month report
July 2026
Data as of Jul 13, 2026, 05:00 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
July 2026 closed with 2,608 published CVEs — -36.2% YoY . 232 criticals, 7 added to CISA KEV. google led volume, mostly via chrome. Biggest breakout: drupal at ×4.4 their 12-month median. Top weakness class — CWE-79 (281 CVE). 10 vendors cracked the top-100 for the first time.
Projected total
4,756
-42.8% MoM+16.4% YoY· proj
Severity mix
232 / 906
critical / high
KEV added
7
0 ransomware-linked
Nuclei coverage
0.1%
3 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
7.2
n=1
Within 7 days
0.0%
Within 30 days
100.0%
Days → KEV (median)
1
n=1
Weakness × Vendor
What's spreading where in July 2026
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS862Missing Authorization89SQL Injection416Use After Free22Path Traversal122Heap Buffer Overflow863Incorrect Authorization918SSRF639Auth Bypass via User Key200Information Exposuremicrosoft162214011123630google23051adobe14252931apache software foundation461658apache45658red hat1241231npm19212324drupal139232symfony61141gitea1418233linuxnvidia132
Most discussed CVEs — July 2026
- CVE-2026-56164KEV16×5.3
- CVE-2026-48282KEV14×10.0
- CVE-2026-56155KEV13×7.8
- CVE-2025-3248KEV12×9.8
- CVE-2026-5066111×6.1
- CVE-2026-5504011×9.1
- CVE-2026-5065610×7.8
- CVE-2026-5500810×9.6
- CVE-2026-5709210×9.9
- CVE-2026-45659KEV9×8.8
- CVE-2026-505229×9.8
- CVE-2026-533598×
- CVE-2026-58644KEV8×9.8
- CVE-2026-462427×7.8
- CVE-2026-482767×10.0
- CVE-2021-294416×8.6
- CVE-2026-114056×9.8
- CVE-2026-33825KEV6×7.8
- CVE-2026-482776×10.0
- CVE-2026-482816×10.0
- CVE-2026-483166×10.0
- CVE-2026-485616×9.6
- CVE-2026-48908KEV6×9.8
- CVE-2026-505186×9.8
Breakout vendors
CVE count ≥3× their own 12-period median.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #18ui25 CVE
- #21guardian22 CVE
- #23coder20 CVE
- #24grokability20 CVE
- #25curl18 CVE
- #27haxx18 CVE
- #32fossbilling17 CVE
- #39corewcf13 CVE
- #55rabbitmq11 CVE
- #56snipeitapp11 CVE
Top vendors
Ranked by distinct CVE count this period.
- 79 CVE16 critCVSS 7.9chrome (79)
- 61 CVE18 critCVSS 7.7apache camel (22) · apache iotdb (10) · apache airflow (6)
- 53 CVE5 critCVSS 7.5microsoft edge (chromium-based) (47) · edge chromium (45) · azure openai (1)
- 51 CVE14 critCVSS 7.6camel (34) · airflow (6) · lucene.net (3)
- 48 CVEopenclaw (29) · @asymmetric-effort/specifyjs (5) · better-auth (3)
- 46 CVE×4.4drupal core (5) · ai (artificial intelligence) (2) · paragraphs (2)
- 40 CVE11 critCVSS 7.7×4.2Nuclei 1gitea open source git server (40)
- 38 CVElinux (38)
- 36 CVE4 critCVSS 6.4red hat enterprise linux 9 (19) · red hat enterprise linux 8 (19) · red hat enterprise linux 6 (17)
- 34 CVE4 critCVSS 7.2×3.1coolify (34)
- 33 CVE3 critCVSS 5.5powerprotect data domain (25) · data domain operating system (25) · unisphere for powermax (3)
- 29 CVEsurrealdb (20) · zebrad (3) · jxl-oxide (1)
- 28 CVECVSS 7.4pdf editor (28) · pdf reader (28)
- 28 CVECVSS 7.4foxit pdf editor (28) · foxit pdf reader (28)
- 28 CVECVSS 6.8class and exam timetabling system (8) · multi-vendor online grocery management system (6) · onlne examination & learning management system (5)
- 27 CVECVSS 6.9real state services (7) · hotel and tourism reservation (6) · assessment management (4)
- 25 CVE7 critCVSS 8.5×3.1dream routers (7) · cloud gateways (7) · dream machines (7)
- 25 CVE7 critCVSS 8.4NEW×4.2enterprise network video recorder core firmware (6) · unifi network video recorder pro firmware (6) · enterprise network video recorder firmware (6)
- 24 CVE3 critCVSS 6.6×3.0mediawiki (21) · cargo (3)
- 22 CVECVSS 6.3capgo (22)
- 22 CVE19 critCVSS 9.1NEWlanguage-system (22)
- 22 CVECVSS 5.9PoC 22junos os (18) · junos os evolved (8)
- 20 CVE1 critCVSS 6.9NEWcoder (20)
- 20 CVECVSS 5.9NEWsnipe-it (20)
- 18 CVE8 critCVSS 8.3NEWcurl (18)
- 18 CVECVSS 8.3geowebplayer (18)
- 18 CVE8 critCVSS 8.3NEWcurl (18)
- 18 CVECVSS 4.3imagemagick (18)
- 18 CVE4 critCVSS 7.5praisonai (18)
- 18 CVEsamsung mobile devices (13) · inputsharing (1) · samsung health (1)
- 18 CVE1 critCVSS 6.4mediawiki (11) · timeline (2) · syntaxhighlight_geshi (1)
- 17 CVENEWfossbilling (17)
- 17 CVE3 critCVSS 8.3nemo megatron bridge (11) · megatron-bridge (11) · connectx lts22 (2)
- 17 CVECVSS 5.4open-webui (17)
- 17 CVECVSS 6.0fireware os (17) · fireware (11) · mobile vpn with ssl (1)
- 16 CVECVSS 8.1picklescan (16)
- 15 CVECVSS 5.5open webui (15)
- 14 CVECVSS 7.5PoC 14pan-os (10) · cloud ngfw (10) · prisma access (10)
- 13 CVE1 critCVSS 6.6NEWcorewcf (13)
- 13 CVECVSS 6.3n8n (13)
- 12 CVECVSS 7.4PoC 8secure endpoint (7) · cisco secure endpoint (7) · rv110w firmware (4)
- 12 CVECVSS 6.5apartment visitor management system (7) · ecommerce website (3) · simple online leave management system (2)
- 12 CVECVSS 5.9grav (12)
- 12 CVECVSS 6.6joomla\! (12)
- 12 CVECVSS 6.6joomla! cms (12)
- 12 CVE2 critCVSS 6.9containerd (6) · nats-server (3) · opentelemetry instrumentation for java (2)
- 12 CVECVSS 6.6nats-server (12)
- 12 CVECVSS 5.3wireshark (12)
- 12 CVECVSS 5.3wireshark (11) · ciscodump (1)
- 11 CVEcms (11)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | 79 | 16 | · | · | chrome (79) | · | |||
| 2 | apache software foundation | 61 | 18 | · | · | apache camel (22) · apache iotdb (10) · apache airflow (6) | ↑5 | ||
| 3 | microsoft | 53 | 5 | · | · | microsoft edge (chromium-based) (47) · edge chromium (45) · azure openai (1) | · | ||
| 4 | apache | 51 | 14 | · | · | camel (34) · airflow (6) · lucene.net (3) | ↑4 | ||
| 5 | npm | 48 | · | · | · | openclaw (29) · @asymmetric-effort/specifyjs (5) · better-auth (3) | ↑5 | ||
| 6 | drupal | 46 | · | · | · | ×4.4 | drupal core (5) · ai (artificial intelligence) (2) · paragraphs (2) | — | |
| 7 | gitea | 40 | 11 | · | 1 | ×4.2Nuclei 1 | gitea open source git server (40) | — | |
| 8 | linux | 38 | · | · | · | linux (38) | ↓6 | ||
| 9 | redhat | 36 | 4 | · | · | red hat enterprise linux 9 (19) · red hat enterprise linux 8 (19) · red hat enterprise linux 6 (17) | ↓3 | ||
| 10 | coolify | 34 | 4 | · | · | ×3.1 | coolify (34) | ↑86 | |
| 11 | dell | 33 | 3 | · | · | powerprotect data domain (25) · data domain operating system (25) · unisphere for powermax (3) | ↑12 | ||
| 12 | crates.io | 29 | · | · | · | surrealdb (20) · zebrad (3) · jxl-oxide (1) | ↑116 | ||
| 13 | foxitsoftware | 28 | · | · | · | pdf editor (28) · pdf reader (28) | — | ||
| 14 | foxit software inc. | 28 | · | · | · | foxit pdf editor (28) · foxit pdf reader (28) | — | ||
| 15 | sourcecodester | 28 | · | · | · | class and exam timetabling system (8) · multi-vendor online grocery management system (6) · onlne examination & learning management system (5) | ↑4 | ||
| 16 | code-projects | 27 | · | · | · | real state services (7) · hotel and tourism reservation (6) · assessment management (4) | ↑37 | ||
| 17 | ubiquiti inc | 25 | 7 | · | · | ×3.1 | dream routers (7) · cloud gateways (7) · dream machines (7) | — | |
| 18 | ui | 25 | 7 | · | · | NEW×4.2 | enterprise network video recorder core firmware (6) · unifi network video recorder pro firmware (6) · enterprise network video recorder firmware (6) | — | |
| 19 | mediawiki | 24 | 3 | · | · | ×3.0 | mediawiki (21) · cargo (3) | — | |
| 20 | capgo | 22 | · | · | · | capgo (22) | ↓7 | ||
| 21 | guardian | 22 | 19 | · | · | NEW | language-system (22) | — | |
| 22 | juniper | 22 | · | · | · | PoC 22 | junos os (18) · junos os evolved (8) | — | |
| 23 | coder | 20 | 1 | · | · | NEW | coder (20) | — | |
| 24 | grokability | 20 | · | · | · | NEW | snipe-it (20) | — | |
| 25 | curl | 18 | 8 | · | · | NEW | curl (18) | — | |
| 26 | geovision inc. | 18 | · | · | · | geowebplayer (18) | ↑23 | ||
| 27 | haxx | 18 | 8 | · | · | NEW | curl (18) | — | |
| 28 | imagemagick | 18 | · | · | · | imagemagick (18) | ↓6 | ||
| 29 | praison | 18 | 4 | · | · | praisonai (18) | — | ||
| 30 | samsung mobile | 18 | · | · | · | samsung mobile devices (13) · inputsharing (1) · samsung health (1) | ↑47 | ||
| 31 | wikimedia foundation | 18 | 1 | · | · | mediawiki (11) · timeline (2) · syntaxhighlight_geshi (1) | — | ||
| 32 | fossbilling | 17 | · | · | · | NEW | fossbilling (17) | ↑103 | |
| 33 | nvidia | 17 | 3 | · | · | nemo megatron bridge (11) · megatron-bridge (11) · connectx lts22 (2) | — | ||
| 34 | open-webui | 17 | · | · | · | open-webui (17) | ↑24 | ||
| 35 | watchguard | 17 | · | · | · | fireware os (17) · fireware (11) · mobile vpn with ssl (1) | — | ||
| 36 | picklescan | 16 | · | · | · | picklescan (16) | ↓10 | ||
| 37 | openwebui | 15 | · | · | · | open webui (15) | ↑29 | ||
| 38 | palo alto networks | 14 | · | · | · | PoC 14 | pan-os (10) · cloud ngfw (10) · prisma access (10) | ↑122 | |
| 39 | corewcf | 13 | 1 | · | · | NEW | corewcf (13) | — | |
| 40 | n8n | 13 | · | · | · | n8n (13) | ↓8 | ||
| 41 | cisco | 12 | · | · | · | PoC 8 | secure endpoint (7) · cisco secure endpoint (7) · rv110w firmware (4) | ↑86 | |
| 42 | codeastro | 12 | · | · | · | apartment visitor management system (7) · ecommerce website (3) · simple online leave management system (2) | ↓8 | ||
| 43 | getgrav | 12 | · | · | · | grav (12) | — | ||
| 44 | joomla | 12 | · | · | · | joomla\! (12) | — | ||
| 45 | joomla! project | 12 | · | · | · | joomla! cms (12) | — | ||
| 46 | linuxfoundation | 12 | 2 | · | · | containerd (6) · nats-server (3) · opentelemetry instrumentation for java (2) | — | ||
| 47 | nats-io | 12 | · | · | · | nats-server (12) | — | ||
| 48 | wireshark | 12 | · | · | · | wireshark (12) | — | ||
| 49 | wireshark foundation | 12 | · | · | · | wireshark (11) · ciscodump (1) | — | ||
| 50 | craftcms | 11 | · | · | · | cms (11) | ↑147 |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins583 CVE33 crit2 KEV247 vendorsCVSS 7.3grav (14) · joomla! cms (12) · joomla\! (12)
- OSS Libraries457 CVE40 crit113 vendorsCVSS 7.4camel (34) · capgo (25) · curl (18)
- Consumer Software231 CVE20 crit27 vendorsCVSS 8.4chrome (79) · microsoft edge (chromium-based) (47) · desktop (1)
- Operating Systems197 CVE13 crit17 vendorsCVSS 7.5linux (38) · red hat enterprise linux 8 (19) · red hat enterprise linux 9 (19)
- Enterprise Software184 CVE21 crit57 vendorsCVSS 9.8snipe-it (31) · powerprotect data domain (25) · moveit transfer (8)
- Networking Infrastructure159 CVE70 crit37 vendorsCVSS 8.5junos os (18) · fireware os (17) · fireware (11)
- DevTools & CI151 CVE24 crit27 vendorsCVSS 7.5apache camel (22) · radare2 (9) · hoppscotch (3)
- Cloud & SaaS150 CVE26 crit53 vendorsCVSS 8.6coolify (34) · containerd (6) · n8n (4)
- AI / ML121 CVE19 crit43 vendorsCVSS 7.6praisonai (18) · open-webui (17) · open webui (15)
- Security Products113 CVE9 crit39 vendorsCVSS 7.3zitadel (9) · privileged remote access (4) · red hat single sign-on 7 (4)
- Hardware Firmware77 CVE20 crit19 vendorsCVSS 7.5fastconnect 6900 firmware (11) · fastconnect 7800 firmware (11) · megatron-bridge (11)
- Databases61 CVE9 crit13 vendorsCVSS 9.2nats-server (12) · rabbitmq-server (11) · red hat data grid 8 (3)
- ICS / OT / IoT39 CVE6 crit13 vendorsCVSS 8.4geowebplayer (18) · frigate (1) · m300 wi-fi repeater (1)
- Communications30 CVE14 vendorsCVSS 7.4astrbot (3) · markdownify-mcp (2) · misskey (2)
- Mobile Apps1 CVE1 vendorssamsung health (1)
- Unclassified35 CVE3 crit26 vendorsCVSS 6.3assessment management (4) · jodit (3) · luci (3)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 6 | 583 | 33 | 2 | 247 | 360 | 7.3 | grav (14) · joomla! cms (12) · joomla\! (12) |
| OSS Libraries▸ 8 | 457 | 40 | · | 113 | 167 | 7.4 | camel (34) · capgo (25) · curl (18) |
| Consumer Software▸ 4 | 231 | 20 | · | 27 | 34 | 8.4 | chrome (79) · microsoft edge (chromium-based) (47) · desktop (1) |
| Operating Systems▸ 5 | 197 | 13 | · | 17 | 64 | 7.5 | linux (38) · red hat enterprise linux 8 (19) · red hat enterprise linux 9 (19) |
| Enterprise Software▸ 7 | 184 | 21 | · | 57 | 260 | 9.8 | snipe-it (31) · powerprotect data domain (25) · moveit transfer (8) |
| Networking Infrastructure▸ 6 | 159 | 70 | · | 37 | 105 | 8.5 | junos os (18) · fireware os (17) · fireware (11) |
| DevTools & CI▸ 5 | 151 | 24 | · | 27 | 30 | 7.5 | apache camel (22) · radare2 (9) · hoppscotch (3) |
| Cloud & SaaS▸ 5 | 150 | 26 | · | 53 | 79 | 8.6 | coolify (34) · containerd (6) · n8n (4) |
| AI / ML▸ 5 | 121 | 19 | · | 43 | 45 | 7.6 | praisonai (18) · open-webui (17) · open webui (15) |
| Security Products▸ 6 | 113 | 9 | · | 39 | 49 | 7.3 | zitadel (9) · privileged remote access (4) · red hat single sign-on 7 (4) |
| Hardware Firmware▸ 4 | 77 | 20 | · | 19 | 336 | 7.5 | fastconnect 6900 firmware (11) · fastconnect 7800 firmware (11) · megatron-bridge (11) |
| Databases▸ 5 | 61 | 9 | · | 13 | 23 | 9.2 | nats-server (12) · rabbitmq-server (11) · red hat data grid 8 (3) |
| ICS / OT / IoT▸ 5 | 39 | 6 | · | 13 | 16 | 8.4 | geowebplayer (18) · frigate (1) · m300 wi-fi repeater (1) |
| Communications▸ 4 | 30 | · | · | 14 | 14 | 7.4 | astrbot (3) · markdownify-mcp (2) · misskey (2) |
| Mobile Apps▸ 1 | 1 | · | · | 1 | 1 | · | samsung health (1) |
| Unclassified | 35 | 3 | · | 26 | 51 | 6.3 | assessment management (4) · jodit (3) · luci (3) |
Weakness × Sector
Which weaknesses hit which solution categories in July 2026
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
79XSS862Missing Authorization89SQL Injection416Use After Free22Path Traversal122Heap Buffer Overflow863Incorrect Authorization918SSRF639Auth Bypass via User Key200Information ExposureWeb & CMS Plugins207102922410243731Operating Systems113213449356329OSS Libraries262569271344211031Consumer Software25246393512735Enterprise Software3624525161812516Cloud & SaaS1214418111912134Networking Infrastructure10362107483DevTools & CI1613310216979AI / ML412521161788Security Products941497431