Skip to main content

Vendor Intelligence

Security scorecards – CVE volume, patch rates, exploit exposure, and composite risk for 48 vendors

Period: 30d 90d 6m 1y All
# Vendor Risk Score CVEs Severity KEV PoC Avg EPSS Patch Rate Trend
1 Suse 6884 2341
183 CRITICAL 1000 HIGH 1146 MEDIUM
3 113 0.0% 98% +1347
2 Red Hat 5998 2186
153 CRITICAL 907 HIGH 1126 MEDIUM
4 80 0.0% 97% +1287
3 Microsoft 3368 837
89 CRITICAL 482 HIGH 241 MEDIUM 17 LOW
7 25 0.1% 84% +640
4 Linux 2626 1578
62 CRITICAL 455 HIGH 563 MEDIUM
1 17 0.0% 98% +790
5 Google 2490 772
52 CRITICAL 399 HIGH 263 MEDIUM 55 LOW
3 28 0.0% 76% +546
6 WordPress 2100 1095
59 CRITICAL 278 HIGH 753 MEDIUM 4 LOW
0 47 0.1% 5% -22
7 D-Link 1320 145
30 CRITICAL 85 HIGH 11 MEDIUM 19 LOW
0 82 0.1% 3% +66
8 Tenda 1289 140
4 CRITICAL 114 HIGH 9 MEDIUM 13 LOW
0 96 0.2% 1% +103
9 Apache 886 218
44 CRITICAL 87 HIGH 71 MEDIUM 3 LOW
1 6 0.1% 84% +151
10 Apple 812 334
26 CRITICAL 132 HIGH 162 MEDIUM 13 LOW
0 3 0.0% 86% +183
11 Mozilla 784 163
40 CRITICAL 92 HIGH 30 MEDIUM 1 LOW
0 2 0.0% 98% +74
12 Nginx 390 77
15 CRITICAL 44 HIGH 16 MEDIUM 1 LOW
0 8 0.1% 83% +60
13 Debian 374 137
7 CRITICAL 72 HIGH 24 MEDIUM 4 LOW
0 2 0.1% 100% -41
14 Cisco 373 120
10 CRITICAL 27 HIGH 83 MEDIUM
2 5 0.1% 1% +89
15 Adobe 309 116
8 CRITICAL 37 HIGH 69 MEDIUM 2 LOW
1 1 0.1% 4% +101
16 Oracle 279 147
10 CRITICAL 38 HIGH 88 MEDIUM 11 LOW
0 2 0.0% 29% +81
17 Gitlab 266 65
3 CRITICAL 17 HIGH 38 MEDIUM 7 LOW
0 21 0.0% 74% +22
18 Canonical 220 61
10 CRITICAL 24 HIGH 19 MEDIUM 3 LOW
0 3 0.0% 93% +60
19 Hashicorp 216 36
9 CRITICAL 15 HIGH 8 MEDIUM 1 LOW
1 2 0.0% 64% +34
20 Nvidia 203 54
4 CRITICAL 36 HIGH 13 MEDIUM
0 0 0.1% 13% +54
21 Fortinet 201 60
5 CRITICAL 15 HIGH 35 MEDIUM 5 LOW
1 2 0.1% 0% +43
22 Samsung 148 57
5 CRITICAL 19 HIGH 31 MEDIUM
0 0 0.0% 7% +23
23 IBM 142 150
3 CRITICAL 28 HIGH 110 MEDIUM 7 LOW
0 0 0.0% 63% +45
24 Ivanti 138 16
1 CRITICAL 11 HIGH 4 MEDIUM
1 1 0.5% 0% +12
25 Dell 114 83
1 CRITICAL 26 HIGH 49 MEDIUM 4 LOW
0 0 0.0% 87% +60
26 Ubiquiti 114 15
9 CRITICAL 6 HIGH
0 0 0.0% 87% +15
27 Juniper 102 28
3 CRITICAL 18 HIGH 7 MEDIUM
0 0 0.0% 93% +3
28 Amd 82 51
1 CRITICAL 18 HIGH 27 MEDIUM 1 LOW
0 0 0.0% 51% +48
29 TP-Link 76 24
19 HIGH 4 MEDIUM
0 0 0.1% 79% -11
30 SAP 73 42
4 CRITICAL 2 HIGH 32 MEDIUM 4 LOW
0 0 0.0% 0%
31 Paloalto 71 5
1 CRITICAL 1 MEDIUM 1 LOW
1 1 3.0% 60% +2
32 Zte 65 11
4 HIGH 7 MEDIUM
0 3 0.0% 0% +11
33 Intel 64 42
1 CRITICAL 13 HIGH 20 MEDIUM
0 0 0.0% 45% +31
34 Atlassian 64 10
4 CRITICAL 6 HIGH
0 0 0.2% 70% +8
35 VMware 54 9
1 CRITICAL 6 HIGH 1 MEDIUM 1 LOW
0 0 0.0% 11% +3
36 Wazuh 46 12
3 CRITICAL 9 MEDIUM
0 2 0.1% 83% +12
37 Jenkins 43 27
1 CRITICAL 8 HIGH 17 MEDIUM
0 0 0.0% 48% +17
38 Elastic 38 23
1 CRITICAL 5 HIGH 16 MEDIUM 1 LOW
0 1 0.0% 52% +22
39 Zyxel 37 7
3 HIGH 4 MEDIUM
0 0 0.2% 0% -1
40 Sonicwall 37 7
3 HIGH 2 MEDIUM 2 LOW
0 0 0.1% 0% +7
41 Synology 22 13
1 CRITICAL 3 HIGH 9 MEDIUM
0 0 0.0% 100% +4
42 HP 22 8
1 CRITICAL 3 HIGH 3 MEDIUM
0 0 0.0% 50% +3
43 Lenovo 20 13
5 HIGH 7 MEDIUM
0 0 0.0% 77% +12
44 Abb 12 3
3 HIGH
0 0 0.0% 0% +3
45 Nokia 8 3
2 HIGH 1 MEDIUM
0 0 0.1% 0% +3
46 Ericsson 8 3
2 HIGH 1 MEDIUM
0 0 0.0% 100% +3
47 Mediatek 4 4
1 HIGH 1 MEDIUM
0 0 0.0% 100% +3
48 Qualcomm 4 3
1 HIGH 1 MEDIUM
0 0 0.0% 100% +2

How to read this table

Risk Score – composite metric: KEV ×50, Critical ×10, High ×4, PoC ×8, EPSS weight, patch rate penalty. Higher = riskier vendor.
Severity – bar + counts: C=Critical, H=High, M=Medium, L=Low.
KEV – CISA Known Exploited Vulnerabilities – confirmed actively exploited in the wild.
PoC – CVEs with public Proof of Concept exploit code available.
Avg EPSS – average Exploit Prediction Scoring System probability across vendor CVEs.
Patch Rate – % of CVEs where vendor has released a patch. Green ≥80%, Yellow ≥50%, Red <50%.
Trend – CVE count change vs previous period of same length. +N = more new CVEs, −N = fewer.

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy