month report

May 2026

Data as of Jun 8, 2026, 05:00 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

May 2026 closed with 7,241 published CVEs — +66.0% YoY . 627 criticals, 21 added to CISA KEV (2 ransomware-linked). linux led volume, mostly via linux. Biggest breakout: google at ×8.8 their 12-month median. Top weakness class — CWE-79 (596 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

7,241

+12.5% MoM+66.0% YoY

Severity mix

627 / 2,624

critical / high

KEV added

2 ransomware-linked

Nuclei coverage

0.5%

33 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

9.4

n=22

Within 7 days

45.5%

Within 30 days

100.0%

Days → KEV (median)

n=15

Detection gap

KEV pressure, no Nuclei coverage

May 2026 · vendors with active exploitation listed by CISA but no public detection template.

KEV 3microsoft171 CVE
KEV 1siemens21 CVE

Weakness × Vendor

What's spreading where in May 2026

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

8.8×google381 CVE
7.9×edimax59 CVE
5.9×f553 CVE
5.1×concretecms36 CVE
4.7×helmholz42 CVE
4.7×mb connect line42 CVE
4.3×trendnet26 CVE
4.1×apache software foundation87 CVE
4.0×apache80 CVE
4.0×open5gs38 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#18concrete cms44 CVE
#21open ises44 CVE
#22helmholz42 CVE
#23mb connect line42 CVE
#27concretecms36 CVE
#32netatalk33 CVE
#41trendnet26 CVE
#46budibase21 CVE
#54joomla20 CVE
#55joomla! project20 CVE

Top vendors

Ranked by distinct CVE count this period.

1linux·
1,034 CVE43 critCVSS 6.7
linux (1034) · linux kernel (573)
2google↑3
381 CVE13 critCVSS 7.0
×8.8
chrome (373) · android (7) · mcp toolbox for databases (1)
3microsoft·
171 CVE24 critCVSS 7.5
KEV 3
windows server 2025 (server core installation) (65) · windows server 2025 (65) · windows 11 version 24h2 (60)
4apple↑65
100 CVECVSS 6.8
macos (91) · ipados (70) · iphone os (70)
5apache software foundation↑7
87 CVE19 critCVSS 7.3
×4.1
apache ofbiz (17) · apache http server (11) · apache cloudstack (7)
6npm↓4
86 CVE
openclaw (33) · flowise (15) · @hulumi/policies (4)
7apache↑7
80 CVE18 critCVSS 7.3
×4.0
ofbiz (17) · http server (11) · tomcat (7)
8openclaw↓4
75 CVE8 critCVSS 7.1
openclaw (70) · crabbox (5)
9edimax—
59 CVECVSS 7.8
×7.9
ew-7438rpn (24) · br-6675nd (12) · br-6478ac (11)
10open-webui—
59 CVE1 critCVSS 6.6
Nuclei 2
open-webui (59)
11openwebui—
59 CVE1 critCVSS 6.6
Nuclei 2
open webui (59)
12red hat↑3
57 CVE3 critCVSS 7.0
red hat enterprise linux 9 (24) · red hat enterprise linux 10 (24) · red hat enterprise linux 8 (23)
13f5—
53 CVE1 critCVSS 7.1
×5.9
big-ip (44) · big-iq (9) · nginx open source (7)
14adobe↑5
51 CVE2 critCVSS 6.9
commerce b2b (15) · adobe commerce (15) · commerce (15)
15totolink↓6
50 CVE31 critCVSS 8.8
a8000ru (26) · ca750-poe (9) · n300rh (7)
16amd—
49 CVECVSS 7.8
×3.3
amd ryzen™ embedded 8000 series processors (18) · amd ryzen™ 8040 series mobile processors with radeon™ graphics (formerly codenamed "hawk point") (12) · amd ryzen™ 7035 series processors with radeon™ graphics (formerly codenamed "rembrandt r") (12)
17ibm↑8
49 CVE6 critCVSS 6.9
http server (8) · db2 (6) · aspera high-speed transfer endpoint (4)
18concrete cms—
44 CVECVSS 7.0
NEW
concrete cms (44)
19crates.io↑40
44 CVE
gix (4) · imageproc (3) · astral-tokio-tar (3)
20mozilla↑3
44 CVE9 critCVSS 8.1
firefox (43) · thunderbird (37) · firefox for ios (2)
21open ises—
44 CVECVSS 6.4
NEW
tickets (37) · open ises project (7)
22helmholz—
42 CVECVSS 6.6
NEW×4.7
myrex24v2 (40) · myrex24v2.virtual (40) · rex100 (2)
23mb connect line—
42 CVECVSS 6.6
NEW×4.7
mbconnect24 (40) · mymbconnect24 (40) · mbnet/mbnet.rokey (2)
24go↓8
41 CVE
github.com/lin-snow/ech0 (7) · github.com/kong/kubernetes-ingress-controller/v3 (2) · github.com/caddyserver/caddy/v2 (2)
25open5gs—
38 CVECVSS 4.5
×4.0
open5gs (38)
26pypi↓9
37 CVECVSS 7.3
PoC 1
stigmem-node (6) · wger (4) · edumfa (3)
27concretecms—
36 CVECVSS 7.0
NEW×5.1
concrete cms (36)
28mattermost↑127
36 CVECVSS 5.1
×3.8
mattermost (36) · mattermost server (24) · mattermost desktop (2)
29packagist↓11
36 CVE1 critCVSS 9.1
thorsten/phpmyfaq (17) · phpmyfaq/phpmyfaq (17) · azuracast/azuracast (3)
30redhat↓6
34 CVE1 critCVSS 6.6
build of keycloak (24) · enterprise linux (10) · openshift container platform (7)
31sourcecodester↓10
34 CVECVSS 5.8
hospitals patient records management system (6) · sup online shopping (5) · indian invoicing system (4)
32netatalk—
33 CVE1 critCVSS 5.8
NEW
netatalk (33)
33nvidia↑47
33 CVE1 critCVSS 7.1
tesla (12) · geforce (12) · nvidia rtx, quadro, nvs (12)
34hewlett packard enterprise (hpe)—
32 CVECVSS 7.1
×3.2
hpe aruba networking wireless operating system (aos) (27) · arubaos (aos) (5)
35oracle corporation↓28
32 CVE9 critCVSS 7.7
oracle rest data services (10) · oracle payroll (3) · oracle database server (3)
36gitlab↑13
31 CVECVSS 5.6
gitlab (31)
37oracle↓29
31 CVE9 critCVSS 7.7
rest data services (10) · e-business suite (7) · database server (3)
38golang↑51
30 CVE8 critCVSS 7.2
×3.2
crypto (13) · go (11) · net (6)
39arubanetworks—
27 CVECVSS 7.1
arubaos (27) · sd-wan (26)
40palo alto networks—
27 CVE2 critCVSS 9.4
×3.9KEV 2Nuclei 1PoC 27
prisma access (9) · cloud ngfw (9) · pan-os (9)
41trendnet↑134
26 CVECVSS 7.1
NEW×4.3
tew-432brp (20) · tew-821dap firmware (6) · tew-821dap (6)
42hcl—
24 CVECVSS 4.3
aion (9) · bigfix service management (sm) (8) · dfxanalytics (5)
43code-projects↓33
23 CVECVSS 5.9
employee management system (9) · online hospital management system (3) · online music site (2)
44jetbrains—
22 CVECVSS 5.9
teamcity (12) · youtrack (5) · intellij idea (4)
45wwbn↓7
22 CVECVSS 5.8
avideo (22)
46budibase↑117
21 CVE2 critCVSS 7.7
NEW×3.0
budibase (21)
47dell↓21
21 CVE1 critCVSS 6.1
powerflex manager (rack) (8) · powerflex manager (8) · powerflex manager (appliance) (8)
48hcltech—
21 CVECVSS 5.0
bigfix service management (14) · dfxanalytics (5) · bigfix webui application administration (2)
49siemens↑123
21 CVE6 critCVSS 7.7
KEV 1PoC 1
simatic s7-1500 cpu 1516f-3 pn/dp (4) · simatic s7-1500 cpu 1516-3 pn/dp (4) · simatic s7-1500 cpu 1515f-2 pn (4)
50cisco↓14
20 CVE2 critCVSS 6.8
KEV 1Nuclei 1PoC 20
cisco catalyst sd-wan manager (4) · cisco iot field network director (iot-fnd) (3) · cisco identity services engine software (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	linux	1,034	43	·	·		linux (1034) · linux kernel (573)	·
2	google	381	13	·	·	×8.8	chrome (373) · android (7) · mcp toolbox for databases (1)	↑3
3	microsoft	171	24	3	·	KEV 3	windows server 2025 (server core installation) (65) · windows server 2025 (65) · windows 11 version 24h2 (60)	·
4	apple	100	·	·	·		macos (91) · ipados (70) · iphone os (70)	↑65
5	apache software foundation	87	19	·	·	×4.1	apache ofbiz (17) · apache http server (11) · apache cloudstack (7)	↑7
6	npm	86	·	·	·		openclaw (33) · flowise (15) · @hulumi/policies (4)	↓4
7	apache	80	18	·	·	×4.0	ofbiz (17) · http server (11) · tomcat (7)	↑7
8	openclaw	75	8	·	·		openclaw (70) · crabbox (5)	↓4
9	edimax	59	·	·	·	×7.9	ew-7438rpn (24) · br-6675nd (12) · br-6478ac (11)	—
10	open-webui	59	1	·	2	Nuclei 2	open-webui (59)	—
11	openwebui	59	1	·	2	Nuclei 2	open webui (59)	—
12	red hat	57	3	·	·		red hat enterprise linux 9 (24) · red hat enterprise linux 10 (24) · red hat enterprise linux 8 (23)	↑3
13	f5	53	1	·	·	×5.9	big-ip (44) · big-iq (9) · nginx open source (7)	—
14	adobe	51	2	·	·		commerce b2b (15) · adobe commerce (15) · commerce (15)	↑5
15	totolink	50	31	·	·		a8000ru (26) · ca750-poe (9) · n300rh (7)	↓6
16	amd	49	·	·	·	×3.3	amd ryzen™ embedded 8000 series processors (18) · amd ryzen™ 8040 series mobile processors with radeon™ graphics (formerly codenamed "hawk point") (12) · amd ryzen™ 7035 series processors with radeon™ graphics (formerly codenamed "rembrandt r") (12)	—
17	ibm	49	6	·	·		http server (8) · db2 (6) · aspera high-speed transfer endpoint (4)	↑8
18	concrete cms	44	·	·	·	NEW	concrete cms (44)	—
19	crates.io	44	·	·	·		gix (4) · imageproc (3) · astral-tokio-tar (3)	↑40
20	mozilla	44	9	·	·		firefox (43) · thunderbird (37) · firefox for ios (2)	↑3
21	open ises	44	·	·	·	NEW	tickets (37) · open ises project (7)	—
22	helmholz	42	·	·	·	NEW×4.7	myrex24v2 (40) · myrex24v2.virtual (40) · rex100 (2)	—
23	mb connect line	42	·	·	·	NEW×4.7	mbconnect24 (40) · mymbconnect24 (40) · mbnet/mbnet.rokey (2)	—
24	go	41	·	·	·		github.com/lin-snow/ech0 (7) · github.com/kong/kubernetes-ingress-controller/v3 (2) · github.com/caddyserver/caddy/v2 (2)	↓8
25	open5gs	38	·	·	·	×4.0	open5gs (38)	—
26	pypi	37	·	·	·	PoC 1	stigmem-node (6) · wger (4) · edumfa (3)	↓9
27	concretecms	36	·	·	·	NEW×5.1	concrete cms (36)	—
28	mattermost	36	·	·	·	×3.8	mattermost (36) · mattermost server (24) · mattermost desktop (2)	↑127
29	packagist	36	1	·	·		thorsten/phpmyfaq (17) · phpmyfaq/phpmyfaq (17) · azuracast/azuracast (3)	↓11
30	redhat	34	1	·	·		build of keycloak (24) · enterprise linux (10) · openshift container platform (7)	↓6
31	sourcecodester	34	·	·	·		hospitals patient records management system (6) · sup online shopping (5) · indian invoicing system (4)	↓10
32	netatalk	33	1	·	·	NEW	netatalk (33)	—
33	nvidia	33	1	·	·		tesla (12) · geforce (12) · nvidia rtx, quadro, nvs (12)	↑47
34	hewlett packard enterprise (hpe)	32	·	·	·	×3.2	hpe aruba networking wireless operating system (aos) (27) · arubaos (aos) (5)	—
35	oracle corporation	32	9	·	·		oracle rest data services (10) · oracle payroll (3) · oracle database server (3)	↓28
36	gitlab	31	·	·	·		gitlab (31)	↑13
37	oracle	31	9	·	·		rest data services (10) · e-business suite (7) · database server (3)	↓29
38	golang	30	8	·	·	×3.2	crypto (13) · go (11) · net (6)	↑51
39	arubanetworks	27	·	·	·		arubaos (27) · sd-wan (26)	—
40	palo alto networks	27	2	2	1	×3.9KEV 2Nuclei 1PoC 27	prisma access (9) · cloud ngfw (9) · pan-os (9)	—
41	trendnet	26	·	·	·	NEW×4.3	tew-432brp (20) · tew-821dap firmware (6) · tew-821dap (6)	↑134
42	hcl	24	·	·	·		aion (9) · bigfix service management (sm) (8) · dfxanalytics (5)	—
43	code-projects	23	·	·	·		employee management system (9) · online hospital management system (3) · online music site (2)	↓33
44	jetbrains	22	·	·	·		teamcity (12) · youtrack (5) · intellij idea (4)	—
45	wwbn	22	·	·	·		avideo (22)	↓7
46	budibase	21	2	·	·	NEW×3.0	budibase (21)	↑117
47	dell	21	1	·	·		powerflex manager (rack) (8) · powerflex manager (8) · powerflex manager (appliance) (8)	↓21
48	hcltech	21	·	·	·		bigfix service management (14) · dfxanalytics (5) · bigfix webui application administration (2)	—
49	siemens	21	6	1	·	KEV 1PoC 1	simatic s7-1500 cpu 1516f-3 pn/dp (4) · simatic s7-1500 cpu 1516-3 pn/dp (4) · simatic s7-1500 cpu 1515f-2 pn (4)	↑123
50	cisco	20	2	1	1	KEV 1Nuclei 1PoC 20	cisco catalyst sd-wan manager (4) · cisco iot field network director (iot-fnd) (3) · cisco identity services engine software (2)	↓14