month report

February 2025

Data as of Jun 4, 2026, 13:26 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

February 2025 closed with 3,940 published CVEs — +32.1% YoY . 253 criticals, 27 added to CISA KEV (2 ransomware-linked). linux led volume, mostly via linux kernel. Biggest breakout: gnu at ×4.4 their 12-month median. Top weakness class — CWE-79 (643 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

3,940

— MoM+32.1% YoY

Severity mix

253 / 1,219

critical / high

KEV added

2 ransomware-linked

Nuclei coverage

21.4%

843 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

382.9

n=843

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

n=15

Detection gap

KEV pressure, no Nuclei coverage

February 2025 · vendors with active exploitation listed by CISA but no public detection template.

KEV 3microsoft corp73 CVE
KEV 3microsoft67 CVE

Weakness × Vendor

What's spreading where in February 2025

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

4.4×gnu20 CVE
3.0×linux910 CVE
3.0×ооо «открытая мобильная платформа»42 CVE
3.0×f5 networks, inc.12 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#19q-free43 CVE
#27enituretechnology28 CVE
#40labredescefetrj22 CVE
#42wegia22 CVE
#50eniture18 CVE
#51qualcomm technologies inc.18 CVE
#66ооо «нпо мир»14 CVE
#72mercedes-benz13 CVE
#74palo alto networks inc.13 CVE
#77bplugins12 CVE

Top vendors

Ranked by distinct CVE count this period.

1linux—
910 CVECVSS 5.9
×3.0PoC 3
linux kernel (910) · linux (909)
2сообщество свободного программного обеспечения—
715 CVE14 critCVSS 6.2
KEV 1Nuclei 3PoC 18
linux (625) · debian gnu/linux (346) · xwayland (8)
3canonical ltd.—
323 CVE4 critCVSS 6.2
PoC 5
ubuntu (323)
4red hat inc.—
286 CVE2 critCVSS 6.2
PoC 6
red hat enterprise linux (280) · red hat openshift container platform (15) · red hat virtualization (6)
5ооо «русбитех-астра»—
254 CVE7 critCVSS 6.4
PoC 17
astra linux special edition (252) · astra linux common edition (35) · пк св "брест" (2)
6ао "нппкт"—
194 CVE7 critCVSS 6.5
PoC 7
осон основа оnyx (194)
7ооо «ред софт»—
157 CVE5 critCVSS 6.3
PoC 12
ред ос (157)
8ibm—
79 CVE2 critCVSS 5.8
PoC 1
entirex (13) · applinx (9) · security verify access (8)
9microsoft corp—
73 CVE1 critCVSS 7.5
KEV 3PoC 1
windows server 2025 (server core installation) (37) · windows server 2025 (37) · windows 11 24h2 (35)
10microsoft—
67 CVE1 critCVSS 7.5
KEV 3PoC 1
windows server 2025 (server core installation) (37) · windows server 2025 (37) · windows 11 version 24h2 (35)
11intel corp.—
64 CVECVSS 6.2
12th generation intel core processor family (8) · 10th generation intel core processor family (8) · intel pentium gold processor family (7)
12unknown—
64 CVECVSS 5.7
Nuclei 62PoC 64
paid membership plugin, ecommerce, user registration form, login form, user profile & restrict content (3) · zarinpal paid download (2) · wp finance (2)
13packagist—
60 CVE4 critCVSS 6.7
Nuclei 1PoC 3
magento/project-community-edition (24) · magento/community-edition (24) · leantime/leantime (10)
14novell inc.—
56 CVE1 critCVSS 6.4
PoC 5
suse linux enterprise server (53) · suse linux enterprise server for sap applications (50) · suse linux enterprise high performance computing (37)
15ао «ивк»—
56 CVE5 critCVSS 6.9
PoC 5
альт сп 10 (35) · альт 8 сп (29)
16adobe—
51 CVE1 critCVSS 6.6
adobe commerce (31) · commerce b2b (31) · magento (23)
17npm—
47 CVE5 critCVSS 6.8
Nuclei 3PoC 3
mongosh (4) · better-auth (3) · @ckeditor/ckeditor5-real-time-collaboration (1)
18phpjabbers—
43 CVE2 critCVSS 6.5
PoC 43
cinema booking system (8) · hotel booking system (5) · restaurant booking system (5)
19q-free—
43 CVE9 critCVSS 7.4
NEW
maxtime (43)
20ооо «открытая мобильная платформа»—
42 CVECVSS 7.8
×3.0
ос аврора (40) · аврора центр (2)
21adobe systems inc.—
39 CVE1 critCVSS 6.6
adobe commerce b2b (31) · adobe commerce (24) · magento open source (24)
22go—
35 CVE7 critCVSS 7.6
KEV 1Nuclei 4PoC 1
github.com/mattermost/mattermost/server/v8 (4) · github.com/mayswind/ezbookkeeping (2) · github.com/clidey/whodb/core (2)
23google inc—
34 CVE1 critCVSS 7.0
PoC 4
android (15) · google chrome (10) · android studio (7)
24ао «нтц ит роса»—
32 CVECVSS 6.8
PoC 3
роса хром (16) · rosa virtualization 3.0 (14) · роса кобальт (10)
25cisco—
29 CVE2 critCVSS 6.5
PoC 28
ios xe (8) · ios (8) · cisco ios xe software (8)
26red hat—
29 CVECVSS 6.9
PoC 1
red hat enterprise linux 9 (25) · red hat enterprise linux 8 (25) · red hat enterprise linux 10 (25)
27enituretechnology—
28 CVE1 critCVSS 7.2
NEWNuclei 28
ltl freight quotes – unishippers edition (3) · ltl freight quotes – worldwide express edition (3) · ltl freight quotes – globaltranz edition (2)
28ibm corp.—
28 CVE1 critCVSS 6.4
ibm openpages with watson (8) · ibm openpages (8) · cognos controller (7)
29cisco systems inc.—
27 CVE1 critCVSS 6.4
PoC 26
cisco ios xe (8) · cisco ios (8) · asyncos (5)
30maven—
27 CVE3 critCVSS 6.8
KEV 1Nuclei 1PoC 3
org.apache.cassandra:cassandra-all (3) · org.keycloak:keycloak-services (2) · io.netty:netty-common (1)
31samsung mobile—
26 CVECVSS 5.5
samsung mobile devices (17) · blockchain keystore (2) · samsung email (1)
32pypi—
25 CVE6 critCVSS 7.3
PoC 5
mobsf (3) · vyper (3) · label-studio (2)
33ооо «нцпр»—
25 CVE3 critCVSS 6.9
мсвсфера (25)
34qualcomm—
24 CVE1 critCVSS 8.0
fastconnect 7800 firmware (23) · wcd9380 firmware (20) · fastconnect 6900 firmware (19)
35qualcomm, inc.—
24 CVE1 critCVSS 7.6
snapdragon (24)
36samsung—
24 CVECVSS 5.8
android (16) · blockchain keystore (2) · exynos 1480 firmware (2)
37google—
23 CVE1 critCVSS 6.9
android (12) · chrome (9) · application integration (1)
38tenda—
23 CVE10 critCVSS 8.6
PoC 9
w18e firmware (9) · ac8 firmware (5) · ac6 firmware (3)
39code-projects—
22 CVECVSS 4.7
PoC 22
real estate property management system (9) · blood bank system (3) · job recruitment (3)
40labredescefetrj—
22 CVE15 critCVSS 9.4
NEWPoC 8
wegia (22)
41sourcecodester—
22 CVECVSS 5.3
PoC 15
best church management software (8) · best employee management system (4) · employee management system (2)
42wegia—
22 CVE15 critCVSS 9.4
NEWPoC 8
wegia (22)
43gnu—
20 CVECVSS 4.0
×4.4PoC 18
binutils (13) · elfutils (6) · grub2 (1)
44phpgurukul—
20 CVE4 critCVSS 7.1
PoC 15
land record system (9) · online nurse hiring system (4) · daily expense tracker system (2)
45dlink—
19 CVE4 critCVSS 7.5
Nuclei 1PoC 7
dir-853 firmware (7) · dsl-3782 firmware (6) · dap-1320 firmware (2)
46d-link corp.—
19 CVE4 critCVSS 7.5
Nuclei 1PoC 7
dir-853 a1 (7) · dsl-3782 (6) · dap-1320 (2)
47gitlab—
19 CVE1 critCVSS 5.9
PoC 12
gitlab (19) · gitlab vscode fork (1)
48nvidia—
19 CVECVSS 4.8
PoC 1
cuda toolkit (10) · nvjpeg2000 (4) · igx orin (2)
49amd—
18 CVECVSS 6.5
amd ryzen™ 5000 series desktop processor with radeon™ graphics (10) · amd ryzen™ 4000 series mobile processors with radeon™ graphics (10) · amd ryzen™ 7035 series processor with radeon™ graphics (10)
50eniture—
18 CVECVSS 7.4
NEWNuclei 18
ltl freight quotes (13) · small package quotes (5)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	linux	910	·	·	·	×3.0PoC 3	linux kernel (910) · linux (909)	—
2	сообщество свободного программного обеспечения	715	14	1	3	KEV 1Nuclei 3PoC 18	linux (625) · debian gnu/linux (346) · xwayland (8)	—
3	canonical ltd.	323	4	·	·	PoC 5	ubuntu (323)	—
4	red hat inc.	286	2	·	·	PoC 6	red hat enterprise linux (280) · red hat openshift container platform (15) · red hat virtualization (6)	—
5	ооо «русбитех-астра»	254	7	·	·	PoC 17	astra linux special edition (252) · astra linux common edition (35) · пк св "брест" (2)	—
6	ао "нппкт"	194	7	·	·	PoC 7	осон основа оnyx (194)	—
7	ооо «ред софт»	157	5	·	·	PoC 12	ред ос (157)	—
8	ibm	79	2	·	·	PoC 1	entirex (13) · applinx (9) · security verify access (8)	—
9	microsoft corp	73	1	3	·	KEV 3PoC 1	windows server 2025 (server core installation) (37) · windows server 2025 (37) · windows 11 24h2 (35)	—
10	microsoft	67	1	3	·	KEV 3PoC 1	windows server 2025 (server core installation) (37) · windows server 2025 (37) · windows 11 version 24h2 (35)	—
11	intel corp.	64	·	·	·		12th generation intel core processor family (8) · 10th generation intel core processor family (8) · intel pentium gold processor family (7)	—
12	unknown	64	·	·	62	Nuclei 62PoC 64	paid membership plugin, ecommerce, user registration form, login form, user profile & restrict content (3) · zarinpal paid download (2) · wp finance (2)	—
13	packagist	60	4	·	1	Nuclei 1PoC 3	magento/project-community-edition (24) · magento/community-edition (24) · leantime/leantime (10)	—
14	novell inc.	56	1	·	·	PoC 5	suse linux enterprise server (53) · suse linux enterprise server for sap applications (50) · suse linux enterprise high performance computing (37)	—
15	ао «ивк»	56	5	·	·	PoC 5	альт сп 10 (35) · альт 8 сп (29)	—
16	adobe	51	1	·	·		adobe commerce (31) · commerce b2b (31) · magento (23)	—
17	npm	47	5	·	3	Nuclei 3PoC 3	mongosh (4) · better-auth (3) · @ckeditor/ckeditor5-real-time-collaboration (1)	—
18	phpjabbers	43	2	·	·	PoC 43	cinema booking system (8) · hotel booking system (5) · restaurant booking system (5)	—
19	q-free	43	9	·	·	NEW	maxtime (43)	—
20	ооо «открытая мобильная платформа»	42	·	·	·	×3.0	ос аврора (40) · аврора центр (2)	—
21	adobe systems inc.	39	1	·	·		adobe commerce b2b (31) · adobe commerce (24) · magento open source (24)	—
22	go	35	7	1	4	KEV 1Nuclei 4PoC 1	github.com/mattermost/mattermost/server/v8 (4) · github.com/mayswind/ezbookkeeping (2) · github.com/clidey/whodb/core (2)	—
23	google inc	34	1	·	·	PoC 4	android (15) · google chrome (10) · android studio (7)	—
24	ао «нтц ит роса»	32	·	·	·	PoC 3	роса хром (16) · rosa virtualization 3.0 (14) · роса кобальт (10)	—
25	cisco	29	2	·	·	PoC 28	ios xe (8) · ios (8) · cisco ios xe software (8)	—
26	red hat	29	·	·	·	PoC 1	red hat enterprise linux 9 (25) · red hat enterprise linux 8 (25) · red hat enterprise linux 10 (25)	—
27	enituretechnology	28	1	·	28	NEWNuclei 28	ltl freight quotes – unishippers edition (3) · ltl freight quotes – worldwide express edition (3) · ltl freight quotes – globaltranz edition (2)	—
28	ibm corp.	28	1	·	·		ibm openpages with watson (8) · ibm openpages (8) · cognos controller (7)	—
29	cisco systems inc.	27	1	·	·	PoC 26	cisco ios xe (8) · cisco ios (8) · asyncos (5)	—
30	maven	27	3	1	1	KEV 1Nuclei 1PoC 3	org.apache.cassandra:cassandra-all (3) · org.keycloak:keycloak-services (2) · io.netty:netty-common (1)	—
31	samsung mobile	26	·	·	·		samsung mobile devices (17) · blockchain keystore (2) · samsung email (1)	—
32	pypi	25	6	·	·	PoC 5	mobsf (3) · vyper (3) · label-studio (2)	—
33	ооо «нцпр»	25	3	·	·		мсвсфера (25)	—
34	qualcomm	24	1	·	·		fastconnect 7800 firmware (23) · wcd9380 firmware (20) · fastconnect 6900 firmware (19)	—
35	qualcomm, inc.	24	1	·	·		snapdragon (24)	—
36	samsung	24	·	·	·		android (16) · blockchain keystore (2) · exynos 1480 firmware (2)	—
37	google	23	1	·	·		android (12) · chrome (9) · application integration (1)	—
38	tenda	23	10	·	·	PoC 9	w18e firmware (9) · ac8 firmware (5) · ac6 firmware (3)	—
39	code-projects	22	·	·	·	PoC 22	real estate property management system (9) · blood bank system (3) · job recruitment (3)	—
40	labredescefetrj	22	15	·	·	NEWPoC 8	wegia (22)	—
41	sourcecodester	22	·	·	·	PoC 15	best church management software (8) · best employee management system (4) · employee management system (2)	—
42	wegia	22	15	·	·	NEWPoC 8	wegia (22)	—
43	gnu	20	·	·	·	×4.4PoC 18	binutils (13) · elfutils (6) · grub2 (1)	—
44	phpgurukul	20	4	·	·	PoC 15	land record system (9) · online nurse hiring system (4) · daily expense tracker system (2)	—
45	dlink	19	4	·	1	Nuclei 1PoC 7	dir-853 firmware (7) · dsl-3782 firmware (6) · dap-1320 firmware (2)	—
46	d-link corp.	19	4	·	1	Nuclei 1PoC 7	dir-853 a1 (7) · dsl-3782 (6) · dap-1320 (2)	—
47	gitlab	19	1	·	·	PoC 12	gitlab (19) · gitlab vscode fork (1)	—
48	nvidia	19	·	·	·	PoC 1	cuda toolkit (10) · nvjpeg2000 (4) · igx orin (2)	—
49	amd	18	·	·	·		amd ryzen™ 5000 series desktop processor with radeon™ graphics (10) · amd ryzen™ 4000 series mobile processors with radeon™ graphics (10) · amd ryzen™ 7035 series processor with radeon™ graphics (10)	—
50	eniture	18	·	·	18	NEWNuclei 18	ltl freight quotes (13) · small package quotes (5)	—