month report
February 2026
Data as of Jun 4, 2026, 13:26 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
February 2026 closed with 4,931 published CVEs. 495 criticals, 28 added to CISA KEV (2 ransomware-linked). npm led volume, mostly via openclaw. Top weakness class — CWE-79 (678 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
4,931
— MoM— YoY
Severity mix
495 / 1,621
critical / high
KEV added
28
2 ransomware-linked
Nuclei coverage
14.2%
702 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
15.7
n=702
Within 7 days
0.3%
Within 30 days
87.3%
Days → KEV (median)
4
n=19
Detection gap
KEV pressure, no Nuclei coverage
February 2026 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 7microsoft corp71 CVE
- KEV 6microsoft64 CVE
- KEV 1apple75 CVE
- KEV 1google34 CVE
- KEV 1dell24 CVE
Weakness × Vendor
What's spreading where in February 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS862Missing Authorization89SQL Injection22Path Traversal78OS Command Injection119Memory Buffer Bounds74Injection121CWE-12194Code Injection787Out-of-bounds Writenpm22541416917linux1go91012061pypi1426101171packagist37315214apple18122microsoft corp239microsoft1137ibm411mozilla53tenda214224сообщество свободного программного обеспечения7172214
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #18wikimedia foundation47 CVE
- #25tanium40 CVE
- #28openclaw35 CVE
- #30imagemagick34 CVE
- #31tp-link systems inc.30 CVE
- #32comodo29 CVE
- #33nsasoft29 CVE
- #39open-emr27 CVE
- #40openemr27 CVE
- #47copeland23 CVE
Top vendors
Ranked by distinct CVE count this period.
- 227 CVE48 critCVSS 7.4Nuclei 3PoC 27openclaw (42) · n8n (24) · fuxa-server (12)
- 220 CVE1 critCVSS 7.0linux (220) · linux kernel (21)
- 143 CVE20 critCVSS 6.9PoC 16gogs.io/gogs (12) · github.com/mattermost/mattermost-server (6) · code.vikunja.io/api (6)
- 126 CVE20 critCVSS 6.9Nuclei 4PoC 11django (6) · pypdf (6) · rucio-webui (6)
- 96 CVE4 critCVSS 6.5Nuclei 1PoC 30craftcms/cms (12) · moodle/moodle (11) · craftcms/commerce (9)
- 75 CVE1 critCVSS 6.0KEV 1macos (64) · ios and ipados (50) · ipados (49)
- 71 CVE3 critCVSS 7.3KEV 7PoC 4windows server 2025 (server core installation) (29) · windows server 2025 (29) · windows server 2022, 23h2 edition (server core installation) (28)
- 64 CVE4 critCVSS 7.3KEV 6PoC 2windows server 2025 (29) · windows server 2025 (server core installation) (29) · windows server 2022 23h2 (28)
- 57 CVE1 critCVSS 5.8concert (11) · db2 recovery expert (6) · db2 recovery expert for luw (6)
- 54 CVE44 critCVSS 9.4firefox (54) · thunderbird (51) · firefox for ios (2)
- 54 CVECVSS 8.3PoC 43f453 firmware (12) · f453 (12) · a21 firmware (6)
- 52 CVE8 critCVSS 6.8PoC 10n8n (10) · debian gnu/linux (9) · vim (8)
- 49 CVE1 critCVSS 6.4qsync central (28) · file station (13) · quts hero (6)
- 49 CVE1 critCVSS 6.4qsync central (28) · file station 5 (13) · quts hero (6)
- 48 CVECVSS 7.1PoC 47dwr-m960 (20) · dir-823x (13) · dir-619l (3)
- 48 CVECVSS 7.1PoC 47dwr-m960 firmware (20) · dir-823x firmware (13) · dwr-m921 firmware (3)
- 48 CVE1 critCVSS 6.6Nuclei 1PoC 2ред ос (48)
- 47 CVE1 critCVSS 6.2NEWmediawiki (28) · checkuser (7) · visualeditor (2)
- 46 CVE1 critCVSS 6.0magick.net-q8-openmp-arm64 (42) · magick.net-q8-anycpu (42) · magick.net-q16-openmp-x64 (42)
- 44 CVECVSS 6.9after effects (15) · substance3d - designer (7) · substance 3d designer (7)
- 44 CVECVSS 6.9adobe after effects (15) · adobe substance 3d designer (7) · adobe audition (6)
- 42 CVECVSS 6.1amd epyc™ 9005 series processors (16) · amd epyc™ embedded 9005 series processors (14) · amd ryzen™ embedded 8000 series processors (11)
- 40 CVE1 critCVSS 7.4PoC 2rustfs (4) · wasmtime (3) · pgp (3)
- 40 CVE1 critCVSS 6.2PoC 4red hat enterprise linux 6 (19) · red hat enterprise linux 9 (18) · red hat enterprise linux 10 (18)
- 40 CVECVSS 5.7NEWthreat response (5) · tanos (5) · tanium appliance (4)
- 39 CVE5 critCVSS 6.3PoC 9org.keycloak:keycloak-services (6) · org.neo4j:neo4j (2) · org.jenkins-ci.main:jenkins-core (2)
- 37 CVECVSS 6.9PoC 37school management system (9) · event management system (6) · student management system (5)
- 35 CVE2 critCVSS 6.9NEWPoC 2openclaw (35) · clawdbot (2) · @openclaw/bluebubbles (1)
- 34 CVE4 critCVSS 7.7KEV 1PoC 1chrome (20) · android (9) · libjxl (2)
- 34 CVECVSS 6.0NEWimagemagick (34)
- 30 CVE1 critCVSS 7.9NEWarcher be230 v1.2 (11) · archer ax53 v1.0 (10) · tapo c260 v1 (3)
- 29 CVECVSS 6.2NEWPoC 29comodo dome firewall (29) · dome firewall (29)
- 29 CVE1 critCVSS 7.6NEWPoC 29spotauditor (3) · nsauditor spotauditor (3) · netsharewatcher (2)
- 29 CVECVSS 7.6PoC 20f453 (5) · tenda rx3 (5) · tenda f3 (4)
- 28 CVECVSS 6.5PoC 22online reviewer system (12) · online music site (5) · contact management system (2)
- 28 CVECVSS 7.3archer be230 firmware (12) · archer ax53 firmware (10) · tapo c260 firmware (3)
- 27 CVE1 critCVSS 6.6PoC 20online reviewer system (12) · online music site (6) · contact management system (2)
- 27 CVE7 critCVSS 7.8PoC 7freerdp (27)
- 27 CVE2 critCVSS 7.1NEWPoC 8openemr (27)
- 27 CVE2 critCVSS 7.1NEWPoC 8openemr (27)
- 27 CVE2 critCVSS 6.4businessobjects business intelligence platform (4) · s4core (3) · solution tools plug-in (3)
- 27 CVE2 critCVSS 6.0sap businessobjects bi platform (2) · sap document management system (2) · sap commerce cloud (2)
- 27 CVE1 critCVSS 6.9archer be230 (10) · archer ax53 (10) · tapo c260 (3)
- 26 CVE1 critCVSS 6.0PoC 13gitlab (25) · gitlab ai gateway (1)
- 25 CVE2 critCVSS 7.1PoC 2apache airflow (5) · apache superset (5) · tomcat (3)
- 24 CVE1 critCVSS 6.9KEV 1powermax (5) · unisphere for powermax (5) · wyse management suite (4)
- 23 CVE2 critCVSS 7.7NEWcopeland xweb 300d pro (23) · copeland xweb 500b pro (23) · copeland xweb 500d pro (23)
- 23 CVE1 critCVSS 5.8NEWPoC 14craft cms (12) · cms (12) · craft commerce (10)
- 23 CVECVSS 5.8PoC 22patients waiting area queue management system (5) · student result management system (3) · simple responsive tourism website (3)
- 23 CVE1 critCVSS 6.0NEWwekan (23)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | npm | 227 | 48 | · | 3 | Nuclei 3PoC 27 | openclaw (42) · n8n (24) · fuxa-server (12) | — | |
| 2 | linux | 220 | 1 | · | · | linux (220) · linux kernel (21) | — | ||
| 3 | go | 143 | 20 | · | · | PoC 16 | gogs.io/gogs (12) · github.com/mattermost/mattermost-server (6) · code.vikunja.io/api (6) | — | |
| 4 | pypi | 126 | 20 | · | 4 | Nuclei 4PoC 11 | django (6) · pypdf (6) · rucio-webui (6) | — | |
| 5 | packagist | 96 | 4 | · | 1 | Nuclei 1PoC 30 | craftcms/cms (12) · moodle/moodle (11) · craftcms/commerce (9) | — | |
| 6 | apple | 75 | 1 | 1 | · | KEV 1 | macos (64) · ios and ipados (50) · ipados (49) | — | |
| 7 | microsoft corp | 71 | 3 | 7 | · | KEV 7PoC 4 | windows server 2025 (server core installation) (29) · windows server 2025 (29) · windows server 2022, 23h2 edition (server core installation) (28) | — | |
| 8 | microsoft | 64 | 4 | 6 | · | KEV 6PoC 2 | windows server 2025 (29) · windows server 2025 (server core installation) (29) · windows server 2022 23h2 (28) | — | |
| 9 | ibm | 57 | 1 | · | · | concert (11) · db2 recovery expert (6) · db2 recovery expert for luw (6) | — | ||
| 10 | mozilla | 54 | 44 | · | · | firefox (54) · thunderbird (51) · firefox for ios (2) | — | ||
| 11 | tenda | 54 | · | · | · | PoC 43 | f453 firmware (12) · f453 (12) · a21 firmware (6) | — | |
| 12 | сообщество свободного программного обеспечения | 52 | 8 | · | · | PoC 10 | n8n (10) · debian gnu/linux (9) · vim (8) | — | |
| 13 | qnap | 49 | 1 | · | · | qsync central (28) · file station (13) · quts hero (6) | — | ||
| 14 | qnap systems inc. | 49 | 1 | · | · | qsync central (28) · file station 5 (13) · quts hero (6) | — | ||
| 15 | d-link | 48 | · | · | · | PoC 47 | dwr-m960 (20) · dir-823x (13) · dir-619l (3) | — | |
| 16 | dlink | 48 | · | · | · | PoC 47 | dwr-m960 firmware (20) · dir-823x firmware (13) · dwr-m921 firmware (3) | — | |
| 17 | ооо «ред софт» | 48 | 1 | · | 1 | Nuclei 1PoC 2 | ред ос (48) | — | |
| 18 | wikimedia foundation | 47 | 1 | · | · | NEW | mediawiki (28) · checkuser (7) · visualeditor (2) | — | |
| 19 | nuget | 46 | 1 | · | · | magick.net-q8-openmp-arm64 (42) · magick.net-q8-anycpu (42) · magick.net-q16-openmp-x64 (42) | — | ||
| 20 | adobe | 44 | · | · | · | after effects (15) · substance3d - designer (7) · substance 3d designer (7) | — | ||
| 21 | adobe systems inc. | 44 | · | · | · | adobe after effects (15) · adobe substance 3d designer (7) · adobe audition (6) | — | ||
| 22 | amd | 42 | · | · | · | amd epyc™ 9005 series processors (16) · amd epyc™ embedded 9005 series processors (14) · amd ryzen™ embedded 8000 series processors (11) | — | ||
| 23 | crates.io | 40 | 1 | · | · | PoC 2 | rustfs (4) · wasmtime (3) · pgp (3) | — | |
| 24 | red hat | 40 | 1 | · | · | PoC 4 | red hat enterprise linux 6 (19) · red hat enterprise linux 9 (18) · red hat enterprise linux 10 (18) | — | |
| 25 | tanium | 40 | · | · | · | NEW | threat response (5) · tanos (5) · tanium appliance (4) | — | |
| 26 | maven | 39 | 5 | · | · | PoC 9 | org.keycloak:keycloak-services (6) · org.neo4j:neo4j (2) · org.jenkins-ci.main:jenkins-core (2) | — | |
| 27 | itsourcecode | 37 | · | · | · | PoC 37 | school management system (9) · event management system (6) · student management system (5) | — | |
| 28 | openclaw | 35 | 2 | · | · | NEWPoC 2 | openclaw (35) · clawdbot (2) · @openclaw/bluebubbles (1) | — | |
| 29 | 34 | 4 | 1 | · | KEV 1PoC 1 | chrome (20) · android (9) · libjxl (2) | — | ||
| 30 | imagemagick | 34 | · | · | · | NEW | imagemagick (34) | — | |
| 31 | tp-link systems inc. | 30 | 1 | · | · | NEW | archer be230 v1.2 (11) · archer ax53 v1.0 (10) · tapo c260 v1 (3) | — | |
| 32 | comodo | 29 | · | · | · | NEWPoC 29 | comodo dome firewall (29) · dome firewall (29) | — | |
| 33 | nsasoft | 29 | 1 | · | · | NEWPoC 29 | spotauditor (3) · nsauditor spotauditor (3) · netsharewatcher (2) | — | |
| 34 | shenzhen tenda technology co., ltd. | 29 | · | · | · | PoC 20 | f453 (5) · tenda rx3 (5) · tenda f3 (4) | — | |
| 35 | code-projects | 28 | · | · | · | PoC 22 | online reviewer system (12) · online music site (5) · contact management system (2) | — | |
| 36 | tp-link | 28 | · | · | · | archer be230 firmware (12) · archer ax53 firmware (10) · tapo c260 firmware (3) | — | ||
| 37 | fabian | 27 | 1 | · | · | PoC 20 | online reviewer system (12) · online music site (6) · contact management system (2) | — | |
| 38 | freerdp | 27 | 7 | · | · | PoC 7 | freerdp (27) | — | |
| 39 | open-emr | 27 | 2 | · | · | NEWPoC 8 | openemr (27) | — | |
| 40 | openemr | 27 | 2 | · | · | NEWPoC 8 | openemr (27) | — | |
| 41 | sap | 27 | 2 | · | · | businessobjects business intelligence platform (4) · s4core (3) · solution tools plug-in (3) | — | ||
| 42 | sap_se | 27 | 2 | · | · | sap businessobjects bi platform (2) · sap document management system (2) · sap commerce cloud (2) | — | ||
| 43 | tp-link technologies co ltd. | 27 | 1 | · | · | archer be230 (10) · archer ax53 (10) · tapo c260 (3) | — | ||
| 44 | gitlab | 26 | 1 | · | · | PoC 13 | gitlab (25) · gitlab ai gateway (1) | — | |
| 45 | apache software foundation | 25 | 2 | · | · | PoC 2 | apache airflow (5) · apache superset (5) · tomcat (3) | — | |
| 46 | dell | 24 | 1 | 1 | · | KEV 1 | powermax (5) · unisphere for powermax (5) · wyse management suite (4) | — | |
| 47 | copeland | 23 | 2 | · | · | NEW | copeland xweb 300d pro (23) · copeland xweb 500b pro (23) · copeland xweb 500d pro (23) | — | |
| 48 | craftcms | 23 | 1 | · | · | NEWPoC 14 | craft cms (12) · cms (12) · craft commerce (10) | — | |
| 49 | sourcecodester | 23 | · | · | · | PoC 22 | patients waiting area queue management system (5) · student result management system (3) · simple responsive tourism website (3) | — | |
| 50 | wekan project | 23 | 1 | · | · | NEW | wekan (23) | — |