Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

Mean vulnerabilities per codebase increased by 107% year-over-year.

Black Duck
May 27, 2026
VulnerabilitiesOpen Source Security

Mean vulnerabilities per codebase increased by 107% year-over-year. — This cybersecurity statistic was published by Black Duck in May 2026. It covers topics including Vulnerabilities, Open Source Security. The original data appears in “2026 Open Source Security and Risk Analysis” Report. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 2/25/2026

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

Mean vulnerabilities per codebase increased by 107% year-over-year. This data was published by Black Duck and covers Vulnerabilities, Open Source Security.

Where does this data come from?

This statistic comes from “2026 Open Source Security and Risk Analysis” Report, published by Black Duck on May 27, 2026. You can view the original report at https://www.blackduck.com/resources/analyst-reports/open-source-security-risk-analysis.html.

What cybersecurity topics does this cover?

This statistic relates to Vulnerabilities, Open Source Security. Browse more statistics on Vulnerabilities or from Black Duck.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

There were 6,420 excess CVEs recorded through April 2026, representing a 46.3% cumulative drift above the February forecast.

FIRST6/20/2026
VulnerabilitiesCVE ManagementCVEs

Annual vulnerability disclosures are on pace to approach 70,000 for the first time in history.

FIRST6/20/2026
VulnerabilitiesSecurity TrendsVulnerability Disclosures

GitHub Security Advisory (GHSA) volume increased 449% year-over-year.

FIRST6/20/2026
VulnerabilitiesOpen Source Security

VulnCheck CNA-of-Last-Resort activity increased 3,119%.

FIRST6/20/2026
VulnerabilitiesCVE Assignment

Mozilla CNA Q1 CVE disclosures spiked 164% due to AI-assisted tooling against the Firefox engine.

FIRST6/20/2026
VulnerabilitiesOpen Source SecurityArtificial Intelligence

Actual CVE disclosures are running 46.3% above projections published four months earlier.

FIRST6/20/2026
VulnerabilitiesCVE Management

Browse by Topic

VulnerabilitiesOpen Source SecurityMore from Black Duck

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights