month report
March 2024
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
March 2024 closed with 3,374 published CVEs. 281 criticals, 10 added to CISA KEV (5 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via linux. Top weakness class — CWE-79 (795 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
3,374
— MoM— YoY
Severity mix
281 / 1,118
critical / high
KEV added
10
5 ransomware-linked
Nuclei coverage
25.5%
862 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
713.8
n=862
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
53
n=8
Detection gap
KEV pressure, no Nuclei coverage
March 2024 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 2apple91 CVE
Weakness × Vendor
What's spreading where in March 2024
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS89SQL Injection787Out-of-bounds Write121CWE-121352CSRF862Missing Authorization125Out-of-bounds Read434Unrestricted File Upload200Information Exposure416Use After Freeсообщество свободного программного обеспечения8516151132linux111428ооо «ред софт»2611022ооо «русбитех-астра»9920tenda5910845ао "нппкт"16412apple62243canonical ltd.6912google1262209shenzhen tenda technology co., ltd.356443microsoft corp13218microsoft11217
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #10shenzhen tenda technology co., ltd.82 CVE
- #20campcodes55 CVE
- #37dedecms28 CVE
- #38freeimage project23 CVE
- #39magesh-k2122 CVE
- #40qualcomm22 CVE
- #41qualcomm, inc.22 CVE
- #43red hat21 CVE
- #45mayurik20 CVE
- #46dell technologies19 CVE
Top vendors
Ranked by distinct CVE count this period.
- 333 CVE6 critCVSS 6.2Nuclei 2PoC 21linux (243) · debian gnu/linux (173) · phpmyfaq (7)
- 235 CVECVSS 6.0PoC 6linux (235) · linux kernel (235)
- 178 CVE2 critCVSS 6.5Nuclei 1PoC 12ред ос (178)
- 140 CVE2 critCVSS 6.3PoC 9astra linux special edition (131) · astra linux special edition для «эльбрус» (16) · astra linux common edition (8)
- 135 CVE16 critCVSS 8.2PoC 104fh1202 firmware (22) · fh1205 firmware (19) · ac15 firmware (19)
- 107 CVE3 critCVSS 6.6Nuclei 1PoC 7осон основа оnyx (107)
- 91 CVECVSS 6.2KEV 2PoC 1macos (79) · ios and ipados (50) · iphone os (50)
- 90 CVE2 critCVSS 6.3PoC 10ubuntu (90)
- 90 CVE4 critCVSS 7.1PoC 2android (75) · chrome (15)
- 82 CVE8 critCVSS 8.2NEWPoC 65tenda ac15 (16) · tenda ac7 (13) · tenda ac10u (13)
- 72 CVE2 critCVSS 7.6KEV 2Nuclei 1PoC 1windows 11 22h2 (39) · windows 11 23h2 (39) · windows server 2022 (37)
- 68 CVE2 critCVSS 7.6KEV 2Nuclei 1PoC 1windows 11 23h2 (37) · windows 11 version 23h2 (37) · windows 11 version 22h3 (37)
- 67 CVE6 critCVSS 6.7Nuclei 2PoC 5org.geoserver:gs-restconfig (3) · org.jenkins-ci.plugins:htmlpublisher (3) · org.open-metadata:openmetadata-service (3)
- 63 CVECVSS 5.5PoC 1sterling secure proxy (6) · secure proxy (6) · ds8900f firmware (4)
- 61 CVE1 critCVSS 6.7PoC 8red hat enterprise linux (53) · libvirt (3) · red hat jboss web server (2)
- 59 CVECVSS 5.5PoC 56employee task management system (12) · online mobile management store (9) · petrol pump management software (6)
- 58 CVE2 critCVSS 6.5PoC 57customer support system (15) · employee task management system (12) · online mobile store management system (9)
- 56 CVECVSS 5.7KEV 1Nuclei 1adobe experience manager (44) · experience manager (44) · animate (4)
- 56 CVECVSS 5.7KEV 1Nuclei 1adobe experience manager (44) · adobe bridge (4) · animate (4)
- 55 CVECVSS 5.2NEWPoC 54online job finder system (20) · complete online dj booking system (9) · online marriage registration system (9)
- 53 CVE6 critCVSS 7.1PoC 5github.com/argoproj/argo-cd/v2 (6) · github.com/zitadel/zitadel (4) · github.com/cilium/cilium (4)
- 48 CVE6 critCVSS 6.9PoC 11paddlepaddle (5) · gradio (5) · apache-airflow (3)
- 47 CVECVSS 6.2PoC 9debian linux (47)
- 47 CVE1 critCVSS 6.3Nuclei 1PoC 15phpmyfaq/phpmyfaq (8) · getgrav/grav (6) · friendsofsymfony1/symfony1 (2)
- 43 CVE7 critCVSS 6.8Nuclei 2PoC 10directus (4) · katex (4) · rsshub (2)
- 41 CVE1 critCVSS 7.0PoC 1fedora (41)
- 41 CVE1 critCVSS 6.4Nuclei 1PoC 4rosa virtualization 3.0 (34) · роса хром (8) · rosa virtualization (6)
- 40 CVECVSS 6.0Nuclei 38PoC 40pz-linkcard (3) · cm download manager (3) · events tickets plus (2)
- 39 CVECVSS 5.5powerscale onefs (10) · secure connect gateway (scg) policy manager (6) · policy manager for secure connect gateway (6)
- 39 CVE2 critCVSS 5.9Nuclei 1PoC 4suse linux enterprise server (34) · suse linux enterprise server for sap applications (31) · suse linux enterprise desktop (29)
- 35 CVE1 critCVSS 6.5Nuclei 1PoC 2fedora (35)
- 35 CVECVSS 6.7PoC 5альт сп 10 (32) · альт 8 сп (12)
- 34 CVECVSS 6.7PoC 33ios xe (14) · cisco ios xe software (13) · cisco ios xr software (8)
- 30 CVECVSS 6.2PoC 28cisco ios xr (8) · cisco ios xe (7) · cisco duo (2)
- 29 CVE5 critCVSS 7.2Nuclei 1PoC 1pulsar (5) · apache pulsar (5) · airflow (3)
- 28 CVE5 critCVSS 7.3Nuclei 1pulsar (5) · doris (3) · airflow (3)
- 28 CVE1 critCVSS 6.6NEWPoC 17dedecms (28)
- 23 CVECVSS 6.6NEWPoC 9freeimage (23)
- 22 CVECVSS 5.1NEWPoC 15online-college-event-hall-reservation-system (22)
- 22 CVE4 critCVSS 8.2NEWfastconnect 6900 firmware (22) · fastconnect 7800 firmware (22) · wcd9380 firmware (22)
- 22 CVE4 critCVSS 7.9NEWsnapdragon (22)
- 21 CVE2 critCVSS 6.4PoC 1mt6739, mt6757, mt6761, mt6763, mt6765, mt6768, mt6771, mt6779, mt6785, mt6833, mt6853, mt6873, mt6877, mt6885, mt6893, mt8163, mt8167, mt8168, mt8512 (4) · mt6739, mt6761, mt6765, mt6768, mt6779, mt6781, mt6785, mt6789, mt6833, mt6835, mt6853, mt6855, mt6873, mt6877, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6983, mt6985, mt6989, mt8168, mt8188, mt8195, mt8673, mt8675 (2) · mt2713, mt6739, mt6761, mt6765, mt6768, mt6771, mt6779, mt6785, mt6789, mt6835, mt6855, mt6879, mt6883, mt6885, mt6886, mt6893, mt6895, mt6983, mt6985, mt8167, mt8167s, mt8168, mt8173, mt8175, mt8185, mt8188, mt8195, mt8321, mt8362a, mt8365, mt8370, mt8385, mt8390, mt8395, mt8666, mt8667, mt8673, mt8675, mt8676, mt8678, mt8755, mt8765, mt8766, mt8768, mt8775, mt8781, mt8786, mt8788, mt8789, mt8791, mt8792, mt8796, mt8797, mt8798 (1)
- 21 CVE1 critCVSS 7.0NEWNuclei 1red hat enterprise linux 8 (15) · red hat enterprise linux 9 (14) · red hat enterprise linux 7 (14)
- 20 CVE2 critCVSS 7.3Nuclei 1PoC 2google chrome (16) · android (3) · chrome os (1)
- 20 CVE3 critCVSS 6.2NEWPoC 18petrol pump management (10) · best pos management system (3) · php task management system (3)
- 19 CVECVSS 5.0NEWpowerscale onefs (10) · poweredge r650 (5) · poweredge r650xs (5)
- 18 CVECVSS 5.9NEWibm mq operator (3) · ibm engineering requirements management doors (3) · ibm cloud pak for security (2)
- 17 CVE5 critCVSS 7.4NEWPoC 16online book system (5) · scholars tracking system (4) · student enrollment (3)
- 16 CVE1 critCVSS 7.9NEWamss++ (16)
- 16 CVE1 critCVSS 7.9NEWamss\+\+ (16)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | сообщество свободного программного обеспечения | 333 | 6 | · | 2 | Nuclei 2PoC 21 | linux (243) · debian gnu/linux (173) · phpmyfaq (7) | — | |
| 2 | linux | 235 | · | · | · | PoC 6 | linux (235) · linux kernel (235) | — | |
| 3 | ооо «ред софт» | 178 | 2 | · | 1 | Nuclei 1PoC 12 | ред ос (178) | — | |
| 4 | ооо «русбитех-астра» | 140 | 2 | · | · | PoC 9 | astra linux special edition (131) · astra linux special edition для «эльбрус» (16) · astra linux common edition (8) | — | |
| 5 | tenda | 135 | 16 | · | · | PoC 104 | fh1202 firmware (22) · fh1205 firmware (19) · ac15 firmware (19) | — | |
| 6 | ао "нппкт" | 107 | 3 | · | 1 | Nuclei 1PoC 7 | осон основа оnyx (107) | — | |
| 7 | apple | 91 | · | 2 | · | KEV 2PoC 1 | macos (79) · ios and ipados (50) · iphone os (50) | — | |
| 8 | canonical ltd. | 90 | 2 | · | · | PoC 10 | ubuntu (90) | — | |
| 9 | 90 | 4 | · | · | PoC 2 | android (75) · chrome (15) | — | ||
| 10 | shenzhen tenda technology co., ltd. | 82 | 8 | · | · | NEWPoC 65 | tenda ac15 (16) · tenda ac7 (13) · tenda ac10u (13) | — | |
| 11 | microsoft corp | 72 | 2 | 2 | 1 | KEV 2Nuclei 1PoC 1 | windows 11 22h2 (39) · windows 11 23h2 (39) · windows server 2022 (37) | — | |
| 12 | microsoft | 68 | 2 | 2 | 1 | KEV 2Nuclei 1PoC 1 | windows 11 23h2 (37) · windows 11 version 23h2 (37) · windows 11 version 22h3 (37) | — | |
| 13 | maven | 67 | 6 | · | 2 | Nuclei 2PoC 5 | org.geoserver:gs-restconfig (3) · org.jenkins-ci.plugins:htmlpublisher (3) · org.open-metadata:openmetadata-service (3) | — | |
| 14 | ibm | 63 | · | · | · | PoC 1 | sterling secure proxy (6) · secure proxy (6) · ds8900f firmware (4) | — | |
| 15 | red hat inc. | 61 | 1 | · | · | PoC 8 | red hat enterprise linux (53) · libvirt (3) · red hat jboss web server (2) | — | |
| 16 | sourcecodester | 59 | · | · | · | PoC 56 | employee task management system (12) · online mobile management store (9) · petrol pump management software (6) | — | |
| 17 | oretnom23 | 58 | 2 | · | · | PoC 57 | customer support system (15) · employee task management system (12) · online mobile store management system (9) | — | |
| 18 | adobe | 56 | · | 1 | 1 | KEV 1Nuclei 1 | adobe experience manager (44) · experience manager (44) · animate (4) | — | |
| 19 | adobe systems inc. | 56 | · | 1 | 1 | KEV 1Nuclei 1 | adobe experience manager (44) · adobe bridge (4) · animate (4) | — | |
| 20 | campcodes | 55 | · | · | · | NEWPoC 54 | online job finder system (20) · complete online dj booking system (9) · online marriage registration system (9) | — | |
| 21 | go | 53 | 6 | · | · | PoC 5 | github.com/argoproj/argo-cd/v2 (6) · github.com/zitadel/zitadel (4) · github.com/cilium/cilium (4) | — | |
| 22 | pypi | 48 | 6 | · | · | PoC 11 | paddlepaddle (5) · gradio (5) · apache-airflow (3) | — | |
| 23 | debian | 47 | · | · | · | PoC 9 | debian linux (47) | — | |
| 24 | packagist | 47 | 1 | · | 1 | Nuclei 1PoC 15 | phpmyfaq/phpmyfaq (8) · getgrav/grav (6) · friendsofsymfony1/symfony1 (2) | — | |
| 25 | npm | 43 | 7 | · | 2 | Nuclei 2PoC 10 | directus (4) · katex (4) · rsshub (2) | — | |
| 26 | fedoraproject | 41 | 1 | · | · | PoC 1 | fedora (41) | — | |
| 27 | ао «нтц ит роса» | 41 | 1 | · | 1 | Nuclei 1PoC 4 | rosa virtualization 3.0 (34) · роса хром (8) · rosa virtualization (6) | — | |
| 28 | unknown | 40 | · | · | 38 | Nuclei 38PoC 40 | pz-linkcard (3) · cm download manager (3) · events tickets plus (2) | — | |
| 29 | dell | 39 | · | · | · | powerscale onefs (10) · secure connect gateway (scg) policy manager (6) · policy manager for secure connect gateway (6) | — | ||
| 30 | novell inc. | 39 | 2 | · | 1 | Nuclei 1PoC 4 | suse linux enterprise server (34) · suse linux enterprise server for sap applications (31) · suse linux enterprise desktop (29) | — | |
| 31 | fedora project | 35 | 1 | · | 1 | Nuclei 1PoC 2 | fedora (35) | — | |
| 32 | ао «ивк» | 35 | · | · | · | PoC 5 | альт сп 10 (32) · альт 8 сп (12) | — | |
| 33 | cisco | 34 | · | · | · | PoC 33 | ios xe (14) · cisco ios xe software (13) · cisco ios xr software (8) | — | |
| 34 | cisco systems inc. | 30 | · | · | · | PoC 28 | cisco ios xr (8) · cisco ios xe (7) · cisco duo (2) | — | |
| 35 | apache software foundation | 29 | 5 | · | 1 | Nuclei 1PoC 1 | pulsar (5) · apache pulsar (5) · airflow (3) | — | |
| 36 | apache | 28 | 5 | · | 1 | Nuclei 1 | pulsar (5) · doris (3) · airflow (3) | — | |
| 37 | dedecms | 28 | 1 | · | · | NEWPoC 17 | dedecms (28) | — | |
| 38 | freeimage project | 23 | · | · | · | NEWPoC 9 | freeimage (23) | — | |
| 39 | magesh-k21 | 22 | · | · | · | NEWPoC 15 | online-college-event-hall-reservation-system (22) | — | |
| 40 | qualcomm | 22 | 4 | · | · | NEW | fastconnect 6900 firmware (22) · fastconnect 7800 firmware (22) · wcd9380 firmware (22) | — | |
| 41 | qualcomm, inc. | 22 | 4 | · | · | NEW | snapdragon (22) | — | |
| 42 | mediatek, inc. | 21 | 2 | · | · | PoC 1 | mt6739, mt6757, mt6761, mt6763, mt6765, mt6768, mt6771, mt6779, mt6785, mt6833, mt6853, mt6873, mt6877, mt6885, mt6893, mt8163, mt8167, mt8168, mt8512 (4) · mt6739, mt6761, mt6765, mt6768, mt6779, mt6781, mt6785, mt6789, mt6833, mt6835, mt6853, mt6855, mt6873, mt6877, mt6879, mt6883, mt6885, mt6886, mt6889, mt6893, mt6895, mt6897, mt6983, mt6985, mt6989, mt8168, mt8188, mt8195, mt8673, mt8675 (2) · mt2713, mt6739, mt6761, mt6765, mt6768, mt6771, mt6779, mt6785, mt6789, mt6835, mt6855, mt6879, mt6883, mt6885, mt6886, mt6893, mt6895, mt6983, mt6985, mt8167, mt8167s, mt8168, mt8173, mt8175, mt8185, mt8188, mt8195, mt8321, mt8362a, mt8365, mt8370, mt8385, mt8390, mt8395, mt8666, mt8667, mt8673, mt8675, mt8676, mt8678, mt8755, mt8765, mt8766, mt8768, mt8775, mt8781, mt8786, mt8788, mt8789, mt8791, mt8792, mt8796, mt8797, mt8798 (1) | — | |
| 43 | red hat | 21 | 1 | · | 1 | NEWNuclei 1 | red hat enterprise linux 8 (15) · red hat enterprise linux 9 (14) · red hat enterprise linux 7 (14) | — | |
| 44 | google inc | 20 | 2 | · | 1 | Nuclei 1PoC 2 | google chrome (16) · android (3) · chrome os (1) | — | |
| 45 | mayurik | 20 | 3 | · | · | NEWPoC 18 | petrol pump management (10) · best pos management system (3) · php task management system (3) | — | |
| 46 | dell technologies | 19 | · | · | · | NEW | powerscale onefs (10) · poweredge r650 (5) · poweredge r650xs (5) | — | |
| 47 | ibm corp. | 18 | · | · | · | NEW | ibm mq operator (3) · ibm engineering requirements management doors (3) · ibm cloud pak for security (2) | — | |
| 48 | code-projects | 17 | 5 | · | · | NEWPoC 16 | online book system (5) · scholars tracking system (4) · student enrollment (3) | — | |
| 49 | amssplus | 16 | 1 | · | · | NEW | amss++ (16) | — | |
| 50 | amss\+\+ project | 16 | 1 | · | · | NEW | amss\+\+ (16) | — |