Skip to main content

Vendor Intelligence

Security scorecards – CVE volume, patch rates, exploit exposure, and composite risk for 64 vendors

Period: 30d 90d 6m 1y All
# Vendor Risk Score CVEs Severity KEV PoC Avg EPSS Patch Rate Trend
1 Suse 15678 5803
352 CRITICAL 2041 HIGH 3408 MEDIUM
9 443 0.1% 98% +2253
2 Red Hat 11512 4920
189 CRITICAL 1675 HIGH 3055 MEDIUM
9 309 0.1% 97% +1627
3 Microsoft 11222 2735
227 CRITICAL 1630 HIGH 799 MEDIUM 71 LOW
24 154 0.4% 73% +1001
4 WordPress 9463 4273
288 CRITICAL 994 HIGH 2947 MEDIUM 37 LOW
0 323 0.2% 5% -471
5 Google 9040 2880
236 CRITICAL 1321 HIGH 1154 MEDIUM 151 LOW
10 112 0.1% 78% +2057
6 Linux 7358 4433
138 CRITICAL 1372 HIGH 2325 MEDIUM 20 LOW
1 55 0.0% 94% -15
7 Tenda 3717 414
28 CRITICAL 303 HIGH 52 MEDIUM 31 LOW
0 275 0.3% 0% +46
8 D-Link 3087 336
43 CRITICAL 166 HIGH 48 MEDIUM 79 LOW
0 246 1.0% 2% +16
9 Apple 2924 1051
65 CRITICAL 354 HIGH 569 MEDIUM 62 LOW
9 51 0.1% 54% +84
10 Oracle 2523 544
148 CRITICAL 188 HIGH 179 MEDIUM 28 LOW
3 16 0.2% 24% +232
11 Apache 2490 595
110 CRITICAL 249 HIGH 206 MEDIUM 22 LOW
1 43 0.3% 76% +357
12 Mozilla 2038 408
129 CRITICAL 173 HIGH 103 MEDIUM 2 LOW
0 7 0.1% 92% +220
13 Cisco 1341 288
18 CRITICAL 92 HIGH 178 MEDIUM
13 15 0.4% 5% -19
14 Debian 1212 503
16 CRITICAL 165 HIGH 224 MEDIUM 11 LOW
0 49 0.1% 98% -200
15 Adobe 855 289
22 CRITICAL 81 HIGH 178 MEDIUM 8 LOW
4 11 0.7% 6% -264
16 Nginx 818 160
33 CRITICAL 78 HIGH 45 MEDIUM 3 LOW
0 22 0.2% 73% +120
17 IBM 814 489
41 CRITICAL 100 HIGH 319 MEDIUM 25 LOW
0 0 0.1% 42% -42
18 Nvidia 738 231
14 CRITICAL 141 HIGH 60 MEDIUM 16 LOW
0 2 0.1% 14% +150
19 Fortinet 709 134
15 CRITICAL 38 HIGH 72 MEDIUM 9 LOW
6 10 1.8% 0% -8
20 Linksys 685 62
1 CRITICAL 44 HIGH 5 MEDIUM 12 LOW
0 59 1.9% 0% +26
21 Dell 654 263
12 CRITICAL 115 HIGH 121 MEDIUM 12 LOW
1 3 0.5% 54% +26
22 Gitlab 586 225
7 CRITICAL 59 HIGH 125 MEDIUM 33 LOW
0 35 0.1% 52% +46
23 Canonical 514 142
19 CRITICAL 55 HIGH 60 MEDIUM 5 LOW
0 13 0.1% 92% +92
24 Ubiquiti 496 49
21 CRITICAL 26 HIGH 2 MEDIUM
3 4 0.2% 86% +34
25 Ivanti 484 47
5 CRITICAL 27 HIGH 15 MEDIUM
5 6 4.3% 2% -127
26 TOTOLINK 442 35
11 CRITICAL 16 HIGH 8 MEDIUM
0 30 3.0% 0% -175
27 Hashicorp 408 85
15 CRITICAL 32 HIGH 27 MEDIUM 8 LOW
1 10 0.1% 76% +46
28 SAP 317 163
22 CRITICAL 19 HIGH 107 MEDIUM 15 LOW
0 0 0.1% 8% +6
29 TP-Link 290 76
58 HIGH 17 MEDIUM
1 1 0.4% 50% -21
30 Samsung 259 162
7 CRITICAL 42 HIGH 108 MEDIUM 3 LOW
0 0 0.0% 7% +3
31 Intel 255 194
3 CRITICAL 53 HIGH 116 MEDIUM 17 LOW
0 0 0.0% 24% -166
32 Juniper 214 77
5 CRITICAL 41 HIGH 31 MEDIUM
0 0 0.1% 62% -6
33 VMware 195 28
1 CRITICAL 16 HIGH 9 MEDIUM 1 LOW
2 1 0.3% 25% -27
34 Citrix 193 15
2 CRITICAL 10 HIGH 3 MEDIUM
2 4 0.8% 60% -2
35 Atlassian 182 42
9 CRITICAL 17 HIGH 14 MEDIUM 2 LOW
0 3 0.4% 81% +21
36 Amd 182 119
1 CRITICAL 43 HIGH 65 MEDIUM 4 LOW
0 0 0.0% 56% -77
37 Paloalto 162 59
1 CRITICAL 9 HIGH 32 MEDIUM 13 LOW
2 2 0.4% 70% -16
38 Broadcom 136 22
2 CRITICAL 13 HIGH 5 MEDIUM
1 0 0.4% 23% +18
39 Jenkins 130 84
1 CRITICAL 24 HIGH 57 MEDIUM 2 LOW
0 3 0.1% 54% +4
40 HP 124 32
3 CRITICAL 14 HIGH 14 MEDIUM
0 4 0.1% 38% -11
41 Elastic 108 59
3 CRITICAL 14 HIGH 40 MEDIUM 2 LOW
0 2 0.1% 37% +22
42 Wazuh 100 20
4 CRITICAL 3 HIGH 12 MEDIUM 1 LOW
0 6 0.1% 70% +16
43 Netgear 96 34
1 CRITICAL 10 HIGH 22 MEDIUM 1 LOW
0 5 5.5% 62% -77
44 Drupal 86 36
1 CRITICAL 9 HIGH 24 MEDIUM 2 LOW
0 5 0.1% 83% -133
45 Abb 83 17
1 CRITICAL 12 HIGH 4 MEDIUM
0 0 0.1% 0% -13
46 Lenovo 80 37
18 HIGH 18 MEDIUM
0 1 0.0% 57% -6
47 Zte 69 15
5 HIGH 9 MEDIUM 1 LOW
0 3 0.0% 0% +5
48 Zyxel 67 21
1 CRITICAL 8 HIGH 12 MEDIUM
0 0 0.2% 0% -14
49 Mikrotik 65 6
4 HIGH 2 MEDIUM
0 3 0.1% 0% +1
50 Joomla 65 13
2 CRITICAL 5 HIGH 5 MEDIUM
0 0 0.0% 0% -19
51 Qnap 65 82
1 CRITICAL 13 HIGH 65 MEDIUM 3 LOW
0 0 0.1% 45% +29
52 Synology 64 38
2 CRITICAL 11 HIGH 22 MEDIUM 3 LOW
0 0 0.0% 95% +12
53 Rockwell 59 7
1 CRITICAL 6 HIGH
0 0 0.2% 0% -40
54 Aruba 53 10
7 HIGH 3 MEDIUM
0 0 0.1% 0% -14
55 Dahua 49 6
2 CRITICAL 1 HIGH 1 MEDIUM 2 LOW
0 0 0.3% 0% -2
56 Sonicwall 47 8
1 CRITICAL 3 HIGH 2 MEDIUM 2 LOW
0 0 0.1% 0% -6
57 Ericsson 40 14
10 HIGH 4 MEDIUM
0 0 0.0% 57% +10
58 Mediatek 32 21
8 HIGH 13 MEDIUM
0 0 0.0% 95% -10
59 Nokia 27 9
4 HIGH 5 MEDIUM
0 1 0.2% 44% +8
60 Qualcomm 22 13
1 CRITICAL 3 HIGH 6 MEDIUM
0 0 0.0% 77%
61 Huawei 16 6
2 HIGH 4 MEDIUM
0 1 0.0% 83% -4
62 Hikvision 16 4
4 HIGH
0 0 0.0% 0%
63 Siemens 4 4
1 HIGH 1 MEDIUM 2 LOW
0 0 0.0% 50% -38
64 Fortigate 4 3
1 HIGH 1 MEDIUM 1 LOW
0 0 0.0% 0% +2

How to read this table

Risk Score – composite metric: KEV ×50, Critical ×10, High ×4, PoC ×8, EPSS weight, patch rate penalty. Higher = riskier vendor.
Severity – bar + counts: C=Critical, H=High, M=Medium, L=Low.
KEV – CISA Known Exploited Vulnerabilities – confirmed actively exploited in the wild.
PoC – CVEs with public Proof of Concept exploit code available.
Avg EPSS – average Exploit Prediction Scoring System probability across vendor CVEs.
Patch Rate – % of CVEs where vendor has released a patch. Green ≥80%, Yellow ≥50%, Red <50%.
Trend – CVE count change vs previous period of same length. +N = more new CVEs, −N = fewer.

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy