CVECVSS 5.6
NEW
sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (24)
43d-link—
23 CVECVSS 7.8
NEW
dir-1935 (15) · dir-825 (6) · dir-2150 (1)
44moodle—
22 CVE4 critCVSS 6.6
NEWNuclei 2
moodle (22)
45sap—
22 CVE5 critCVSS 7.6
NEWNuclei 3
netweaver application server abap (6) · businessobjects business intelligence platform (web services) (3) · netweaver as for abap and abap platform (3)
46tensorflow—
21 CVE1 critCVSS 7.5
NEWPoC 2
tensorflow (21)
47huawei—
20 CVE3 critCVSS 7.5
NEW
emui (20) · harmonyos (20)
48canonical ltd.—
19 CVECVSS 6.4
NEWPoC 4
ubuntu (19)
49crates.io—
19 CVE2 critCVSS 7.4
NEW
openssl (3) · comrak (3) · cranelift-codegen (2)
50netgear—
19 CVE4 critCVSS 8.6
NEWPoC 1
rax30 firmware (8) · r6700v3 (7) · r6700 firmware (7)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	google	244	9	1	·	NEWKEV 1PoC 7	android (191) · chrome (31) · tensorflow (21)	—
2	сообщество свободного программного обеспечения	162	7	1	4	NEWKEV 1Nuclei 4PoC 42	debian gnu/linux (114) · linux (44) · webkitgtk (5)	—
3	ао "нппкт"	117	6	1	1	NEWKEV 1Nuclei 1PoC 24	осон основа оnyx (117)	—
4	ооо «ред софт»	114	8	3	4	NEWKEV 3Nuclei 4PoC 21	ред ос (114)	—
5	ооо «русбитех-астра»	112	5	1	1	NEWKEV 1Nuclei 1PoC 25	astra linux special edition (110) · astra linux special edition для «эльбрус» (17) · astra linux common edition (4)	—
6	adobe	106	1	2	1	NEWKEV 2Nuclei 1PoC 1	dimension (58) · experience manager cloud service (18) · experience manager (18)	—
7	adobe systems inc.	106	1	2	1	NEWKEV 2Nuclei 1PoC 1	dimension (58) · adobe experience manager (18) · substance 3d stager (16)	—
8	sourcecodester	105	·	·	·	NEWPoC 74	automatic question paper generator system (7) · student study center desk management system (7) · young entrepreneur e-negosyo system (7)	—
9	packagist	99	19	·	8	NEWNuclei 8PoC 23	pimcore/pimcore (24) · moodle/moodle (22) · funadmin/funadmin (8)	—
10	microsoft corp	83	4	2	·	NEWKEV 2PoC 3	windows 11 22h2 (52) · windows server 2022 (52) · windows server 2022 (server core installation) (52)	—
11	unknown	79	2	·	79	NEWNuclei 79PoC 79	wp oauth server (oauth authentication) (2) · wp meta seo (2) · wordpress shortcodes plugin — shortcodes ultimate (2)	—
12	maven	77	14	·	4	NEWNuclei 4PoC 16	org.jenkins-ci.main:jenkins-core (7) · org.jenkinsci.plugins:octoperf (5) · org.jeecgframework.boot:jeecg-boot-parent (3)	—
13	go	75	3	1	2	NEWKEV 1Nuclei 2PoC 11	github.com/answerdev/answer (18) · github.com/grafana/grafana (5) · github.com/mattermost/mattermost-server/v6 (4)	—
14	microsoft	75	4	2	·	NEWKEV 2PoC 3	windows server 2022 (52) · windows 11 version 22h2 (52) · windows 11 22h2 (52)	—
15	ао «ивк»	60	3	·	1	NEWNuclei 1PoC 16	альт 8 сп (51) · альт сп 10 (31)	—
16	pypi	50	4	·	2	NEWNuclei 2PoC 5	tensorflow-cpu (21) · tensorflow (21) · tensorflow-gpu (18)	—
17	ао «нтц ит роса»	49	4	1	1	NEWKEV 1Nuclei 1PoC 11	rosa virtualization 3.0 (23) · роса хром (22) · rosa virtualization (12)	—
18	red hat inc.	48	1	·	1	NEWNuclei 1PoC 13	red hat enterprise linux (41) · jboss core services (5) · red hat openshift container platform (5)	—
19	fedoraproject	44	3	·	·	NEWPoC 11	fedora (44) · extra packages for enterprise linux (2)	—
20	linux	44	·	1	·	NEWKEV 1PoC 6	linux kernel (44) · kernel (1)	—
21	google inc	42	3	1	·	NEWKEV 1PoC 6	google chrome (31) · android (7) · angular (3)	—
22	fedora project	37	1	·	·	NEWPoC 8	fedora (37)	—
23	npm	36	5	·	1	NEWNuclei 1PoC 4	directus (4) · vega (3) · angular (3)	—
24	debian	35	7	1	·	NEWKEV 1PoC 13	debian linux (34) · debmany (1)	—
25	ibm	31	2	·	·	NEWPoC 1	security key lifecycle manager (7) · aspera faspex (4) · financial transaction manager (4)	—
26	dlink	30	3	1	3	NEWKEV 1Nuclei 3PoC 3	dir-1935 firmware (15) · dir-825\/ee firmware (6) · dir-825\/ac firmware (6)	—
27	bentley	29	·	·	·	NEW	microstation (28) · view (28) · microstation connect (23)	—
28	mediatek, inc.	29	·	·	·	NEW	mt6879, mt6895, mt6983, mt8321, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791t, mt8797 (3) · mt6580, mt6735, mt6739, mt6761, mt6763, mt6765, mt6768, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6855, mt6873, mt6885, mt6893, mt6895, mt6983, mt8167, mt8168, mt8666, mt8675 (3) · mt6879, mt6895, mt6983, mt8791, mt8791t, mt8797 (2)	—
29	novell inc.	29	2	·	1	NEWNuclei 1PoC 9	suse linux enterprise server (19) · suse linux enterprise server for sap applications (16) · suse linux enterprise desktop (16)	—
30	cisco	28	2	·	·	NEWPoC 28	ios xe (12) · cisco ios xe software (8) · cisco aironet access point software (3)	—
31	cisco systems inc.	28	2	·	·	NEWPoC 28	cisco ios xe (12) · adaptive security appliance (2) · cisco ios (2)	—
32	pdf-xchange	28	·	·	·	NEW	pdf-xchange editor (28)	—
33	jenkins	26	4	·	·	NEWPoC 6	jenkins (7) · octoperf load testing (5) · convert to pipeline (2)	—
34	jenkins project	26	4	·	·	NEWPoC 6	jenkins (7) · jenkins octoperf load testing plugin plugin (5) · jenkins convert to pipeline plugin (2)	—
35	redhat	26	·	1	·	NEWKEV 1PoC 2	enterprise linux (17) · openshift container platform (4) · enterprise linux server (3)	—
36	qualcomm	25	2	·	·	NEW	wsa8835 firmware (25) · wsa8830 firmware (25) · wcd9385 firmware (24)	—
37	qualcomm, inc.	25	2	·	·	NEW	snapdragon (25)	—
38	samsung	25	1	·	·	NEWPoC 6	android (10) · exynos modem 5123 firmware (9) · exynos modem 5300 firmware (9)	—
39	dell	24	·	·	·	NEW	r830 firmware (18) · c4130 firmware (18) · c4140 firmware (18)	—
40	d-link corp.	24	3	1	3	NEWKEV 1Nuclei 3PoC 3	dir-1935 (15) · dir820la1 (3) · dir-820l a1 (2)	—
41	foxit	24	·	·	·	NEW	pdf editor (24) · pdf reader (24)	—
42	unisoc (shanghai) technologies co., ltd.	24	·	·	·	NEW	sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (24)	—
43	d-link	23	·	·	·	NEW	dir-1935 (15) · dir-825 (6) · dir-2150 (1)	—
44	moodle	22	4	·	2	NEWNuclei 2	moodle (22)	—
45	sap	22	5	·	3	NEWNuclei 3	netweaver application server abap (6) · businessobjects business intelligence platform (web services) (3) · netweaver as for abap and abap platform (3)	—
46	tensorflow	21	1	·	·	NEWPoC 2	tensorflow (21)	—
47	huawei	20	3	·	·	NEW	emui (20) · harmonyos (20)	—
48	canonical ltd.	19	·	·	·	NEWPoC 4	ubuntu (19)	—
49	crates.io	19	2	·	·	NEW	openssl (3) · comrak (3) · cranelift-codegen (2)	—
50	netgear	19	4	·	·	NEWPoC 1	rax30 firmware (8) · r6700v3 (7) · r6700 firmware (7)	—