month report

July 2024

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

July 2024 closed with 3,248 published CVEs. 275 criticals, 14 added to CISA KEV (1 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via linux. Top weakness class — CWE-79 (528 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

3,248

— MoM— YoY

Severity mix

275 / 1,082

critical / high

KEV added

1 ransomware-linked

Nuclei coverage

19.3%

628 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

597.5

n=628

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

n=12

Detection gap

KEV pressure, no Nuclei coverage

July 2024 · vendors with active exploitation listed by CISA but no public detection template.

KEV 3microsoft143 CVE

Weakness × Vendor

What's spreading where in July 2024

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#17oracle63 CVE
#18oracle corp.63 CVE
#19oracle corporation63 CVE
#28juniper46 CVE
#29juniper networks45 CVE
#30juniper networks inc.44 CVE
#31siemens ag38 CVE
#36itsourcecode33 CVE
#39realtek23 CVE
#41level121 CVE

Top vendors

Ranked by distinct CVE count this period.

1сообщество свободного программного обеспечения—
537 CVE19 critCVSS 6.2
Nuclei 4PoC 29
linux (442) · debian gnu/linux (326) · phpipam (5)
2linux—
440 CVECVSS 6.0
PoC 3
linux kernel (440) · linux (439)
3ооо «ред софт»—
410 CVE11 critCVSS 6.3
Nuclei 3PoC 27
ред ос (410)
4ооо «русбитех-астра»—
370 CVE8 critCVSS 6.2
KEV 1Nuclei 3PoC 25
astra linux special edition (365) · astra linux common edition (29) · astra linux special edition для «эльбрус» (3)
5ао "нппкт"—
334 CVE7 critCVSS 6.2
KEV 1Nuclei 4PoC 22
осон основа оnyx (334)
6red hat inc.—
212 CVECVSS 6.1
PoC 9
red hat enterprise linux (210) · red hat build of openjdk (4) · red hat openshift container platform (2)
7canonical ltd.—
177 CVE1 critCVSS 6.1
PoC 8
ubuntu (173) · snapd (2) · ubuntu desktop provision (1)
8microsoft—
143 CVE6 critCVSS 7.7
KEV 3PoC 6
windows server 2022 (79) · windows server 2022, 23h2 edition (server core installation) (78) · windows server 2022 23h2 (77)
9microsoft corp—
140 CVE9 critCVSS 7.5
KEV 3Nuclei 1PoC 11
windows server 2022 (server core installation) (84) · windows server 2022 (84) · windows server 2022, 23h2 edition (server core installation) (84)
10unknown—
131 CVE8 critCVSS 6.3
Nuclei 127PoC 131
wp-affiliate-platform (8) · wp-emember (8) · himer (5)
11ао «ивк»—
128 CVE5 critCVSS 6.3
KEV 1Nuclei 3PoC 16
альт сп 10 (123) · альт 8 сп (50)
12novell inc.—
127 CVE3 critCVSS 5.9
PoC 11
opensuse leap (123) · suse linux enterprise desktop (114) · suse linux enterprise server for sap applications (114)
13ао «нтц ит роса»—
98 CVE4 critCVSS 6.9
KEV 1Nuclei 3PoC 12
rosa virtualization 3.0 (88) · rosa virtualization (14) · роса кобальт (13)
14apple—
80 CVECVSS 5.7
PoC 1
macos (79) · iphone os (43) · ipados (43)
15google—
72 CVE6 critCVSS 7.7
PoC 11
android (44) · chrome (26) · https://github.com/google/nftables (1)
16sourcecodester—
69 CVECVSS 5.7
PoC 69
record management system (14) · lot reservation management system (9) · establishment billing management system (9)
17oracle—
63 CVE1 critCVSS 5.5
NEWKEV 1Nuclei 1
mysql (18) · jdk (6) · jre (6)
18oracle corp.—
63 CVE1 critCVSS 5.7
NEWKEV 1Nuclei 1
mysql server (21) · e-business suite (9) · java se (6)
19oracle corporation—
63 CVE1 critCVSS 5.6
NEWKEV 1Nuclei 1
mysql server (22) · java se jdk and jre (6) · database - enterprise edition (4)
20pypi—
59 CVE3 critCVSS 6.5
Nuclei 6PoC 3
django (4) · anki (3) · roundup (3)
21oretnom23—
51 CVE2 critCVSS 6.1
PoC 50
establishment billing management system (9) · lot reservation management system (9) · school fees payment system (6)
22go—
49 CVE9 critCVSS 7.5
Nuclei 1PoC 5
gogs.io/gogs (4) · github.com/gogs/gogs (4) · github.com/zitadel/zitadel (3)
23maven—
48 CVE8 critCVSS 7.3
KEV 1Nuclei 3PoC 7
org.apache.streampark:streampark (4) · org.geoserver.web:gs-web-app (3) · org.apache.linkis:linkis-datasource (3)
24npm—
47 CVE7 critCVSS 7.1
Nuclei 1PoC 7
flowise (6) · bootstrap (3) · directus (2)
25samsung—
47 CVE1 critCVSS 6.6
android (28) · exynos 1380 firmware (9) · exynos 2200 firmware (8)
26apache—
46 CVE9 critCVSS 7.4
KEV 1Nuclei 5PoC 9
http server (11) · streampark (7) · traffic server (3)
27apache software foundation—
46 CVE9 critCVSS 7.4
KEV 1Nuclei 5PoC 9
apache http server (11) · http server (11) · apache streampark (4)
28juniper—
46 CVECVSS 6.8
NEWPoC 46
junos os evolved (33) · junos (28) · j-web (1)
29juniper networks—
45 CVECVSS 6.7
NEWPoC 45
junos os evolved (33) · junos os (27)
30juniper networks inc.—
44 CVECVSS 6.7
NEWPoC 44
junos (30) · junos os evolved (28)
31siemens ag—
38 CVE2 critCVSS 7.1
NEWPoC 1
sinema remote connect (10) · sinema remote connect server (9) · ruggedcom rst2228 (4)
32totolink—
38 CVE3 critCVSS 7.5
Nuclei 1PoC 36
a3600r (18) · a3600r firmware (18) · a6000r (7)
33ibm—
36 CVECVSS 5.4
datacap (12) · datacap navigator (12) · aspera orchestrator (3)
34siemens—
36 CVE2 critCVSS 7.0
sinema remote connect server (14) · sinema remote connect client (3) · simcenter femap (3)
35packagist—
35 CVE5 critCVSS 6.3
Nuclei 1PoC 10
icecoder/icecoder (3) · auth0/wordpress (2) · admidio/admidio (2)
36itsourcecode—
33 CVE2 critCVSS 6.2
NEWPoC 29
tailoring management system (7) · alton management system (6) · society management system (5)
37samsung mobile—
33 CVECVSS 5.6
samsung mobile devices (28) · samsung health (1) · samsung flow (1)
38google inc—
29 CVE3 critCVSS 8.1
PoC 10
google chrome (25) · android (2) · android studio (1)
39realtek—
23 CVECVSS 7.2
NEWPoC 4
rtl819x jungle sdk (19) · rtl819x jungle software development kit (19) · rtsper (4)
40dell—
21 CVECVSS 5.2
powerscale onefs (7) · edge gateway 3200 firmware (4) · edge gateway 5200 firmware (3)
41level1—
21 CVE1 critCVSS 7.4
NEWPoC 4
wbr-6013 firmware (21)
42levelone—
21 CVE1 critCVSS 7.4
NEWPoC 4
wbr-6013 (21)
43tipsandtricks-hq—
21 CVECVSS 6.5
NEWNuclei 21PoC 21
wp affiliate platform (8) · wp emember (8) · wp estore (5)
44ibm corp.—
20 CVE2 critCVSS 5.7
NEW
ibm datacap (12) · datacap navigator (12) · ibm cloud pak for security (2)
45netapp—
20 CVE3 critCVSS 6.7
KEV 1Nuclei 3PoC 9
oncommand workflow automation (6) · bluexp (5) · ontap (5)
46tenda—
19 CVE5 critCVSS 8.5
PoC 10
o3 (6) · ax1806 firmware (5) · o3 firmware1.0.0.10\(2478\) (4)
47angeljudesuarez—
18 CVE2 critCVSS 6.8
NEWPoC 17
society management system (5) · tailoring management system (5) · university management system (4)
48dell technologies—
18 CVECVSS 6.2
NEW
powerscale onefs (7) · peripheral manager (3) · edge gateway 5200 (3)
49netbox—
18 CVECVSS 6.1
NEWPoC 8
netbox (18)
50sap_se—
18 CVECVSS 5.4
NEW
sap crm webclient ui (4) · sap enable now (2) · sap netweaver application server for abap and abap platform (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	сообщество свободного программного обеспечения	537	19	·	4	Nuclei 4PoC 29	linux (442) · debian gnu/linux (326) · phpipam (5)	—
2	linux	440	·	·	·	PoC 3	linux kernel (440) · linux (439)	—
3	ооо «ред софт»	410	11	·	3	Nuclei 3PoC 27	ред ос (410)	—
4	ооо «русбитех-астра»	370	8	1	3	KEV 1Nuclei 3PoC 25	astra linux special edition (365) · astra linux common edition (29) · astra linux special edition для «эльбрус» (3)	—
5	ао "нппкт"	334	7	1	4	KEV 1Nuclei 4PoC 22	осон основа оnyx (334)	—
6	red hat inc.	212	·	·	·	PoC 9	red hat enterprise linux (210) · red hat build of openjdk (4) · red hat openshift container platform (2)	—
7	canonical ltd.	177	1	·	·	PoC 8	ubuntu (173) · snapd (2) · ubuntu desktop provision (1)	—
8	microsoft	143	6	3	·	KEV 3PoC 6	windows server 2022 (79) · windows server 2022, 23h2 edition (server core installation) (78) · windows server 2022 23h2 (77)	—
9	microsoft corp	140	9	3	1	KEV 3Nuclei 1PoC 11	windows server 2022 (server core installation) (84) · windows server 2022 (84) · windows server 2022, 23h2 edition (server core installation) (84)	—
10	unknown	131	8	·	127	Nuclei 127PoC 131	wp-affiliate-platform (8) · wp-emember (8) · himer (5)	—
11	ао «ивк»	128	5	1	3	KEV 1Nuclei 3PoC 16	альт сп 10 (123) · альт 8 сп (50)	—
12	novell inc.	127	3	·	·	PoC 11	opensuse leap (123) · suse linux enterprise desktop (114) · suse linux enterprise server for sap applications (114)	—
13	ао «нтц ит роса»	98	4	1	3	KEV 1Nuclei 3PoC 12	rosa virtualization 3.0 (88) · rosa virtualization (14) · роса кобальт (13)	—
14	apple	80	·	·	·	PoC 1	macos (79) · iphone os (43) · ipados (43)	—
15	google	72	6	·	·	PoC 11	android (44) · chrome (26) · https://github.com/google/nftables (1)	—
16	sourcecodester	69	·	·	·	PoC 69	record management system (14) · lot reservation management system (9) · establishment billing management system (9)	—
17	oracle	63	1	1	1	NEWKEV 1Nuclei 1	mysql (18) · jdk (6) · jre (6)	—
18	oracle corp.	63	1	1	1	NEWKEV 1Nuclei 1	mysql server (21) · e-business suite (9) · java se (6)	—
19	oracle corporation	63	1	1	1	NEWKEV 1Nuclei 1	mysql server (22) · java se jdk and jre (6) · database - enterprise edition (4)	—
20	pypi	59	3	·	6	Nuclei 6PoC 3	django (4) · anki (3) · roundup (3)	—
21	oretnom23	51	2	·	·	PoC 50	establishment billing management system (9) · lot reservation management system (9) · school fees payment system (6)	—
22	go	49	9	·	1	Nuclei 1PoC 5	gogs.io/gogs (4) · github.com/gogs/gogs (4) · github.com/zitadel/zitadel (3)	—
23	maven	48	8	1	3	KEV 1Nuclei 3PoC 7	org.apache.streampark:streampark (4) · org.geoserver.web:gs-web-app (3) · org.apache.linkis:linkis-datasource (3)	—
24	npm	47	7	·	1	Nuclei 1PoC 7	flowise (6) · bootstrap (3) · directus (2)	—
25	samsung	47	1	·	·		android (28) · exynos 1380 firmware (9) · exynos 2200 firmware (8)	—
26	apache	46	9	1	5	KEV 1Nuclei 5PoC 9	http server (11) · streampark (7) · traffic server (3)	—
27	apache software foundation	46	9	1	5	KEV 1Nuclei 5PoC 9	apache http server (11) · http server (11) · apache streampark (4)	—
28	juniper	46	·	·	·	NEWPoC 46	junos os evolved (33) · junos (28) · j-web (1)	—
29	juniper networks	45	·	·	·	NEWPoC 45	junos os evolved (33) · junos os (27)	—
30	juniper networks inc.	44	·	·	·	NEWPoC 44	junos (30) · junos os evolved (28)	—
31	siemens ag	38	2	·	·	NEWPoC 1	sinema remote connect (10) · sinema remote connect server (9) · ruggedcom rst2228 (4)	—
32	totolink	38	3	·	1	Nuclei 1PoC 36	a3600r (18) · a3600r firmware (18) · a6000r (7)	—
33	ibm	36	·	·	·		datacap (12) · datacap navigator (12) · aspera orchestrator (3)	—
34	siemens	36	2	·	·		sinema remote connect server (14) · sinema remote connect client (3) · simcenter femap (3)	—
35	packagist	35	5	·	1	Nuclei 1PoC 10	icecoder/icecoder (3) · auth0/wordpress (2) · admidio/admidio (2)	—
36	itsourcecode	33	2	·	·	NEWPoC 29	tailoring management system (7) · alton management system (6) · society management system (5)	—
37	samsung mobile	33	·	·	·		samsung mobile devices (28) · samsung health (1) · samsung flow (1)	—
38	google inc	29	3	·	·	PoC 10	google chrome (25) · android (2) · android studio (1)	—
39	realtek	23	·	·	·	NEWPoC 4	rtl819x jungle sdk (19) · rtl819x jungle software development kit (19) · rtsper (4)	—
40	dell	21	·	·	·		powerscale onefs (7) · edge gateway 3200 firmware (4) · edge gateway 5200 firmware (3)	—
41	level1	21	1	·	·	NEWPoC 4	wbr-6013 firmware (21)	—
42	levelone	21	1	·	·	NEWPoC 4	wbr-6013 (21)	—
43	tipsandtricks-hq	21	·	·	21	NEWNuclei 21PoC 21	wp affiliate platform (8) · wp emember (8) · wp estore (5)	—
44	ibm corp.	20	2	·	·	NEW	ibm datacap (12) · datacap navigator (12) · ibm cloud pak for security (2)	—
45	netapp	20	3	1	3	KEV 1Nuclei 3PoC 9	oncommand workflow automation (6) · bluexp (5) · ontap (5)	—
46	tenda	19	5	·	·	PoC 10	o3 (6) · ax1806 firmware (5) · o3 firmware1.0.0.10\(2478\) (4)	—
47	angeljudesuarez	18	2	·	·	NEWPoC 17	society management system (5) · tailoring management system (5) · university management system (4)	—
48	dell technologies	18	·	·	·	NEW	powerscale onefs (7) · peripheral manager (3) · edge gateway 5200 (3)	—
49	netbox	18	·	·	·	NEWPoC 8	netbox (18)	—
50	sap_se	18	·	·	·	NEW	sap crm webclient ui (4) · sap enable now (2) · sap netweaver application server for abap and abap platform (2)	—