Skip to main content
HomeTopicsVulnerabilities

Vulnerabilities

We've curated 342 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.

Showing 1-20 of 342 results

79% are concerned about missing vulnerabilities introduced between scheduled tests

Aikido6/28/2026
Offensive Security

60% of healthcare leaders have self-attested to HIPAA compliance despite known, unpatched vulnerabilities.

Omega Systems6/28/2026
HIPAACompliance

Annual vulnerability disclosures are on pace to approach 70,000 for the first time in history.

FIRST6/20/2026
Security TrendsVulnerability Disclosures

Mozilla CNA Q1 CVE disclosures spiked 164% due to AI-assisted tooling against the Firefox engine.

FIRST6/20/2026
Open Source SecurityArtificial Intelligence

There were 6,420 excess CVEs recorded through April 2026, representing a 46.3% cumulative drift above the February forecast.

FIRST6/20/2026
CVE ManagementCVEs

VulnCheck CNA-of-Last-Resort activity increased 3,119%.

FIRST6/20/2026
CVE Assignment

GitHub Security Advisory (GHSA) volume increased 449% year-over-year.

FIRST6/20/2026
Open Source Security

Actual CVE disclosures are running 46.3% above projections published four months earlier.

FIRST6/20/2026
CVE Management

The 2026 projected total of CVE disclosures is approximately 66,000, up from a February median projection of 59,427.

FIRST6/20/2026
CVE ManagementCVE Disclosures

From 2024 to 2025, the number of critical vulnerabilities carried across vendors serving the financial sector increased 387%.

Black Kite6/6/2026
Vendor RiskFinancial Services

Among the 140 vendors whose client base is meaningfully concentrated in finance, critical vulnerabilities increased 181%.

Black Kite6/6/2026
Vendor RiskFinancial Services

Over 48,000 CVEs were published globally in 2025, an 18% year-on-year increase.

Black Kite6/6/2026
CVEs

Three of four Chinese LLMs generate hidden security vulnerabilities when prompted with a U.S. government persona.

Booz Allen6/6/2026
Software SecurityAI Models

73% of Nordic CISOs either explicitly state that no vulnerabilities have been exploited or are unable to point out concrete cases.

Truesec5/31/2026
The NordicsExploit

9% of Nordic CISOs cited vulnerabilities as their primary concern.

Truesec5/31/2026
The NordicsSecurity Concerns

Only approximately 1.4% of publicly disclosed vulnerabilities are known to be exploited in real-world attacks.

Root Evidence5/31/2026
Exploit

Over 80% of known-exploited vulnerabilities have no Metasploit module.

Root Evidence5/31/2026
Metasploit

Of the 48,000+ CVEs published in 2025, only 58 represented a genuine, discoverable, and exploitable threat to enterprise supply chains.

Black Kite5/27/2026
Supply ChainCybersecurity

Over 48,000 new CVEs were disclosed in 2025, a 20% year-over-year increase.

JFrog5/27/2026
CVEs

56% worry they remain exposed to known vulnerabilities, even as 86% say remediation is a critical part of their security strategy.

Adaptiva5/27/2026
Patch ManagementVulnerability Management