Skip to main content

Vendor Intelligence

Security scorecards – CVE volume, patch rates, exploit exposure, and composite risk for 65 vendors

Period: 30d 90d 6m 1y All
# Vendor Risk Score CVEs Severity KEV PoC Avg EPSS Patch Rate Trend
1 Microsoft 95524 17258
2477 CRITICAL 9303 HIGH 5146 MEDIUM 324 LOW
351 1998 7.5% 56% +17258
2 WordPress 70607 17309
1198 CRITICAL 3699 HIGH 12220 MEDIUM 185 LOW
3 5458 2.0% 20% +17309
3 Google 48068 13973
1144 CRITICAL 5836 HIGH 6570 MEDIUM 404 LOW
86 1122 1.1% 36% +13973
4 Apple 31060 8065
684 CRITICAL 3168 HIGH 3743 MEDIUM 469 LOW
132 616 1.5% 12% +8065
5 Adobe 27731 5603
1345 CRITICAL 2131 HIGH 2026 MEDIUM 101 LOW
67 300 6.8% 52% +5603
6 Linux 24991 12817
320 CRITICAL 3962 HIGH 7779 MEDIUM 178 LOW
23 599 0.6% 91% +12817
7 Suse 22822 9353
435 CRITICAL 2986 HIGH 5930 MEDIUM
20 691 0.3% 98% +9353
8 Tenda 21890 1817
625 CRITICAL 970 HIGH 181 MEDIUM 41 LOW
3 1448 1.5% 0% +1817
9 Red Hat 18760 8628
274 CRITICAL 2646 HIGH 5634 MEDIUM 71 LOW
18 567 0.3% 93% +8628
10 Oracle 17931 7769
609 CRITICAL 1959 HIGH 4405 MEDIUM 795 LOW
41 244 2.6% 59% +7769
11 Cisco 17720 5526
400 CRITICAL 2106 HIGH 2982 MEDIUM 38 LOW
75 190 2.3% 3% +5526
12 D-Link 15371 1370
393 CRITICAL 613 HIGH 274 MEDIUM 90 LOW
20 995 5.8% 4% +1370
13 Apache 14270 2543
524 CRITICAL 966 HIGH 981 MEDIUM 64 LOW
42 382 9.5% 75% +2543
14 Mozilla 12786 2672
587 CRITICAL 1053 HIGH 995 MEDIUM 36 LOW
10 274 1.8% 30% +2672
15 IBM 9760 5580
342 CRITICAL 1293 HIGH 3421 MEDIUM 520 LOW
6 108 1.2% 44% +5580
16 Qualcomm 5549 1142
241 CRITICAL 692 HIGH 204 MEDIUM 2 LOW
4 21 0.4% 44% +1142
17 SAP 4886 1669
162 CRITICAL 470 HIGH 980 MEDIUM 57 LOW
13 89 1.9% 5% +1669
18 Netgear 4464 748
142 CRITICAL 316 HIGH 283 MEDIUM 7 LOW
8 170 4.6% 19% +748
19 TP-Link 4064 440
79 CRITICAL 250 HIGH 109 MEDIUM 1 LOW
5 250 4.9% 11% +440
20 Gitlab 4002 1245
61 CRITICAL 283 HIGH 806 MEDIUM 94 LOW
4 255 2.6% 16% +1245
21 Intel 3914 1699
55 CRITICAL 698 HIGH 886 MEDIUM 55 LOW
4 45 0.9% 27% +1699
22 VMware 3750 643
94 CRITICAL 270 HIGH 261 MEDIUM 17 LOW
23 71 4.9% 36% +643
23 Samsung 3740 980
114 CRITICAL 354 HIGH 439 MEDIUM 71 LOW
4 120 1.4% 5% +980
24 Dell 3618 1272
95 CRITICAL 541 HIGH 578 MEDIUM 55 LOW
2 49 1.4% 29% +1272
25 Juniper 3286 984
69 CRITICAL 482 HIGH 429 MEDIUM 4 LOW
8 31 1.2% 12% +984
26 Ivanti 3256 386
57 CRITICAL 246 HIGH 78 MEDIUM 5 LOW
25 52 13.1% 4% +386
27 HP 3105 651
165 CRITICAL 208 HIGH 245 MEDIUM 32 LOW
2 62 8.7% 13% +651
28 Jenkins 3067 1691
77 CRITICAL 437 HIGH 1145 MEDIUM 32 LOW
5 37 2.8% 66% +1691
29 Nvidia 2840 919
35 CRITICAL 549 HIGH 287 MEDIUM 48 LOW
0 35 0.4% 23% +919
30 Debian 2806 1305
49 CRITICAL 293 HIGH 815 MEDIUM 60 LOW
4 118 0.4% 94% +1305
31 Fortinet 2625 639
65 CRITICAL 202 HIGH 335 MEDIUM 37 LOW
15 49 3.4% 7% +639
32 TOTOLINK 2495 245
38 CRITICAL 128 HIGH 72 MEDIUM 7 LOW
0 197 2.1% 0% +245
33 Huawei 2387 803
67 CRITICAL 367 HIGH 330 MEDIUM 39 LOW
0 28 0.6% 2% +803
34 Nginx 2271 369
63 CRITICAL 181 HIGH 118 MEDIUM 6 LOW
0 114 4.8% 57% +369
35 Citrix 2115 256
54 CRITICAL 99 HIGH 99 MEDIUM 4 LOW
15 51 6.6% 21% +256
36 Atlassian 2073 394
48 CRITICAL 113 HIGH 224 MEDIUM 9 LOW
10 78 7.6% 32% +394
37 Zyxel 1935 211
46 CRITICAL 89 HIGH 76 MEDIUM
11 68 7.8% 16% +211
38 Paloalto 1794 363
42 CRITICAL 113 HIGH 175 MEDIUM 29 LOW
14 25 4.1% 14% +363
39 Aruba 1521 343
81 CRITICAL 150 HIGH 108 MEDIUM 4 LOW
0 11 2.1% 8% +343
40 Linksys 1493 140
16 CRITICAL 80 HIGH 30 MEDIUM 14 LOW
0 123 4.1% 1% +140
41 Hashicorp 1403 344
52 CRITICAL 128 HIGH 138 MEDIUM 23 LOW
1 40 1.0% 60% +344
42 Qnap 1395 273
50 CRITICAL 83 HIGH 116 MEDIUM 24 LOW
7 24 4.8% 18% +273
43 Synology 1135 265
40 CRITICAL 95 HIGH 123 MEDIUM 7 LOW
0 42 2.2% 16% +265
44 Rockwell 1134 214
37 CRITICAL 134 HIGH 38 MEDIUM 5 LOW
1 19 4.4% 7% +214
45 Drupal 1100 319
24 CRITICAL 83 HIGH 199 MEDIUM 13 LOW
6 28 4.2% 82% +319
46 Sonicwall 1080 113
29 CRITICAL 47 HIGH 34 MEDIUM 3 LOW
7 27 11.3% 1% +113
47 Amd 979 459
18 CRITICAL 151 HIGH 278 MEDIUM 6 LOW
1 18 0.6% 68% +459
48 Elastic 971 321
25 CRITICAL 101 HIGH 184 MEDIUM 10 LOW
3 20 3.3% 42% +321
49 Ubiquiti 956 125
36 CRITICAL 64 HIGH 22 MEDIUM 3 LOW
3 23 1.0% 39% +125
50 Siemens 949 319
32 CRITICAL 119 HIGH 145 MEDIUM 23 LOW
1 11 1.7% 23% +319
51 Joomla 930 261
30 CRITICAL 63 HIGH 163 MEDIUM 4 LOW
1 38 6.0% 15% +261
52 Schneider Electric 897 174
52 CRITICAL 64 HIGH 52 MEDIUM 6 LOW
0 13 3.2% 23% +174
53 Lenovo 794 299
12 CRITICAL 135 HIGH 145 MEDIUM 6 LOW
0 15 1.1% 25% +299
54 Abb 785 136
27 CRITICAL 79 HIGH 26 MEDIUM 4 LOW
0 22 1.8% 8% +136
55 Zte 772 163
23 CRITICAL 58 HIGH 76 MEDIUM 6 LOW
0 35 4.8% 0% +163
56 Broadcom 758 123
24 CRITICAL 69 HIGH 28 MEDIUM
1 22 2.2% 22% +123
57 Canonical 727 247
21 CRITICAL 79 HIGH 136 MEDIUM 8 LOW
0 25 1.2% 89% +247
58 Mikrotik 600 53
4 CRITICAL 29 HIGH 20 MEDIUM
2 39 6.5% 0% +53
59 Mediatek 570 230
2 CRITICAL 119 HIGH 103 MEDIUM 6 LOW
1 3 0.3% 52% +230
60 Dahua 452 57
14 CRITICAL 23 HIGH 15 MEDIUM 5 LOW
2 13 9.6% 37% +57
61 Hikvision 345 32
9 CRITICAL 13 HIGH 8 MEDIUM 2 LOW
2 9 17.2% 22% +32
62 Nokia 322 57
4 CRITICAL 21 HIGH 31 MEDIUM 1 LOW
0 22 1.4% 9% +57
63 Wazuh 260 32
7 CRITICAL 10 HIGH 14 MEDIUM 1 LOW
1 12 3.7% 69% +32
64 Ericsson 214 36
2 CRITICAL 18 HIGH 16 MEDIUM
0 13 3.6% 22% +36
65 Fortigate 8 4
2 HIGH 1 MEDIUM 1 LOW
0 0 0.1% 0% +4

How to read this table

Risk Score – composite metric: KEV ×50, Critical ×10, High ×4, PoC ×8, EPSS weight, patch rate penalty. Higher = riskier vendor.
Severity – bar + counts: C=Critical, H=High, M=Medium, L=Low.
KEV – CISA Known Exploited Vulnerabilities – confirmed actively exploited in the wild.
PoC – CVEs with public Proof of Concept exploit code available.
Avg EPSS – average Exploit Prediction Scoring System probability across vendor CVEs.
Patch Rate – % of CVEs where vendor has released a patch. Green ≥80%, Yellow ≥50%, Red <50%.
Trend – CVE count change vs previous period of same length. +N = more new CVEs, −N = fewer.

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy