month report

May 2023

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

May 2023 closed with 2,766 published CVEs. 259 criticals, 19 added to CISA KEV (1 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (462 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

2,766

— MoM— YoY

Severity mix

259 / 796

critical / high

KEV added

1 ransomware-linked

Nuclei coverage

16.2%

447 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

1025.5

n=447

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

n=8

Detection gap

KEV pressure, no Nuclei coverage

May 2023 · vendors with active exploitation listed by CISA but no public detection template.

KEV 2microsoft corp61 CVE
KEV 2microsoft56 CVE
KEV 1samsung32 CVE
KEV 1samsung mobile31 CVE

Weakness × Vendor

What's spreading where in May 2023

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#1сообщество свободного программного обеспечения149 CVE
#2google138 CVE
#3maven99 CVE
#4intel94 CVE
#5ооо «ред софт»92 CVE
#6ао "нппкт"88 CVE
#7unknown85 CVE
#8ооо «русбитех-астра»80 CVE
#9apple71 CVE
#10unisoc (shanghai) technologies co., ltd.66 CVE

Top vendors

Ranked by distinct CVE count this period.

1сообщество свободного программного обеспечения—
149 CVE11 critCVSS 7.1
NEWNuclei 2PoC 54
debian gnu/linux (92) · linux (25) · openemr (10)
2google—
138 CVE1 critCVSS 6.2
NEWNuclei 1PoC 4
android (106) · chrome (31) · web stories (1)
3maven—
99 CVE15 critCVSS 7.1
NEWKEV 2Nuclei 4PoC 5
com.liferay.portal:release.portal.bom (14) · org.apache.inlong:manager-service (8) · org.apache.inlong:manager-pojo (7)
4intel—
94 CVECVSS 5.9
NEW
server system d50tnp1mhcrac firmware (10) · server system d50tnp1mhcrlc firmware (10) · server system d50tnp2mfalac firmware (10)
5ооо «ред софт»—
92 CVE5 critCVSS 6.8
NEWKEV 1Nuclei 1PoC 40
ред ос (92)
6ао "нппкт"—
88 CVE3 critCVSS 6.8
NEWPoC 17
осон основа оnyx (88)
7unknown—
85 CVE7 critCVSS 6.3
NEWNuclei 83PoC 83
ai chatbot (5) · clock in portal- staff & attendance management (3) · product catalog feed by pixelyoursite (2)
8ооо «русбитех-астра»—
80 CVE1 critCVSS 6.6
NEWPoC 14
astra linux special edition (77) · astra linux special edition для «эльбрус» (4) · astra linux common edition (4)
9apple—
71 CVE4 critCVSS 6.5
NEWPoC 3
macos (64) · ipados (41) · iphone os (41)
10unisoc (shanghai) technologies co., ltd.—
66 CVECVSS 5.5
NEW
sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (66)
11microsoft corp—
61 CVE3 critCVSS 7.4
NEWKEV 2PoC 2
windows server 2019 (server core installation) (36) · windows server 2019 (36) · windows 10 20h2 (35)
12sourcecodester—
57 CVECVSS 5.5
NEWPoC 55
lost and found information system (12) · online exam system (8) · online computer and laptop store (5)
13microsoft—
56 CVE3 critCVSS 7.4
NEWKEV 2PoC 1
windows 11 21h2 (37) · windows server 2022 (37) · windows 11 version 21h2 (36)
14packagist—
51 CVE3 critCVSS 6.4
NEWNuclei 4PoC 14
pimcore/pimcore (11) · craftcms/cms (8) · thorsten/phpmyfaq (6)
15debian—
48 CVECVSS 6.4
NEWPoC 8
debian linux (48)
16fedoraproject—
45 CVE2 critCVSS 6.6
NEWNuclei 1PoC 9
fedora (45) · extra packages for enterprise linux (5)
17ао «ивк»—
38 CVE1 critCVSS 6.2
NEWPoC 8
альт 8 сп (31) · альт сп 10 (27)
18jenkins—
36 CVECVSS 5.8
NEW
code dx (5) · jenkins code dx plugin (5) · saml single sign on (5)
19go—
35 CVE4 critCVSS 5.8
NEWNuclei 1PoC 5
github.com/kyverno/kyverno (2) · github.com/sigstore/rekor (2) · github.com/pydio/cells (2)
20google inc—
33 CVECVSS 7.4
NEWPoC 4
google chrome (31) · chromeos flex (2) · chrome os (2)
21ibm—
32 CVE1 critCVSS 6.2
NEW
mq (5) · infosphere information server (4) · mq appliance (3)
22samsung—
32 CVECVSS 5.6
NEWKEV 1
android (21) · samsung blockchain keystore (6) · galaxy store (3)
23apache—
31 CVE10 critCVSS 7.9
NEWKEV 1Nuclei 1PoC 1
inlong (11) · streampark (3) · openmeetings (3)
24apache software foundation—
31 CVE10 critCVSS 7.8
NEWKEV 1Nuclei 1PoC 1
apache inlong (11) · inlong (6) · apache streampark (incubating) (3)
25jenkins project—
31 CVECVSS 6.1
NEW
jenkins saml single sign on(sso) plugin (6) · jenkins azure vm agents plugin (3) · jenkins appspider plugin (2)
26pypi—
31 CVE5 critCVSS 6.9
NEWNuclei 1PoC 5
vyper (5) · mlflow (3) · matrix-synapse (3)
27samsung mobile—
31 CVECVSS 5.9
NEWKEV 1
samsung mobile devices (21) · samsung blockchain keystore (6) · galaxy store (3)
28canonical ltd.—
29 CVE1 critCVSS 7.3
NEWPoC 26
ubuntu (29) · ubuntu-linux (1)
29cisco—
28 CVE1 critCVSS 8.5
NEWPoC 28
identity services engine (11) · cisco identity services engine software (11) · business 350-48t-4x firmware (9)
30cisco systems inc.—
28 CVE1 critCVSS 7.8
NEWPoC 28
cisco identity services engine (11) · business 250 series smart switches (9) · business 350 series managed switches (9)
31red hat inc.—
28 CVE4 critCVSS 7.5
NEWPoC 7
red hat enterprise linux (23) · red hat openstack platform (4) · red hat jboss core services (4)
32npm—
27 CVE4 critCVSS 7.3
NEWNuclei 2PoC 3
n8n (3) · vm2 (2) · ghost (2)
33amd—
26 CVE6 critCVSS 7.4
NEW
epyc 7443 firmware (14) · epyc 7413 firmware (14) · epyc 7543p firmware (14)
34oretnom23—
26 CVE3 critCVSS 6.3
NEWPoC 22
lost and found information system (12) · online computer and laptop store (6) · establishment billing management system (2)
35mediatek, inc.—
25 CVECVSS 5.7
NEW
mt6853, mt6853t, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt8183, mt8195 (4) · mt6580, mt6731, mt6735, mt6737, mt6739, mt6753, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6853t, mt6855, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt6895, mt6983, mt8185, mt8321, mt8385, mt8666, mt8667, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791, mt8791t, mt8797 (3) · mt6580, mt6731, mt6735, mt6737, mt6739, mt6753, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6853t, mt6855, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt6895, mt6983, mt8185, mt8321, mt8385, mt8666, mt8667, mt8673, mt8675, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791, mt8791t, mt8797 (2)
36openlinksw—
25 CVECVSS 7.5
NEWPoC 25
virtuoso (25)
37fedora project—
24 CVE2 critCVSS 7.2
NEWNuclei 1PoC 9
fedora (24)
38hewlett packard enterprise (hpe)—
24 CVE8 critCVSS 7.5
NEW
aruba access points running instantos and arubaos 10 (13) · aruba edgeconnect enterprise software (10) · hpe proliant rl300 gen11 (1)
39openlink software—
24 CVECVSS 7.5
NEWPoC 24
virtuoso-opensource (24)
40ао «нтц ит роса»—
24 CVE1 critCVSS 6.5
NEWPoC 8
роса хром (10) · rosa virtualization 3.0 (9) · rosa virtualization (7)
41redhat—
21 CVE2 critCVSS 7.3
NEWPoC 5
enterprise linux (18) · enterprise linux server aus (3) · enterprise linux eus (3)
42h3c—
20 CVE2 critCVSS 7.3
NEWNuclei 1PoC 3
magic r300-2100m firmware (17) · gr-1200w firmware (2) · magic r160 firmware (1)
43schweitzer engineering laboratories—
20 CVE2 critCVSS 5.1
NEW
sel-3560s (19) · sel-3350 (19) · sel-3505 (19)
44selinc—
20 CVE2 critCVSS 5.2
NEW
sel-3555 firmware (20) · sel-3350 firmware (20) · sel-3532 firmware (20)
45huawei—
19 CVE3 critCVSS 7.4
NEW
emui (17) · harmonyos (17)
46linux—
19 CVECVSS 6.5
NEWPoC 3
linux kernel (19)
47codesys—
18 CVECVSS 8.2
NEW
control for beaglebone sl (17) · control for empc-a\/imx6 sl (17) · control for iot2000 sl (17)
48codesys gmbh—
17 CVECVSS 8.3
NEW
codesys control for beaglebone sl (16) · codesys control for empc-a/imx6 sl (16) · codesys control for iot2000 sl (16)
49novell inc.—
17 CVE1 critCVSS 6.9
NEWPoC 4
suse linux enterprise server (14) · opensuse leap (13) · suse linux enterprise server for sap applications (13)
50schneider electric—
17 CVECVSS 8.4
NEW
modicon m262 (15) · hmiscu (15) · modicon lmc058 (15)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	сообщество свободного программного обеспечения	149	11	·	2	NEWNuclei 2PoC 54	debian gnu/linux (92) · linux (25) · openemr (10)	—
2	google	138	1	·	1	NEWNuclei 1PoC 4	android (106) · chrome (31) · web stories (1)	—
3	maven	99	15	2	4	NEWKEV 2Nuclei 4PoC 5	com.liferay.portal:release.portal.bom (14) · org.apache.inlong:manager-service (8) · org.apache.inlong:manager-pojo (7)	—
4	intel	94	·	·	·	NEW	server system d50tnp1mhcrac firmware (10) · server system d50tnp1mhcrlc firmware (10) · server system d50tnp2mfalac firmware (10)	—
5	ооо «ред софт»	92	5	1	1	NEWKEV 1Nuclei 1PoC 40	ред ос (92)	—
6	ао "нппкт"	88	3	·	·	NEWPoC 17	осон основа оnyx (88)	—
7	unknown	85	7	·	83	NEWNuclei 83PoC 83	ai chatbot (5) · clock in portal- staff & attendance management (3) · product catalog feed by pixelyoursite (2)	—
8	ооо «русбитех-астра»	80	1	·	·	NEWPoC 14	astra linux special edition (77) · astra linux special edition для «эльбрус» (4) · astra linux common edition (4)	—
9	apple	71	4	·	·	NEWPoC 3	macos (64) · ipados (41) · iphone os (41)	—
10	unisoc (shanghai) technologies co., ltd.	66	·	·	·	NEW	sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (66)	—
11	microsoft corp	61	3	2	·	NEWKEV 2PoC 2	windows server 2019 (server core installation) (36) · windows server 2019 (36) · windows 10 20h2 (35)	—
12	sourcecodester	57	·	·	·	NEWPoC 55	lost and found information system (12) · online exam system (8) · online computer and laptop store (5)	—
13	microsoft	56	3	2	·	NEWKEV 2PoC 1	windows 11 21h2 (37) · windows server 2022 (37) · windows 11 version 21h2 (36)	—
14	packagist	51	3	·	4	NEWNuclei 4PoC 14	pimcore/pimcore (11) · craftcms/cms (8) · thorsten/phpmyfaq (6)	—
15	debian	48	·	·	·	NEWPoC 8	debian linux (48)	—
16	fedoraproject	45	2	·	1	NEWNuclei 1PoC 9	fedora (45) · extra packages for enterprise linux (5)	—
17	ао «ивк»	38	1	·	·	NEWPoC 8	альт 8 сп (31) · альт сп 10 (27)	—
18	jenkins	36	·	·	·	NEW	code dx (5) · jenkins code dx plugin (5) · saml single sign on (5)	—
19	go	35	4	·	1	NEWNuclei 1PoC 5	github.com/kyverno/kyverno (2) · github.com/sigstore/rekor (2) · github.com/pydio/cells (2)	—
20	google inc	33	·	·	·	NEWPoC 4	google chrome (31) · chromeos flex (2) · chrome os (2)	—
21	ibm	32	1	·	·	NEW	mq (5) · infosphere information server (4) · mq appliance (3)	—
22	samsung	32	·	1	·	NEWKEV 1	android (21) · samsung blockchain keystore (6) · galaxy store (3)	—
23	apache	31	10	1	1	NEWKEV 1Nuclei 1PoC 1	inlong (11) · streampark (3) · openmeetings (3)	—
24	apache software foundation	31	10	1	1	NEWKEV 1Nuclei 1PoC 1	apache inlong (11) · inlong (6) · apache streampark (incubating) (3)	—
25	jenkins project	31	·	·	·	NEW	jenkins saml single sign on(sso) plugin (6) · jenkins azure vm agents plugin (3) · jenkins appspider plugin (2)	—
26	pypi	31	5	·	1	NEWNuclei 1PoC 5	vyper (5) · mlflow (3) · matrix-synapse (3)	—
27	samsung mobile	31	·	1	·	NEWKEV 1	samsung mobile devices (21) · samsung blockchain keystore (6) · galaxy store (3)	—
28	canonical ltd.	29	1	·	·	NEWPoC 26	ubuntu (29) · ubuntu-linux (1)	—
29	cisco	28	1	·	·	NEWPoC 28	identity services engine (11) · cisco identity services engine software (11) · business 350-48t-4x firmware (9)	—
30	cisco systems inc.	28	1	·	·	NEWPoC 28	cisco identity services engine (11) · business 250 series smart switches (9) · business 350 series managed switches (9)	—
31	red hat inc.	28	4	·	·	NEWPoC 7	red hat enterprise linux (23) · red hat openstack platform (4) · red hat jboss core services (4)	—
32	npm	27	4	·	2	NEWNuclei 2PoC 3	n8n (3) · vm2 (2) · ghost (2)	—
33	amd	26	6	·	·	NEW	epyc 7443 firmware (14) · epyc 7413 firmware (14) · epyc 7543p firmware (14)	—
34	oretnom23	26	3	·	·	NEWPoC 22	lost and found information system (12) · online computer and laptop store (6) · establishment billing management system (2)	—
35	mediatek, inc.	25	·	·	·	NEW	mt6853, mt6853t, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt8183, mt8195 (4) · mt6580, mt6731, mt6735, mt6737, mt6739, mt6753, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6853t, mt6855, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt6895, mt6983, mt8185, mt8321, mt8385, mt8666, mt8667, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791, mt8791t, mt8797 (3) · mt6580, mt6731, mt6735, mt6737, mt6739, mt6753, mt6757, mt6757c, mt6757cd, mt6757ch, mt6761, mt6762, mt6763, mt6765, mt6768, mt6769, mt6771, mt6779, mt6781, mt6785, mt6789, mt6833, mt6853, mt6853t, mt6855, mt6873, mt6875, mt6877, mt6879, mt6883, mt6885, mt6889, mt6891, mt6893, mt6895, mt6983, mt8185, mt8321, mt8385, mt8666, mt8667, mt8673, mt8675, mt8765, mt8766, mt8768, mt8781, mt8786, mt8788, mt8789, mt8791, mt8791t, mt8797 (2)	—
36	openlinksw	25	·	·	·	NEWPoC 25	virtuoso (25)	—
37	fedora project	24	2	·	1	NEWNuclei 1PoC 9	fedora (24)	—
38	hewlett packard enterprise (hpe)	24	8	·	·	NEW	aruba access points running instantos and arubaos 10 (13) · aruba edgeconnect enterprise software (10) · hpe proliant rl300 gen11 (1)	—
39	openlink software	24	·	·	·	NEWPoC 24	virtuoso-opensource (24)	—
40	ао «нтц ит роса»	24	1	·	·	NEWPoC 8	роса хром (10) · rosa virtualization 3.0 (9) · rosa virtualization (7)	—
41	redhat	21	2	·	·	NEWPoC 5	enterprise linux (18) · enterprise linux server aus (3) · enterprise linux eus (3)	—
42	h3c	20	2	·	1	NEWNuclei 1PoC 3	magic r300-2100m firmware (17) · gr-1200w firmware (2) · magic r160 firmware (1)	—
43	schweitzer engineering laboratories	20	2	·	·	NEW	sel-3560s (19) · sel-3350 (19) · sel-3505 (19)	—
44	selinc	20	2	·	·	NEW	sel-3555 firmware (20) · sel-3350 firmware (20) · sel-3532 firmware (20)	—
45	huawei	19	3	·	·	NEW	emui (17) · harmonyos (17)	—
46	linux	19	·	·	·	NEWPoC 3	linux kernel (19)	—
47	codesys	18	·	·	·	NEW	control for beaglebone sl (17) · control for empc-a\/imx6 sl (17) · control for iot2000 sl (17)	—
48	codesys gmbh	17	·	·	·	NEW	codesys control for beaglebone sl (16) · codesys control for empc-a/imx6 sl (16) · codesys control for iot2000 sl (16)	—
49	novell inc.	17	1	·	·	NEWPoC 4	suse linux enterprise server (14) · opensuse leap (13) · suse linux enterprise server for sap applications (13)	—
50	schneider electric	17	·	·	·	NEW	modicon m262 (15) · hmiscu (15) · modicon lmc058 (15)	—