CVE Analysis

How CVE volume, exploitation, and patch/exploit timing are trending over time

Metrics Over Time
Updating… Trailing windows

Each column counts CVEs published within that trailing window. Vendor / product / min-CVSS filters apply to the whole table.

Metric 1D1W30D90D1Y2Y5YAll
Loading…
Total Tracked CVEs
New 24h
New 7d
Active Exploits / KEV
Exploited 24h
Exploited 7d
High Risk Prioritized
Critical
High

CVSS Severity Distribution

Dicing tomatoes…
% With Exploit
% Post-Patch Exploit
Median Days to Patch
discovery → disclosure
Median Days to Exploit
patch → exploit

Exploit Rate Over Time

⤢ expand
Seasoning with salt hashes…

% of CVEs per period with a known exploit.

Exploit Count Over Time

⤢ expand
Flambéing the firewall…

Absolute number of CVEs with a known exploit per period.

Days to Patch

⤢ expand
Brewing fresh queries…

Discovery → public disclosure (0–1825 day window).

Days: Patch → Exploit

⤢ expand
Fermenting the results…

Days from public patch to first known exploit/PoC.

CVE Surge — Possible AI-Assisted Bug Hunting Last 2 Quarters

Vendors and products active for 4+ years whose newly-published CVEs jumped sharply over the last ~180 days versus their own 5-year baseline — a pattern often tied to new AI-assisted bug-finding & fixing programs. This data doesn't reveal who is discovering the bugs — they may be found by the vendor's own teams or reported by external researchers. Jump is how many standard deviations the recent per-quarter rate sits above the historical quarterly mean, shown for both all CVEs (the sort order) and exploited CVEs. Δ Severity is the change in average CVSS base score — which may hint at the quality of the bugs being found or at how the vendor is prioritizing which issues to fix (a drop toward lower-severity bugs is also common with AI fuzzing noise). Each cell's small text is baseline → recent. Click any name to open it in the analysis filters below.

Top Vendors
# Vendor CVE Jump Expl Jump Δ Severity
1 parse-community 26.9σ 2.2→43.0/q -0.4σ0.1→0.0/q -0.4 7.4→7.0
2 craftcms 15.6σ 2.8→42.0/q -0.7σ0.4→0.0/q -0.2 6.6→6.4
3 Apache Software Foundation 10.1σ 55.7→209.0/q 4.5σ7.2→21.5/q -0.3 7.4→7.1
4 vercel 8.3σ 2.1→13.0/q 0.1σ0.4→0.5/q -0.3 6.1→5.8
5 google 8.1σ 198.5→946.0/q -0.4σ9.6→7.5/q +0.2 7.1→7.2
6 discourse 7.8σ 10.3→53.0/q -0.5σ0.4→0.0/q -0.5 5.5→5.0
7 microsoft 7.5σ 271.0→690.0/q 0.4σ19.5→22.0/q +0.1 7.3→7.4
8 grafana 7.0σ 4.3→20.0/q -0.8σ0.5→0.0/q -0.1 6.5→6.4
9 OpenSSL 6.9σ 2.9→19.0/q 1.1σ0.7→1.5/q -0.1 6.8→6.7
10 Devolutions 6.2σ 5.9→28.5/q -0.5 6.5→6.0
11 Wireshark Foundation 5.7σ 5.1→29.5/q -0.9 6.5→5.6
12 dataease 5.7σ 4.1→17.0/q -0.3σ0.1→0.0/q -0.2 8.2→8.0
13 bytecodealliance 5.2σ 2.2→10.0/q -0.3σ0.1→0.0/q +0.3 5.2→5.6
14 djangoproject 5.2σ 2.8→13.0/q -0.9σ0.6→0.0/q -1.7 7.1→5.5
15 Oracle Corporation 4.6σ 92.4→222.5/q -0.6σ2.4→1.5/q +1.8 5.8→7.7
16 Rapid7 3.8σ 2.7→12.0/q 1.7σ0.1→0.5/q +1.6 5.4→7.0
17 Mattermost 3.6σ 17.3→59.5/q -0.3σ0.1→0.0/q +0.5 4.7→5.2
18 open5gs 3.4σ 5.4→31.5/q -0.3σ0.1→0.0/q -0.8 6.9→6.1
19 NodeJS 2.9σ 5.2→14.0/q 0.4σ0.3→0.5/q -1.2 6.5→5.3
20 Palo Alto Networks 2.9σ 9.4→28.5/q 0.6σ1.1→2.0/q -1.3 6.3→5.1
Top Products
# Product CVE Jump Expl Jump Δ Severity
1 parse-server 29.1σ 2.1→41.0/q -0.4σ0.1→0.0/q -0.6 7.5→6.9
2 Chrome 20.0σ 66.0→839.0/q 0.6σ3.5→5.0/q -0.4 7.6→7.2
3 Microsoft SharePoint Server Subscription Edition 14.2σ 5.8→42.0/q 1.2σ0.6→1.5/q -1.0 7.6→6.7
4 Microsoft SharePoint Enterprise Server 2016 10.5σ 6.7→42.5/q 1.6σ0.6→2.0/q -1.0 7.7→6.7
5 Microsoft SharePoint Server 2019 9.9σ 7.2→43.0/q 1.4σ0.6→2.0/q -0.9 7.6→6.7
6 discourse 9.2σ 9.0→53.0/q -0.5σ0.4→0.0/q -0.5 5.5→5.0
7 Visual Studio Code 9.1σ 1.7→8.0/q -0.6σ0.3→0.0/q +0.3 7.3→7.6
8 server 8.5σ 5.3→32.5/q +0.0 6.3→6.3
9 cms 7.9σ 9.3→54.5/q -0.6σ0.5→0.0/q +0.6 5.6→6.2
10 zephyr 7.4σ 5.2→27.0/q 1.8σ0.1→0.5/q -0.9 7.1→6.2
11 Windows 10 Version 1809 7.1σ 122.0→303.0/q -0.2σ10.1→9.5/q -0.1 7.3→7.3
12 OpenSSL 6.9σ 3.0→19.0/q 1.1σ0.7→1.5/q -0.1 6.7→6.7
13 Apache Tomcat 6.3σ 2.6→14.5/q 1.1σ1.0→2.5/q +0.3 7.2→7.5
14 postgresql 6.2σ 1.9→8.0/q 1.0σ0.1→0.5/q +1.0 6.2→7.1
15 Windows 10 Version 21H2 5.6σ 126.3→314.0/q -0.4σ10.4→9.0/q -0.1 7.3→7.3
16 Wireshark 5.4σ 4.7→29.0/q -1.0 6.6→5.6
17 Windows 10 Version 1607 5.3σ 104.6→248.0/q 0.1σ8.7→9.0/q -0.1 7.4→7.3
18 Apache Airflow 5.3σ 4.8→23.0/q -0.5σ0.2→0.0/q -0.1 6.7→6.7
19 curl 5.3σ 4.2→15.5/q 2.1σ0.2→1.0/q +1.1 6.3→7.4
20 Microsoft Office LTSC for Mac 2021 5.2σ 10.8→65.0/q 0.1σ0.4→0.5/q -0.4 7.7→7.3

LINK COPIED TO CLIPBOARD