month report
January 2026
Data as of Jun 4, 2026, 13:26 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
January 2026 closed with 5,245 published CVEs. 437 criticals, 17 added to CISA KEV (2 ransomware-linked). linux led volume, mostly via linux. Top weakness class — CWE-79 (627 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
5,245
— MoM— YoY
Severity mix
437 / 1,660
critical / high
KEV added
17
2 ransomware-linked
Nuclei coverage
18.6%
976 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
43.2
n=976
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
5
n=13
Detection gap
KEV pressure, no Nuclei coverage
January 2026 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 3microsoft127 CVE
- KEV 3microsoft corp127 CVE
Weakness × Vendor
What's spreading where in January 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS862Missing Authorization89SQL Injection74Injection20Improper Input Validation22Path Traversal787Out-of-bounds Write428CWE-428284CWE-284352CSRFlinux1сообщество свободного программного обеспечения33842npm1932611142microsoft21318microsoft corp5138ао «ивк»3pypi731110132red hat inc.14go63131010canonical ltd.oracle corporation56ооо «ред софт»11261
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #14color59 CVE
- #15internationalcolorconsortium59 CVE
- #30meddream30 CVE
- #37e-plugins23 CVE
- #39sick ag23 CVE
- #45mikado-themes21 CVE
- #46tp-link systems inc.21 CVE
- #47dormakaba20 CVE
- #51yonyou20 CVE
- #52ancorathemes19 CVE
Top vendors
Ranked by distinct CVE count this period.
- 246 CVE1 critCVSS 6.1linux (246) · linux kernel (60)
- 206 CVE14 critCVSS 6.3Nuclei 5PoC 22linux (123) · debian gnu/linux (73) · gpac (10)
- 142 CVE20 critCVSS 7.1Nuclei 4PoC 30pnpm (8) · hono (6) · renovate (6)
- 127 CVE5 critCVSS 7.0KEV 3PoC 3windows 11 version 25h2 (83) · windows 11 25h2 (83) · windows server 2025 (server core installation) (83)
- 127 CVE5 critCVSS 7.0KEV 3PoC 2windows 11 25h2 (84) · windows server 2025 (84) · windows 11 24h2 (84)
- 118 CVE16 critCVSS 6.4PoC 11альт сп 10 (118) · альт 8 сп (48)
- 98 CVE6 critCVSS 6.8Nuclei 2PoC 12aiohttp (8) · fickling (5) · vllm (4)
- 91 CVE3 critCVSS 6.6PoC 2red hat enterprise linux (87) · red hat enterprise linux ai (8) · openshift container platform (7)
- 85 CVE11 critCVSS 6.8Nuclei 2PoC 11github.com/go-gitea/gitea (7) · github.com/siyuan-note/siyuan/kernel (4) · github.com/axllent/mailpit (4)
- 76 CVE2 critCVSS 5.9PoC 1ubuntu (76)
- 66 CVE2 critCVSS 6.2PoC 1oracle vm virtualbox (14) · mysql server (11) · oracle java se (5)
- 66 CVE4 critCVSS 6.3PoC 9ред ос (66)
- 64 CVE2 critCVSS 6.3PoC 1vm virtualbox (14) · mysql server (10) · jre (5)
- 59 CVE1 critCVSS 7.1NEWPoC 27iccdev (59)
- 59 CVE1 critCVSS 7.1NEWPoC 27iccdev (59)
- 58 CVE6 critCVSS 6.9PoC 15bagisto/bagisto (6) · craftcms/cms (5) · mineadmin/mineadmin (4)
- 56 CVE2 critCVSS 6.2PoC 1vm virtualbox (14) · mysql server (11) · java se (5)
- 53 CVE6 critCVSS 6.9Nuclei 1PoC 7net.gleske:jervis (7) · org.keycloak:keycloak-services (4) · org.xwiki.contrib:macro-fullcalendar-pom (2)
- 51 CVECVSS 5.9PoC 2platform v sberlinux os server (51)
- 49 CVE6 critCVSS 7.6PoC 16ax1806 firmware (11) · w30e firmware (11) · ax3 firmware (9)
- 44 CVECVSS 6.5PoC 44online product reservation system (13) · online music site (12) · intern membership management system (8)
- 42 CVE3 critCVSS 7.5PoC 9w30e v2 (11) · tenda w30e (11) · tenda ax1806 (8)
- 39 CVE3 critCVSS 7.6PoC 2android (25) · chrome (12) · sentencepiece (1)
- 39 CVECVSS 6.2db2 for linux, unix and windows (18) · db2 (18) · applinx (6)
- 35 CVE2 critCVSS 6.0qts (25) · quts hero (22) · hbs 3 hybrid backup sync (2)
- 33 CVE2 critCVSS 6.0qts (25) · quts hero (25) · license center (2)
- 33 CVE2 critCVSS 6.2PoC 1red hat enterprise linux 10 (18) · red hat enterprise linux 9 (18) · red hat enterprise linux 8 (17)
- 32 CVE4 critCVSS 7.3PoC 7rustfs (5) · sm2 (3) · gix-date (2)
- 32 CVE4 critCVSS 7.2PoC 31online product reservation system (13) · online music site (12) · mobile shop management system (4)
- 30 CVE1 critCVSS 6.3NEWPoC 23pacs server (29) · meddream pacs premium (29) · meddream pacs server (1)
- 28 CVECVSS 7.0mediatek chipset (28)
- 25 CVECVSS 7.3substance 3d modeler (6) · substance3d - modeler (6) · indesign (5)
- 25 CVECVSS 7.3adobe substance 3d modeler (6) · adobe dreamweaver cc (5) · adobe indesign (5)
- 24 CVECVSS 5.9elastic cloud storage (5) · objectscale (5) · powerscale onefs (4)
- 24 CVE1 critCVSS 6.9PoC 24junos os (20) · junos os evolved (9) · junos space (1)
- 24 CVE1 critCVSS 6.3PoC 7everest (11) · rekor (2) · backstage (2)
- 23 CVECVSS 7.6NEWNuclei 23hospital doctor directory (3) · hotel listing (3) · institutions directory (3)
- 23 CVECVSS 6.6PoC 23junos (20) · junos os evolved (9) · junos space (1)
- 23 CVE2 critCVSS 6.0NEWtdc-x401gl (13) · incoming goods suite (10) · sick tdc-x401gl (2)
- 22 CVE3 critCVSS 7.3PoC 1nimble (4) · nuttx (2) · solr (2)
- 22 CVE3 critCVSS 7.6PoC 1apache mynewt nimble (4) · apache airflow (2) · apache solr (2)
- 22 CVE1 critCVSS 7.1arubaos (aos) (12) · edgeconnect sd-wan orchestrator (5) · hpe aruba networking fabric composer (2)
- 22 CVECVSS 6.8wsa8845 firmware (20) · fastconnect 7800 firmware (20) · wsa8845h firmware (20)
- 22 CVECVSS 7.1snapdragon (22)
- 21 CVECVSS 5.9NEWNuclei 21curly (2) · dolcino (1) · fiorello (1)
- 21 CVECVSS 7.2NEWPoC 2vx800v v1.0 (5) · tapo c220 v1 (3) · omada controller (3)
- 20 CVECVSS 8.8NEWaccess manager 92xx-k5 (10) · access manager 92xx-k7 (8) · kaba exos 9300 (7)
- 20 CVE3 critCVSS 7.7PoC 2google chrome (13) · android studio (5) · protobuf (1)
- 20 CVE4 critCVSS 6.4PoC 18news portal (6) · cyber cafe management system (4) · online course registration (3)
- 20 CVE4 critCVSS 6.5sap fiori app (intercompany balance reconciliation) (6) · nw as java ume user mapping (1) · sap application server for abap and sap netweaver rfcsdk (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | linux | 246 | 1 | · | · | linux (246) · linux kernel (60) | — | ||
| 2 | сообщество свободного программного обеспечения | 206 | 14 | · | 5 | Nuclei 5PoC 22 | linux (123) · debian gnu/linux (73) · gpac (10) | — | |
| 3 | npm | 142 | 20 | · | 4 | Nuclei 4PoC 30 | pnpm (8) · hono (6) · renovate (6) | — | |
| 4 | microsoft | 127 | 5 | 3 | · | KEV 3PoC 3 | windows 11 version 25h2 (83) · windows 11 25h2 (83) · windows server 2025 (server core installation) (83) | — | |
| 5 | microsoft corp | 127 | 5 | 3 | · | KEV 3PoC 2 | windows 11 25h2 (84) · windows server 2025 (84) · windows 11 24h2 (84) | — | |
| 6 | ао «ивк» | 118 | 16 | · | · | PoC 11 | альт сп 10 (118) · альт 8 сп (48) | — | |
| 7 | pypi | 98 | 6 | · | 2 | Nuclei 2PoC 12 | aiohttp (8) · fickling (5) · vllm (4) | — | |
| 8 | red hat inc. | 91 | 3 | · | · | PoC 2 | red hat enterprise linux (87) · red hat enterprise linux ai (8) · openshift container platform (7) | — | |
| 9 | go | 85 | 11 | · | 2 | Nuclei 2PoC 11 | github.com/go-gitea/gitea (7) · github.com/siyuan-note/siyuan/kernel (4) · github.com/axllent/mailpit (4) | — | |
| 10 | canonical ltd. | 76 | 2 | · | · | PoC 1 | ubuntu (76) | — | |
| 11 | oracle corporation | 66 | 2 | · | · | PoC 1 | oracle vm virtualbox (14) · mysql server (11) · oracle java se (5) | — | |
| 12 | ооо «ред софт» | 66 | 4 | · | · | PoC 9 | ред ос (66) | — | |
| 13 | oracle | 64 | 2 | · | · | PoC 1 | vm virtualbox (14) · mysql server (10) · jre (5) | — | |
| 14 | color | 59 | 1 | · | · | NEWPoC 27 | iccdev (59) | — | |
| 15 | internationalcolorconsortium | 59 | 1 | · | · | NEWPoC 27 | iccdev (59) | — | |
| 16 | packagist | 58 | 6 | · | · | PoC 15 | bagisto/bagisto (6) · craftcms/cms (5) · mineadmin/mineadmin (4) | — | |
| 17 | oracle corp. | 56 | 2 | · | · | PoC 1 | vm virtualbox (14) · mysql server (11) · java se (5) | — | |
| 18 | maven | 53 | 6 | · | 1 | Nuclei 1PoC 7 | net.gleske:jervis (7) · org.keycloak:keycloak-services (4) · org.xwiki.contrib:macro-fullcalendar-pom (2) | — | |
| 19 | ао «сбертех» | 51 | · | · | · | PoC 2 | platform v sberlinux os server (51) | — | |
| 20 | tenda | 49 | 6 | · | · | PoC 16 | ax1806 firmware (11) · w30e firmware (11) · ax3 firmware (9) | — | |
| 21 | code-projects | 44 | · | · | · | PoC 44 | online product reservation system (13) · online music site (12) · intern membership management system (8) | — | |
| 22 | shenzhen tenda technology co., ltd. | 42 | 3 | · | · | PoC 9 | w30e v2 (11) · tenda w30e (11) · tenda ax1806 (8) | — | |
| 23 | 39 | 3 | · | · | PoC 2 | android (25) · chrome (12) · sentencepiece (1) | — | ||
| 24 | ibm | 39 | · | · | · | db2 for linux, unix and windows (18) · db2 (18) · applinx (6) | — | ||
| 25 | qnap systems inc. | 35 | 2 | · | · | qts (25) · quts hero (22) · hbs 3 hybrid backup sync (2) | — | ||
| 26 | qnap | 33 | 2 | · | · | qts (25) · quts hero (25) · license center (2) | — | ||
| 27 | red hat | 33 | 2 | · | · | PoC 1 | red hat enterprise linux 10 (18) · red hat enterprise linux 9 (18) · red hat enterprise linux 8 (17) | — | |
| 28 | crates.io | 32 | 4 | · | · | PoC 7 | rustfs (5) · sm2 (3) · gix-date (2) | — | |
| 29 | fabian | 32 | 4 | · | · | PoC 31 | online product reservation system (13) · online music site (12) · mobile shop management system (4) | — | |
| 30 | meddream | 30 | 1 | · | · | NEWPoC 23 | pacs server (29) · meddream pacs premium (29) · meddream pacs server (1) | — | |
| 31 | mediatek, inc. | 28 | · | · | · | mediatek chipset (28) | — | ||
| 32 | adobe | 25 | · | · | · | substance 3d modeler (6) · substance3d - modeler (6) · indesign (5) | — | ||
| 33 | adobe systems inc. | 25 | · | · | · | adobe substance 3d modeler (6) · adobe dreamweaver cc (5) · adobe indesign (5) | — | ||
| 34 | dell | 24 | · | · | · | elastic cloud storage (5) · objectscale (5) · powerscale onefs (4) | — | ||
| 35 | juniper networks | 24 | 1 | · | · | PoC 24 | junos os (20) · junos os evolved (9) · junos space (1) | — | |
| 36 | linuxfoundation | 24 | 1 | · | · | PoC 7 | everest (11) · rekor (2) · backstage (2) | — | |
| 37 | e-plugins | 23 | · | · | 23 | NEWNuclei 23 | hospital doctor directory (3) · hotel listing (3) · institutions directory (3) | — | |
| 38 | juniper | 23 | · | · | · | PoC 23 | junos (20) · junos os evolved (9) · junos space (1) | — | |
| 39 | sick ag | 23 | 2 | · | · | NEW | tdc-x401gl (13) · incoming goods suite (10) · sick tdc-x401gl (2) | — | |
| 40 | apache | 22 | 3 | · | · | PoC 1 | nimble (4) · nuttx (2) · solr (2) | — | |
| 41 | apache software foundation | 22 | 3 | · | · | PoC 1 | apache mynewt nimble (4) · apache airflow (2) · apache solr (2) | — | |
| 42 | hewlett packard enterprise (hpe) | 22 | 1 | · | · | arubaos (aos) (12) · edgeconnect sd-wan orchestrator (5) · hpe aruba networking fabric composer (2) | — | ||
| 43 | qualcomm | 22 | · | · | · | wsa8845 firmware (20) · fastconnect 7800 firmware (20) · wsa8845h firmware (20) | — | ||
| 44 | qualcomm, inc. | 22 | · | · | · | snapdragon (22) | — | ||
| 45 | mikado-themes | 21 | · | · | 21 | NEWNuclei 21 | curly (2) · dolcino (1) · fiorello (1) | — | |
| 46 | tp-link systems inc. | 21 | · | · | · | NEWPoC 2 | vx800v v1.0 (5) · tapo c220 v1 (3) · omada controller (3) | — | |
| 47 | dormakaba | 20 | · | · | · | NEW | access manager 92xx-k5 (10) · access manager 92xx-k7 (8) · kaba exos 9300 (7) | — | |
| 48 | google inc | 20 | 3 | · | · | PoC 2 | google chrome (13) · android studio (5) · protobuf (1) | — | |
| 49 | phpgurukul | 20 | 4 | · | · | PoC 18 | news portal (6) · cyber cafe management system (4) · online course registration (3) | — | |
| 50 | sap_se | 20 | 4 | · | · | sap fiori app (intercompany balance reconciliation) (6) · nw as java ume user mapping (1) · sap application server for abap and sap netweaver rfcsdk (1) | — |