month report
November 2023
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
November 2023 closed with 2,560 published CVEs. 300 criticals, 18 added to CISA KEV (3 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (418 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
2,560
— MoM— YoY
Severity mix
300 / 783
critical / high
KEV added
18
3 ransomware-linked
Nuclei coverage
25.4%
651 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
843.0
n=651
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
4
n=10
Detection gap
KEV pressure, no Nuclei coverage
November 2023 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 5microsoft70 CVE
- KEV 4microsoft corp79 CVE
- KEV 3ао "нппкт"88 CVE
- KEV 3debian36 CVE
- KEV 1ооо «ред софт»130 CVE
- KEV 1ооо «русбитех-астра»75 CVE
- KEV 1google71 CVE
- KEV 1google inc26 CVE
Weakness × Vendor
What's spreading where in November 2023
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS352CSRF89SQL Injection787Out-of-bounds Write200Information Exposure125Out-of-bounds Read20Improper Input Validation22Path Traversal284CWE-284416Use After Freeсообщество свободного программного обеспечения74292423125ооо «ред софт»91101422224intel1333125161ао "нппкт"3166221microsoft corp52125110adobe1210344118adobe systems inc.121033418ооо «русбитех-астра»243122google1111311microsoft5212513packagist18116128maven1351445
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #17red hat44 CVE
- #23unisoc (shanghai) technologies co., ltd.34 CVE
- #28projectworlds pvt. limited29 CVE
- #32lenovo26 CVE
- #33projectworlds24 CVE
- #36qualcomm23 CVE
- #37qualcomm, inc.23 CVE
- #39amd21 CVE
- #41siemens19 CVE
- #43siemens ag18 CVE
Top vendors
Ranked by distinct CVE count this period.
- 134 CVE19 critCVSS 6.9KEV 1Nuclei 4PoC 25debian gnu/linux (42) · linux (29) · gpac (10)
- 130 CVE7 critCVSS 6.6KEV 1PoC 26ред ос (130)
- 100 CVE1 critCVSS 4.8PoC 1unison software (22) · aptio v uefi firmware integrator tools (9) · iris xe graphics (6)
- 88 CVE6 critCVSS 6.9KEV 3PoC 7осон основа оnyx (88)
- 79 CVE2 critCVSS 7.7KEV 4PoC 7windows 11 22h2 (29) · windows server 2022 (29) · windows server 2022 (server core installation) (29)
- 77 CVE4 critCVSS 6.6Nuclei 3acrobat (17) · acrobat dc (17) · acrobat reader dc (17)
- 75 CVE4 critCVSS 6.6Nuclei 2adobe acrobat 2020 (17) · adobe acrobat document cloud (17) · adobe acrobat reader 2020 (17)
- 75 CVE4 critCVSS 7.2KEV 1PoC 7astra linux special edition (74) · astra linux common edition (7) · astra linux special edition для «эльбрус» (2)
- 71 CVE6 critCVSS 7.0KEV 1PoC 4android (49) · chrome (22)
- 70 CVE3 critCVSS 7.7KEV 5PoC 5windows server 2022 (31) · windows 11 22h2 (29) · windows server 2022, 23h2 edition (server core installation) (29)
- 67 CVE4 critCVSS 6.1Nuclei 4PoC 14moodle/moodle (12) · symfony/symfony (3) · librenms/librenms (3)
- 65 CVE14 critCVSS 7.0Nuclei 5PoC 7org.opencrx:opencrx-core-models (8) · com.xuxueli:xxl-job-admin (3) · org.jenkins-ci.plugins:matlab (3)
- 62 CVE3 critCVSS 6.0KEV 3Nuclei 1PoC 3fedora (62) · extra packages for enterprise linux (10)
- 54 CVE10 critCVSS 7.1Nuclei 9PoC 10apache-superset (7) · aiohttp (5) · ray (4)
- 54 CVE2 critCVSS 6.1PoC 2альт сп 10 (45) · альт 8 сп (22)
- 52 CVE8 critCVSS 6.2Nuclei 52PoC 51seraphinite accelerator (3) · wp hotel booking (3) · awesome support (3)
- 44 CVE2 critCVSS 7.0NEWPoC 2red hat enterprise linux 8 (37) · red hat enterprise linux 7 (36) · red hat enterprise linux 9 (36)
- 39 CVE1 critCVSS 6.1PoC 39firepower threat defense (17) · cisco firepower threat defense software (17) · secure firewall management center (10)
- 37 CVE3 critCVSS 5.6Nuclei 1PoC 5github.com/mattermost/mattermost/server/v8 (12) · github.com/mattermost/mattermost-server/v6 (12) · github.com/projectcapsule/capsule-proxy (2)
- 37 CVE2 critCVSS 7.1Nuclei 1PoC 1enterprise linux (30) · enterprise linux eus (8) · enterprise linux for power little endian (5)
- 36 CVE2 critCVSS 7.6KEV 3PoC 3debian linux (36)
- 34 CVE1 critCVSS 6.2PoC 34firepower threat defense (13) · cisco firepower management center (10) · cisco identity services engine (6)
- 34 CVECVSS 5.4NEWsc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (31) · t760/t770/t820/s8000 (2) · sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618 (1)
- 33 CVE1 critCVSS 6.8PoC 4red hat enterprise linux (24) · red hat storage (5) · red hat software collections (3)
- 33 CVECVSS 6.4PoC 1android (13) · account (7) · exynos 980 firmware (2)
- 30 CVECVSS 5.8samsung mobile devices (13) · samsung account (7) · samsung push service (2)
- 30 CVE1 critCVSS 6.9PoC 2роса хром (15) · rosa virtualization 3.0 (11) · rosa virtualization (9)
- 29 CVE26 critCVSS 9.4NEWPoC 12online food ordering system (13) · online matrimonial project (6) · online examination system (4)
- 28 CVE6 critCVSS 7.2Nuclei 2PoC 1apache superset (6) · apache dolphinscheduler (3) · airflow (2)
- 26 CVE6 critCVSS 7.1Nuclei 2PoC 1superset (6) · dolphinscheduler (3) · cocoon (2)
- 26 CVE1 critCVSS 7.6KEV 1PoC 3google chrome (22) · android studio (1) · chrome os (1)
- 26 CVECVSS 6.3NEWthinkcentre m70c firmware (20) · thinkcentre m70q firmware (20) · ideacentre g5-14amr05 firmware (20)
- 24 CVE21 critCVSS 9.3NEWPoC 11online food ordering system (9) · online matrimonial project (6) · online food ordering script (4)
- 23 CVE1 critCVSS 7.1emui (22) · harmonyos (22)
- 23 CVE2 critCVSS 6.5PoC 5ckeditor4 (2) · openmct (2) · bootbox (1)
- 23 CVE4 critCVSS 7.5NEWwsa8835 firmware (23) · wsa8830 firmware (23) · wcd9380 firmware (23)
- 23 CVE4 critCVSS 7.5NEWsnapdragon (23)
- 23 CVE14 critCVSS 9.0PoC 8ax1803 firmware (10) · ac10 firmware (6) · rx9 pro firmware (2)
- 21 CVE2 critCVSS 6.1NEW3rd gen amd epyc™ processors (9) · epyc 7343 firmware (8) · epyc 74f3 firmware (8)
- 21 CVE1 critCVSS 7.1PoC 1intel iris xe graphics (7) · intel arc graphics (6) · optane ssd 9 series (5)
- 19 CVE4 critCVSS 5.3NEWscalance s615 eec lan-router (8) · scalance m876-4 (8) · scalance m876-3 (rok) (8)
- 18 CVECVSS 5.3cics tx advanced (6) · cics tx (6) · cics tx standard (3)
- 18 CVE4 critCVSS 5.5NEWscalance xp208 (8) · scalance xp216poe eec (8) · scalance xr324wg (8)
- 17 CVE2 critCVSS 6.1NEWforticlientwindows (3) · fortiadc (3) · forticlient (3)
- 17 CVE3 critCVSS 6.2NEWNuclei 2usg flex series firmware (9) · zld (9) · atp series firmware (8)
- 17 CVE3 critCVSS 6.0NEWNuclei 2usg flex (9) · usg 20(w)-vpn (8) · atp (8)
- 16 CVECVSS 6.5NEWPoC 8pkp/pkp-lib (14) · pkp web application library (3) · pkp/customlocale (1)
- 15 CVECVSS 6.8dell repository manager (drm) (2) · command\|configure (2) · dell command configure (dcc) (2)
- 15 CVECVSS 4.1NEWmattermost (12) · mattermost desktop (3)
- 14 CVE1 critCVSS 7.0NEWpandora fms (14)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | сообщество свободного программного обеспечения | 134 | 19 | 1 | 4 | KEV 1Nuclei 4PoC 25 | debian gnu/linux (42) · linux (29) · gpac (10) | — | |
| 2 | ооо «ред софт» | 130 | 7 | 1 | · | KEV 1PoC 26 | ред ос (130) | — | |
| 3 | intel | 100 | 1 | · | · | PoC 1 | unison software (22) · aptio v uefi firmware integrator tools (9) · iris xe graphics (6) | — | |
| 4 | ао "нппкт" | 88 | 6 | 3 | · | KEV 3PoC 7 | осон основа оnyx (88) | — | |
| 5 | microsoft corp | 79 | 2 | 4 | · | KEV 4PoC 7 | windows 11 22h2 (29) · windows server 2022 (29) · windows server 2022 (server core installation) (29) | — | |
| 6 | adobe | 77 | 4 | · | 3 | Nuclei 3 | acrobat (17) · acrobat dc (17) · acrobat reader dc (17) | — | |
| 7 | adobe systems inc. | 75 | 4 | · | 2 | Nuclei 2 | adobe acrobat 2020 (17) · adobe acrobat document cloud (17) · adobe acrobat reader 2020 (17) | — | |
| 8 | ооо «русбитех-астра» | 75 | 4 | 1 | · | KEV 1PoC 7 | astra linux special edition (74) · astra linux common edition (7) · astra linux special edition для «эльбрус» (2) | — | |
| 9 | 71 | 6 | 1 | · | KEV 1PoC 4 | android (49) · chrome (22) | — | ||
| 10 | microsoft | 70 | 3 | 5 | · | KEV 5PoC 5 | windows server 2022 (31) · windows 11 22h2 (29) · windows server 2022, 23h2 edition (server core installation) (29) | — | |
| 11 | packagist | 67 | 4 | · | 4 | Nuclei 4PoC 14 | moodle/moodle (12) · symfony/symfony (3) · librenms/librenms (3) | — | |
| 12 | maven | 65 | 14 | · | 5 | Nuclei 5PoC 7 | org.opencrx:opencrx-core-models (8) · com.xuxueli:xxl-job-admin (3) · org.jenkins-ci.plugins:matlab (3) | — | |
| 13 | fedoraproject | 62 | 3 | 3 | 1 | KEV 3Nuclei 1PoC 3 | fedora (62) · extra packages for enterprise linux (10) | — | |
| 14 | pypi | 54 | 10 | · | 9 | Nuclei 9PoC 10 | apache-superset (7) · aiohttp (5) · ray (4) | — | |
| 15 | ао «ивк» | 54 | 2 | · | · | PoC 2 | альт сп 10 (45) · альт 8 сп (22) | — | |
| 16 | unknown | 52 | 8 | · | 52 | Nuclei 52PoC 51 | seraphinite accelerator (3) · wp hotel booking (3) · awesome support (3) | — | |
| 17 | red hat | 44 | 2 | · | · | NEWPoC 2 | red hat enterprise linux 8 (37) · red hat enterprise linux 7 (36) · red hat enterprise linux 9 (36) | — | |
| 18 | cisco | 39 | 1 | · | · | PoC 39 | firepower threat defense (17) · cisco firepower threat defense software (17) · secure firewall management center (10) | — | |
| 19 | go | 37 | 3 | · | 1 | Nuclei 1PoC 5 | github.com/mattermost/mattermost/server/v8 (12) · github.com/mattermost/mattermost-server/v6 (12) · github.com/projectcapsule/capsule-proxy (2) | — | |
| 20 | redhat | 37 | 2 | · | 1 | Nuclei 1PoC 1 | enterprise linux (30) · enterprise linux eus (8) · enterprise linux for power little endian (5) | — | |
| 21 | debian | 36 | 2 | 3 | · | KEV 3PoC 3 | debian linux (36) | — | |
| 22 | cisco systems inc. | 34 | 1 | · | · | PoC 34 | firepower threat defense (13) · cisco firepower management center (10) · cisco identity services engine (6) | — | |
| 23 | unisoc (shanghai) technologies co., ltd. | 34 | · | · | · | NEW | sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000 (31) · t760/t770/t820/s8000 (2) · sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618 (1) | — | |
| 24 | red hat inc. | 33 | 1 | · | · | PoC 4 | red hat enterprise linux (24) · red hat storage (5) · red hat software collections (3) | — | |
| 25 | samsung | 33 | · | · | · | PoC 1 | android (13) · account (7) · exynos 980 firmware (2) | — | |
| 26 | samsung mobile | 30 | · | · | · | samsung mobile devices (13) · samsung account (7) · samsung push service (2) | — | ||
| 27 | ао «нтц ит роса» | 30 | 1 | · | · | PoC 2 | роса хром (15) · rosa virtualization 3.0 (11) · rosa virtualization (9) | — | |
| 28 | projectworlds pvt. limited | 29 | 26 | · | · | NEWPoC 12 | online food ordering system (13) · online matrimonial project (6) · online examination system (4) | — | |
| 29 | apache software foundation | 28 | 6 | · | 2 | Nuclei 2PoC 1 | apache superset (6) · apache dolphinscheduler (3) · airflow (2) | — | |
| 30 | apache | 26 | 6 | · | 2 | Nuclei 2PoC 1 | superset (6) · dolphinscheduler (3) · cocoon (2) | — | |
| 31 | google inc | 26 | 1 | 1 | · | KEV 1PoC 3 | google chrome (22) · android studio (1) · chrome os (1) | — | |
| 32 | lenovo | 26 | · | · | · | NEW | thinkcentre m70c firmware (20) · thinkcentre m70q firmware (20) · ideacentre g5-14amr05 firmware (20) | — | |
| 33 | projectworlds | 24 | 21 | · | · | NEWPoC 11 | online food ordering system (9) · online matrimonial project (6) · online food ordering script (4) | — | |
| 34 | huawei | 23 | 1 | · | · | emui (22) · harmonyos (22) | — | ||
| 35 | npm | 23 | 2 | · | · | PoC 5 | ckeditor4 (2) · openmct (2) · bootbox (1) | — | |
| 36 | qualcomm | 23 | 4 | · | · | NEW | wsa8835 firmware (23) · wsa8830 firmware (23) · wcd9380 firmware (23) | — | |
| 37 | qualcomm, inc. | 23 | 4 | · | · | NEW | snapdragon (23) | — | |
| 38 | tenda | 23 | 14 | · | · | PoC 8 | ax1803 firmware (10) · ac10 firmware (6) · rx9 pro firmware (2) | — | |
| 39 | amd | 21 | 2 | · | · | NEW | 3rd gen amd epyc™ processors (9) · epyc 7343 firmware (8) · epyc 74f3 firmware (8) | — | |
| 40 | intel corp. | 21 | 1 | · | · | PoC 1 | intel iris xe graphics (7) · intel arc graphics (6) · optane ssd 9 series (5) | — | |
| 41 | siemens | 19 | 4 | · | · | NEW | scalance s615 eec lan-router (8) · scalance m876-4 (8) · scalance m876-3 (rok) (8) | — | |
| 42 | ibm | 18 | · | · | · | cics tx advanced (6) · cics tx (6) · cics tx standard (3) | — | ||
| 43 | siemens ag | 18 | 4 | · | · | NEW | scalance xp208 (8) · scalance xp216poe eec (8) · scalance xr324wg (8) | — | |
| 44 | fortinet | 17 | 2 | · | · | NEW | forticlientwindows (3) · fortiadc (3) · forticlient (3) | — | |
| 45 | zyxel | 17 | 3 | · | 2 | NEWNuclei 2 | usg flex series firmware (9) · zld (9) · atp series firmware (8) | — | |
| 46 | zyxel communications corp. | 17 | 3 | · | 2 | NEWNuclei 2 | usg flex (9) · usg 20(w)-vpn (8) · atp (8) | — | |
| 47 | pkp | 16 | · | · | · | NEWPoC 8 | pkp/pkp-lib (14) · pkp web application library (3) · pkp/customlocale (1) | — | |
| 48 | dell | 15 | · | · | · | dell repository manager (drm) (2) · command\|configure (2) · dell command configure (dcc) (2) | — | ||
| 49 | mattermost | 15 | · | · | · | NEW | mattermost (12) · mattermost desktop (3) | — | |
| 50 | artica | 14 | 1 | · | · | NEW | pandora fms (14) | — |