Vulnerability Disclosure
Cybersecurity statistics about vulnerability disclosure
Related Topics
Top Vendors
Showing 1-10 of 10 results
68 of 104 detected surge events preceded a vendor-matched CVE, spanning 33 vulnerabilities across 16 vendor families.
The median lead time of vendor-targeted surges before a matched vulnerability disclosure is 11 days.
49% of vendor-targeted surges begin within 10 days before the associated vulnerability disclosure.
78% of vendor-targeted surges begin within 21 days before the associated vulnerability disclosure.
SonicWall CVE-2026-0400 experienced six surges with lead times compressing from 37 days to 3 days and peak session volume reaching 69 times the median.
Fortinet CVE-2026-24858 provides one day of warning before disclosure.
Streamlining of responsible vulnerability disclosure grew by more than 40%.
85% of hackers believe reporting critical vulnerabilities is more important than making money.
65% of hackers have chosen not to disclose vulnerabilities due to lack of clear reporting pathways.
The average time from vulnerability disclosure to patch deployment in operational technology environments exceeds 180 days, compared to 30 days for traditional IT systems.