month report

October 2023

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

October 2023 closed with 2,764 published CVEs. 372 criticals, 18 added to CISA KEV (5 ransomware-linked). google led volume, mostly via android. Top weakness class — CWE-79 (419 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

2,764

— MoM— YoY

Severity mix

372 / 925

critical / high

KEV added

5 ransomware-linked

Nuclei coverage

20.9%

577 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

870.5

n=577

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

n=18

Detection gap

KEV pressure, no Nuclei coverage

October 2023 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1apple inc.34 CVE

Weakness × Vendor

What's spreading where in October 2023

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#1google200 CVE
#2сообщество свободного программного обеспечения148 CVE
#3ооо «ред софт»116 CVE
#4microsoft corp111 CVE
#5microsoft107 CVE
#6ооо «русбитех-астра»97 CVE
#7ао «ивк»91 CVE
#8maven81 CVE
#9ао "нппкт"81 CVE
#10oracle corp.74 CVE

Top vendors

Ranked by distinct CVE count this period.

1google—
200 CVE4 critCVSS 6.3
NEW
android (184) · chrome (16)
2сообщество свободного программного обеспечения—
148 CVE13 critCVSS 6.7
NEWKEV 3Nuclei 6PoC 18
debian gnu/linux (95) · linux (20) · mediawiki (9)
3ооо «ред софт»—
116 CVE9 critCVSS 6.6
NEWKEV 3Nuclei 4PoC 13
ред ос (116)
4microsoft corp—
111 CVE4 critCVSS 7.5
NEWKEV 4Nuclei 2PoC 3
windows server 2022 (80) · windows server 2019 (79) · windows server 2019 (server core installation) (79)
5microsoft—
107 CVE3 critCVSS 7.4
NEWKEV 4Nuclei 2PoC 4
windows server 2022 (80) · windows server 2019 (79) · windows server 2019 (server core installation) (77)
6ооо «русбитех-астра»—
97 CVE5 critCVSS 6.5
NEWKEV 1Nuclei 2PoC 5
astra linux special edition (95) · astra linux common edition (9) · astra linux special edition для «эльбрус» (8)
7ао «ивк»—
91 CVE5 critCVSS 6.0
NEWKEV 2Nuclei 4PoC 9
альт 8 сп (69) · альт сп 10 (68) · альт рабочая станция к (2)
8maven—
81 CVE26 critCVSS 7.6
NEWKEV 2Nuclei 7PoC 16
com.liferay.portal:release.dxp.bom (7) · org.xwiki.platform:xwiki-platform-web-templates (4) · org.yamcs:yamcs (4)
9ао "нппкт"—
81 CVE8 critCVSS 6.7
NEWKEV 1Nuclei 3PoC 7
осон основа оnyx (81)
10oracle corp.—
74 CVE3 critCVSS 5.8
NEWPoC 1
mysql server (24) · weblogic server (7) · database server (6)
11oracle—
73 CVE3 critCVSS 5.7
NEWPoC 1
mysql (24) · weblogic server (6) · database server (6)
12oracle corporation—
73 CVE3 critCVSS 5.7
NEWPoC 1
mysql server (24) · weblogic server (6) · banking trade finance (5)
13ibm—
62 CVECVSS 5.4
NEW
security verify privilege on-premises (13) · security verify privilege (13) · db2 for linux, unix and windows (9)
14totolink—
59 CVE56 critCVSS 9.6
NEWNuclei 4PoC 26
x2000r firmware (24) · x6000r firmware (21) · x5000r firmware (4)
15fedoraproject—
57 CVE3 critCVSS 6.8
NEWKEV 3Nuclei 3PoC 11
fedora (57) · extra packages for enterprise linux (1)
16red hat inc.—
57 CVE3 critCVSS 6.5
NEWKEV 2Nuclei 4PoC 4
red hat enterprise linux (50) · red hat software collections (8) · red hat openshift container platform (4)
17unknown—
56 CVE2 critCVSS 6.1
NEWNuclei 55PoC 56
activitypub (4) · eventprime (4) · wordpress gallery plugin (3)
18packagist—
55 CVE2 critCVSS 6.5
NEWNuclei 3PoC 16
magento/community-edition (9) · magento/project-community-edition (9) · concrete5/concrete5 (7)
19ао «нтц ит роса»—
54 CVE3 critCVSS 6.5
NEWKEV 2Nuclei 4PoC 7
роса хром (27) · rosa virtualization 3.0 (24) · rosa virtualization (11)
20pypi—
53 CVE2 critCVSS 6.2
NEWNuclei 1PoC 4
apache-airflow (6) · vantage6 (4) · urllib3 (3)
21debian—
48 CVE4 critCVSS 6.8
NEWKEV 4Nuclei 5PoC 6
debian linux (48)
22go—
44 CVE1 critCVSS 6.9
NEWKEV 1Nuclei 1PoC 2
github.com/arduino/arduino-create-agent (4) · k8s.io/kubernetes (3) · github.com/nats-io/nats-server/v2 (3)
23netapp—
42 CVE2 critCVSS 6.5
NEWKEV 3Nuclei 3PoC 4
oncommand insight (27) · active iq unified manager (3) · cloud insights acquisition unit (3)
24red hat—
42 CVECVSS 6.4
NEWKEV 1Nuclei 1PoC 4
red hat enterprise linux 7 (29) · red hat enterprise linux 8 (27) · red hat enterprise linux 9 (27)
25apple—
41 CVECVSS 6.4
NEWKEV 2Nuclei 1PoC 1
macos (36) · ios and ipados (24) · ipados (24)
26redhat—
38 CVECVSS 7.1
NEWKEV 2Nuclei 2PoC 3
enterprise linux (27) · openshift container platform (6) · enterprise linux for ibm z systems (4)
27fortinet—
36 CVE5 critCVSS 7.1
NEWNuclei 1
fortiwlm (10) · fortianalyzer (7) · fortimanager (7)
28fortinet inc.—
35 CVE5 critCVSS 7.2
NEWNuclei 1
fortiwlm (10) · fortianalyzer (7) · fortimanager (7)
29apple inc.—
34 CVECVSS 6.4
NEWKEV 1
macos (31) · ios (22) · ipados (22)
30dlink—
33 CVE15 critCVSS 9.3
NEWNuclei 3PoC 16
dir-823g firmware (12) · di-7100g firmware (9) · di-7003g firmware (9)
31d-link corp.—
32 CVE15 critCVSS 9.3
NEWNuclei 3PoC 15
dir-823g (12) · di-7300g (9) · di-7003gv2 (9)
32idattend—
30 CVE11 critCVSS 8.2
NEW
idweb (30)
33idattend pty ltd—
30 CVE11 critCVSS 8.2
NEW
idweb (30)
34juniper—
30 CVECVSS 6.5
NEWPoC 30
junos (25) · junos os evolved (17)
35juniper networks—
30 CVECVSS 6.6
NEWPoC 30
junos os (25) · junos os evolved (15)
36juniper networks inc.—
30 CVECVSS 6.5
NEWPoC 30
junos (25) · junos os evolved (17)
37canonical ltd.—
29 CVE3 critCVSS 6.8
NEWKEV 2Nuclei 2PoC 3
ubuntu (28) · subiquity (1)
38npm—
27 CVE5 critCVSS 7.4
NEWNuclei 1PoC 6
@vrite/sdk (3) · tinymce (2) · browserify-sign (1)
39apache software foundation—
26 CVE3 critCVSS 6.9
NEWKEV 2Nuclei 4PoC 2
apache airflow (6) · airflow (6) · apache inlong (4)
40google inc—
26 CVECVSS 6.8
NEWKEV 1Nuclei 1PoC 1
google chrome (16) · android (5) · kubernetes (3)
41apache—
25 CVE3 critCVSS 7.1
NEWKEV 2Nuclei 4PoC 2
airflow (6) · tomcat (4) · inlong (4)
42ibm corp.—
24 CVECVSS 5.6
NEW
ibm db2 (9) · ibm db2 connect server (8) · ibm security verify governance (4)
43unisoc (shanghai) technologies co., ltd.—
24 CVECVSS 5.6
NEW
sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (10) · sc9863a (9) · t606/t612/t616 (2)
44siemens—
23 CVE2 critCVSS 7.2
NEWKEV 2Nuclei 2PoC 2
tecnomatix plant simulation v2201 (9) · tecnomatix (9) · tecnomatix plant simulation v2302 (9)
45gopiplus—
22 CVECVSS 8.1
NEWNuclei 22PoC 4
popup contact form (2) · image vertical reel scroll slideshow (2) · wp-tell-a-friend-popup-form (1)
46huawei—
22 CVE5 critCVSS 7.5
NEW
harmonyos (22) · emui (20)
47lenovo—
22 CVECVSS 6.7
NEW
thinkpad x13 gen 3 firmware (5) · thinkpad t14s gen 3 firmware (5) · thinkagile vx3530-g firmware (3)
48qualcomm—
22 CVE3 critCVSS 8.0
NEW
qca6696 firmware (20) · wcd9385 firmware (19) · wsa8815 firmware (19)
49qualcomm, inc.—
22 CVE3 critCVSS 8.0
NEW
snapdragon (22)
50fedora project—
21 CVECVSS 6.7
NEWKEV 2Nuclei 2PoC 4
fedora (21) · fedora epel (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	google	200	4	·	·	NEW	android (184) · chrome (16)	—
2	сообщество свободного программного обеспечения	148	13	3	6	NEWKEV 3Nuclei 6PoC 18	debian gnu/linux (95) · linux (20) · mediawiki (9)	—
3	ооо «ред софт»	116	9	3	4	NEWKEV 3Nuclei 4PoC 13	ред ос (116)	—
4	microsoft corp	111	4	4	2	NEWKEV 4Nuclei 2PoC 3	windows server 2022 (80) · windows server 2019 (79) · windows server 2019 (server core installation) (79)	—
5	microsoft	107	3	4	2	NEWKEV 4Nuclei 2PoC 4	windows server 2022 (80) · windows server 2019 (79) · windows server 2019 (server core installation) (77)	—
6	ооо «русбитех-астра»	97	5	1	2	NEWKEV 1Nuclei 2PoC 5	astra linux special edition (95) · astra linux common edition (9) · astra linux special edition для «эльбрус» (8)	—
7	ао «ивк»	91	5	2	4	NEWKEV 2Nuclei 4PoC 9	альт 8 сп (69) · альт сп 10 (68) · альт рабочая станция к (2)	—
8	maven	81	26	2	7	NEWKEV 2Nuclei 7PoC 16	com.liferay.portal:release.dxp.bom (7) · org.xwiki.platform:xwiki-platform-web-templates (4) · org.yamcs:yamcs (4)	—
9	ао "нппкт"	81	8	1	3	NEWKEV 1Nuclei 3PoC 7	осон основа оnyx (81)	—
10	oracle corp.	74	3	·	·	NEWPoC 1	mysql server (24) · weblogic server (7) · database server (6)	—
11	oracle	73	3	·	·	NEWPoC 1	mysql (24) · weblogic server (6) · database server (6)	—
12	oracle corporation	73	3	·	·	NEWPoC 1	mysql server (24) · weblogic server (6) · banking trade finance (5)	—
13	ibm	62	·	·	·	NEW	security verify privilege on-premises (13) · security verify privilege (13) · db2 for linux, unix and windows (9)	—
14	totolink	59	56	·	4	NEWNuclei 4PoC 26	x2000r firmware (24) · x6000r firmware (21) · x5000r firmware (4)	—
15	fedoraproject	57	3	3	3	NEWKEV 3Nuclei 3PoC 11	fedora (57) · extra packages for enterprise linux (1)	—
16	red hat inc.	57	3	2	4	NEWKEV 2Nuclei 4PoC 4	red hat enterprise linux (50) · red hat software collections (8) · red hat openshift container platform (4)	—
17	unknown	56	2	·	55	NEWNuclei 55PoC 56	activitypub (4) · eventprime (4) · wordpress gallery plugin (3)	—
18	packagist	55	2	·	3	NEWNuclei 3PoC 16	magento/community-edition (9) · magento/project-community-edition (9) · concrete5/concrete5 (7)	—
19	ао «нтц ит роса»	54	3	2	4	NEWKEV 2Nuclei 4PoC 7	роса хром (27) · rosa virtualization 3.0 (24) · rosa virtualization (11)	—
20	pypi	53	2	·	1	NEWNuclei 1PoC 4	apache-airflow (6) · vantage6 (4) · urllib3 (3)	—
21	debian	48	4	4	5	NEWKEV 4Nuclei 5PoC 6	debian linux (48)	—
22	go	44	1	1	1	NEWKEV 1Nuclei 1PoC 2	github.com/arduino/arduino-create-agent (4) · k8s.io/kubernetes (3) · github.com/nats-io/nats-server/v2 (3)	—
23	netapp	42	2	3	3	NEWKEV 3Nuclei 3PoC 4	oncommand insight (27) · active iq unified manager (3) · cloud insights acquisition unit (3)	—
24	red hat	42	·	1	1	NEWKEV 1Nuclei 1PoC 4	red hat enterprise linux 7 (29) · red hat enterprise linux 8 (27) · red hat enterprise linux 9 (27)	—
25	apple	41	·	2	1	NEWKEV 2Nuclei 1PoC 1	macos (36) · ios and ipados (24) · ipados (24)	—
26	redhat	38	·	2	2	NEWKEV 2Nuclei 2PoC 3	enterprise linux (27) · openshift container platform (6) · enterprise linux for ibm z systems (4)	—
27	fortinet	36	5	·	1	NEWNuclei 1	fortiwlm (10) · fortianalyzer (7) · fortimanager (7)	—
28	fortinet inc.	35	5	·	1	NEWNuclei 1	fortiwlm (10) · fortianalyzer (7) · fortimanager (7)	—
29	apple inc.	34	·	1	·	NEWKEV 1	macos (31) · ios (22) · ipados (22)	—
30	dlink	33	15	·	3	NEWNuclei 3PoC 16	dir-823g firmware (12) · di-7100g firmware (9) · di-7003g firmware (9)	—
31	d-link corp.	32	15	·	3	NEWNuclei 3PoC 15	dir-823g (12) · di-7300g (9) · di-7003gv2 (9)	—
32	idattend	30	11	·	·	NEW	idweb (30)	—
33	idattend pty ltd	30	11	·	·	NEW	idweb (30)	—
34	juniper	30	·	·	·	NEWPoC 30	junos (25) · junos os evolved (17)	—
35	juniper networks	30	·	·	·	NEWPoC 30	junos os (25) · junos os evolved (15)	—
36	juniper networks inc.	30	·	·	·	NEWPoC 30	junos (25) · junos os evolved (17)	—
37	canonical ltd.	29	3	2	2	NEWKEV 2Nuclei 2PoC 3	ubuntu (28) · subiquity (1)	—
38	npm	27	5	·	1	NEWNuclei 1PoC 6	@vrite/sdk (3) · tinymce (2) · browserify-sign (1)	—
39	apache software foundation	26	3	2	4	NEWKEV 2Nuclei 4PoC 2	apache airflow (6) · airflow (6) · apache inlong (4)	—
40	google inc	26	·	1	1	NEWKEV 1Nuclei 1PoC 1	google chrome (16) · android (5) · kubernetes (3)	—
41	apache	25	3	2	4	NEWKEV 2Nuclei 4PoC 2	airflow (6) · tomcat (4) · inlong (4)	—
42	ibm corp.	24	·	·	·	NEW	ibm db2 (9) · ibm db2 connect server (8) · ibm security verify governance (4)	—
43	unisoc (shanghai) technologies co., ltd.	24	·	·	·	NEW	sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (10) · sc9863a (9) · t606/t612/t616 (2)	—
44	siemens	23	2	2	2	NEWKEV 2Nuclei 2PoC 2	tecnomatix plant simulation v2201 (9) · tecnomatix (9) · tecnomatix plant simulation v2302 (9)	—
45	gopiplus	22	·	·	22	NEWNuclei 22PoC 4	popup contact form (2) · image vertical reel scroll slideshow (2) · wp-tell-a-friend-popup-form (1)	—
46	huawei	22	5	·	·	NEW	harmonyos (22) · emui (20)	—
47	lenovo	22	·	·	·	NEW	thinkpad x13 gen 3 firmware (5) · thinkpad t14s gen 3 firmware (5) · thinkagile vx3530-g firmware (3)	—
48	qualcomm	22	3	·	·	NEW	qca6696 firmware (20) · wcd9385 firmware (19) · wsa8815 firmware (19)	—
49	qualcomm, inc.	22	3	·	·	NEW	snapdragon (22)	—
50	fedora project	21	·	2	2	NEWKEV 2Nuclei 2PoC 4	fedora (21) · fedora epel (1)	—