Skip to main content

Vendor Intelligence

Security scorecards – CVE volume, patch rates, exploit exposure, and composite risk for 63 vendors

Period: 30d 90d 6m 1y All
# Vendor Risk Score CVEs Severity KEV PoC Avg EPSS Patch Rate Trend
1 Suse 16880 5370
350 CRITICAL 2037 HIGH 2971 MEDIUM
16 554 0.1% 98% +3607
2 Red Hat 14182 4943
262 CRITICAL 1863 HIGH 2818 MEDIUM
15 420 0.1% 97% +3382
3 Microsoft 8019 1840
151 CRITICAL 1076 HIGH 554 MEDIUM 49 LOW
26 113 0.6% 62% +1045
4 WordPress 6801 3779
257 CRITICAL 818 HIGH 2672 MEDIUM 25 LOW
0 117 0.3% 5% +1505
5 Linux 5462 3950
84 CRITICAL 1035 HIGH 1887 MEDIUM 11 LOW
1 54 0.0% 94% +2847
6 Google 5120 1534
90 CRITICAL 715 HIGH 594 MEDIUM 116 LOW
12 95 0.1% 61% +1129
7 Tenda 3837 389
14 CRITICAL 294 HIGH 44 MEDIUM 37 LOW
0 312 0.3% 0% +232
8 D-Link 3460 371
46 CRITICAL 190 HIGH 53 MEDIUM 82 LOW
0 277 0.2% 3% +249
9 Apple 2441 839
60 CRITICAL 269 HIGH 452 MEDIUM 57 LOW
9 39 0.1% 44% +342
10 Debian 2108 1205
25 CRITICAL 243 HIGH 768 MEDIUM 59 LOW
3 92 0.1% 99% +1181
11 Mozilla 1902 352
123 CRITICAL 154 HIGH 73 MEDIUM 2 LOW
0 7 0.0% 95% +260
12 Apache 1646 392
64 CRITICAL 179 HIGH 126 MEDIUM 8 LOW
1 30 0.3% 81% +303
13 TOTOLINK 1294 120
16 CRITICAL 79 HIGH 18 MEDIUM 7 LOW
0 99 1.4% 0% -17
14 Cisco 1155 272
22 CRITICAL 66 HIGH 182 MEDIUM 2 LOW
11 12 0.5% 1% +169
15 TP-Link 862 124
1 CRITICAL 109 HIGH 13 MEDIUM
1 44 0.5% 23% +111
16 Adobe 739 447
13 CRITICAL 99 HIGH 328 MEDIUM 7 LOW
3 5 0.4% 4% +376
17 Linksys 653 58
43 HIGH 4 MEDIUM 11 LOW
0 57 0.4% 0% +27
18 Fortinet 575 124
11 CRITICAL 33 HIGH 69 MEDIUM 11 LOW
5 7 1.8% 0% +41
19 Nginx 526 107
19 CRITICAL 56 HIGH 28 MEDIUM 2 LOW
0 14 0.2% 79% +87
20 Dell 518 214
8 CRITICAL 95 HIGH 95 MEDIUM 10 LOW
1 1 0.3% 52% +118
21 Gitlab 500 182
4 CRITICAL 56 HIGH 92 MEDIUM 29 LOW
0 29 0.1% 43% +110
22 Nvidia 483 160
9 CRITICAL 93 HIGH 41 MEDIUM 16 LOW
0 0 0.1% 9% +114
23 IBM 481 461
13 CRITICAL 85 HIGH 334 MEDIUM 25 LOW
0 0 0.0% 29% +193
24 Oracle 422 229
14 CRITICAL 62 HIGH 136 MEDIUM 17 LOW
0 3 0.0% 29% +64
25 Ivanti 410 58
4 CRITICAL 32 HIGH 22 MEDIUM
4 2 4.1% 7% +12
26 Samsung 349 148
14 CRITICAL 47 HIGH 82 MEDIUM 1 LOW
0 0 0.0% 9% +85
27 SAP 327 172
21 CRITICAL 24 HIGH 111 MEDIUM 16 LOW
0 0 0.1% 8% +98
28 Citrix 304 13
3 CRITICAL 9 HIGH 1 MEDIUM
4 4 6.3% 62% +10
29 Hashicorp 278 54
10 CRITICAL 20 HIGH 16 MEDIUM 5 LOW
1 6 0.0% 68% +42
30 Canonical 250 81
11 CRITICAL 27 HIGH 32 MEDIUM 3 LOW
0 4 0.0% 94% +66
31 Intel 214 186
2 CRITICAL 45 HIGH 109 MEDIUM 17 LOW
0 0 0.0% 21% +33
32 VMware 197 31
1 CRITICAL 17 HIGH 11 MEDIUM 1 LOW
2 1 0.3% 29% +5
33 Juniper 196 77
6 CRITICAL 34 HIGH 37 MEDIUM
0 0 0.0% 64% +47
34 Netgear 178 22
3 CRITICAL 14 HIGH 3 MEDIUM 2 LOW
0 10 0.5% 27% -21
35 Ubiquiti 148 20
12 CRITICAL 7 HIGH 1 MEDIUM
0 0 0.1% 65% +12
36 Broadcom 140 22
2 CRITICAL 14 HIGH 5 MEDIUM
1 0 0.4% 23% +19
37 HP 138 33
3 CRITICAL 15 HIGH 14 MEDIUM
0 5 1.6% 36% +20
38 Atlassian 136 31
8 CRITICAL 12 HIGH 9 MEDIUM 2 LOW
0 1 0.5% 77% +22
39 Drupal 118 59
1 CRITICAL 17 HIGH 39 MEDIUM 2 LOW
0 5 0.1% 90% -78
40 Amd 118 86
1 CRITICAL 27 HIGH 49 MEDIUM 3 LOW
0 0 0.0% 52% +37
41 Paloalto 97 31
1 CRITICAL 6 HIGH 14 MEDIUM 6 LOW
1 1 0.5% 42% -5
42 Jenkins 96 77
1 CRITICAL 19 HIGH 56 MEDIUM
0 1 0.0% 46% +45
43 Wazuh 94 17
3 CRITICAL 2 HIGH 11 MEDIUM 1 LOW
0 7 0.1% 76% +14
44 Joomla 93 21
4 CRITICAL 7 HIGH 9 MEDIUM
0 0 0.1% 0% +3
45 Qnap 92 82
1 CRITICAL 20 HIGH 60 MEDIUM 1 LOW
0 0 0.1% 46% +75
46 Elastic 76 34
2 CRITICAL 9 HIGH 21 MEDIUM 2 LOW
0 2 0.1% 41% +12
47 Lenovo 70 31
16 HIGH 14 MEDIUM
0 0 0.0% 39% +22
48 Zte 69 15
5 HIGH 9 MEDIUM 1 LOW
0 3 0.0% 0% +15
49 Abb 67 11
1 CRITICAL 8 HIGH 2 MEDIUM
0 0 0.1% 0% +6
50 Hikvision 64 8
1 CRITICAL 7 HIGH
0 0 0.5% 0% +8
51 Zyxel 63 17
1 CRITICAL 7 HIGH 9 MEDIUM
0 0 0.2% 0% +7
52 Synology 60 26
2 CRITICAL 10 HIGH 14 MEDIUM
0 0 0.1% 92% +13
53 Rockwell 55 6
1 CRITICAL 5 HIGH
0 0 0.1% 0% -12
54 Mikrotik 53 5
3 HIGH 2 MEDIUM
0 2 0.2% 0% +4
55 Aruba 53 10
7 HIGH 3 MEDIUM
0 0 0.1% 0% -1
56 Sonicwall 47 8
1 CRITICAL 3 HIGH 2 MEDIUM 2 LOW
0 0 0.1% 0% +3
57 Siemens 45 10
5 HIGH 5 MEDIUM
0 0 0.1% 0% -15
58 Fortigate 37 5
3 HIGH 1 MEDIUM 1 LOW
0 0 0.0% 0% +5
59 Ericsson 32 9
6 HIGH 3 MEDIUM
0 0 0.1% 33% +7
60 Mediatek 16 9
4 HIGH 3 MEDIUM
0 0 0.0% 100% -1
61 Nokia 8 3
2 HIGH 1 MEDIUM
0 0 0.1% 0% +2
62 Qualcomm 8 10
2 HIGH 5 MEDIUM
0 0 0.0% 70% +8
63 Huawei 0 4
4 MEDIUM
0 0 0.0% 100% +1

How to read this table

Risk Score – composite metric: KEV ×50, Critical ×10, High ×4, PoC ×8, EPSS weight, patch rate penalty. Higher = riskier vendor.
Severity – bar + counts: C=Critical, H=High, M=Medium, L=Low.
KEV – CISA Known Exploited Vulnerabilities – confirmed actively exploited in the wild.
PoC – CVEs with public Proof of Concept exploit code available.
Avg EPSS – average Exploit Prediction Scoring System probability across vendor CVEs.
Patch Rate – % of CVEs where vendor has released a patch. Green ≥80%, Yellow ≥50%, Red <50%.
Trend – CVE count change vs previous period of same length. +N = more new CVEs, −N = fewer.

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy