Vendor Intelligence

Security scorecards – CVE volume, patch rates, exploit exposure, and composite risk for 62 vendors

Period: 30d 90d 6m 1y All
# Vendor Risk Score CVEs Severity KEV PoC Avg EPSS Patch Rate Trend
1 Suse 13502 4426
250 CRITICAL 1440 HIGH 2617 MEDIUM 1 LOW
13 574 0.2% 98% +3139
2 Redhat 11276 3986
179 CRITICAL 1378 HIGH 2423 MEDIUM 1 LOW
11 428 0.1% 96% +2869
3 WordPress 8809 4201
281 CRITICAL 860 HIGH 2677 MEDIUM 41 LOW
0 317 0.4% 4% +2538
4 Microsoft 6454 1459
103 CRITICAL 845 HIGH 466 MEDIUM 40 LOW
24 103 0.8% 12% +871
5 Google 4053 1175
66 CRITICAL 518 HIGH 498 MEDIUM 36 LOW
12 90 0.1% 48% +861
6 Tenda 3833 377
22 CRITICAL 279 HIGH 69 MEDIUM 7 LOW
0 309 0.6% 0% +274
7 D-Link 3578 384
47 CRITICAL 205 HIGH 122 MEDIUM 9 LOW
0 283 0.5% 3% +318
8 Linux 3536 3051
26 CRITICAL 727 HIGH 1645 MEDIUM 11 LOW
0 46 0.0% 86% +2361
9 TOTOLINK 2683 264
38 CRITICAL 131 HIGH 85 MEDIUM 10 LOW
0 219 1.9% 0% +240
10 Apple 2396 797
60 CRITICAL 229 HIGH 453 MEDIUM 53 LOW
11 39 0.2% 14% +430
11 Debian 2276 1399
23 CRITICAL 252 HIGH 813 MEDIUM 84 LOW
3 111 0.1% 99% +1383
12 Apache 1028 263
34 CRITICAL 130 HIGH 86 MEDIUM 9 LOW
0 21 0.5% 73% +199
13 Mozilla 940 186
60 CRITICAL 73 HIGH 52 MEDIUM 1 LOW
0 6 0.1% 88% +129
14 Cisco 909 287
17 CRITICAL 75 HIGH 193 MEDIUM 2 LOW
7 8 0.5% 0% +235
15 TP-Link 880 121
2 CRITICAL 109 HIGH 9 MEDIUM
1 45 0.5% 22% +110
16 Linksys 740 64
5 CRITICAL 42 HIGH 17 MEDIUM
0 62 1.1% 0% +40
17 Adobe 520 397
6 CRITICAL 74 HIGH 313 MEDIUM 4 LOW
2 5 0.5% 4% +330
18 Fortinet 516 96
9 CRITICAL 27 HIGH 48 MEDIUM 12 LOW
5 5 2.8% 0% +22
19 Netgear 511 52
13 CRITICAL 28 HIGH 10 MEDIUM 1 LOW
0 31 1.7% 12% +39
20 Dell 471 173
7 CRITICAL 81 HIGH 70 MEDIUM 11 LOW
1 1 0.4% 12% +98
21 IBM 465 461
12 CRITICAL 83 HIGH 338 MEDIUM 26 LOW
0 0 0.1% 24% +250
22 Sap 439 161
21 CRITICAL 25 HIGH 102 MEDIUM 13 LOW
2 1 0.7% 9% +106
23 Ivanti 434 48
4 CRITICAL 24 HIGH 20 MEDIUM
5 2 7.8% 2% +8
24 Samsung 423 135
16 CRITICAL 46 HIGH 69 MEDIUM 2 LOW
1 1 0.4% 10% +97
25 Gitlab 409 172
1 CRITICAL 52 HIGH 90 MEDIUM 28 LOW
0 22 0.1% 20% +117
26 Nvidia 409 143
6 CRITICAL 82 HIGH 38 MEDIUM 17 LOW
0 0 0.1% 8% +108
27 Nginx 356 73
12 CRITICAL 35 HIGH 19 MEDIUM 5 LOW
0 12 0.2% 63% +61
28 Citrix 329 13
3 CRITICAL 9 HIGH 1 MEDIUM
4 4 6.3% 0% +10
29 Oracle 296 173
8 CRITICAL 44 HIGH 110 MEDIUM 11 LOW
0 5 0.2% 57% +85
30 Joomla 265 47
16 CRITICAL 20 HIGH 9 MEDIUM 1 LOW
0 0 0.2% 0% +30
31 Intel 232 224
1 CRITICAL 51 HIGH 147 MEDIUM 20 LOW
0 0 0.0% 15% +153
32 Juniper 211 76
5 CRITICAL 34 HIGH 37 MEDIUM
0 0 0.0% 0% +46
33 VMware 192 36
16 HIGH 17 MEDIUM 1 LOW
2 2 0.5% 28% +21
34 Drupal 154 88
1 CRITICAL 24 HIGH 60 MEDIUM 3 LOW
0 6 0.1% 84% -20
35 Broadcom 153 24
2 CRITICAL 15 HIGH 5 MEDIUM
1 1 0.4% 21% +23
36 Canonical 146 45
7 CRITICAL 15 HIGH 20 MEDIUM
0 2 0.0% 93% +35
37 Hp 128 28
2 CRITICAL 13 HIGH 13 MEDIUM
0 5 1.8% 21% +18
38 Qnap 125 83
2 CRITICAL 20 HIGH 60 MEDIUM 1 LOW
0 0 0.1% 0% +76
39 Hashicorp 104 28
2 CRITICAL 11 HIGH 13 MEDIUM 2 LOW
0 5 0.1% 64% +20
40 Atlassian 102 29
5 CRITICAL 11 HIGH 10 MEDIUM 3 LOW
0 1 0.5% 72% +23
41 Fortigate 97 9
1 CRITICAL 3 HIGH 4 MEDIUM 1 LOW
1 0 0.3% 0% +9
42 Wazuh 91 10
2 CRITICAL 2 HIGH 5 MEDIUM 1 LOW
0 6 0.2% 20% +7
43 Jenkins 88 61
2 CRITICAL 15 HIGH 44 MEDIUM
0 1 0.1% 49% +35
44 Ubiquiti 87 10
5 CRITICAL 3 HIGH 2 MEDIUM
0 0 0.3% 0% +4
45 Elastic 78 28
2 CRITICAL 9 HIGH 16 MEDIUM 1 LOW
0 2 0.2% 39% +12
46 Amd 76 62
19 HIGH 39 MEDIUM 2 LOW
0 0 0.0% 66% +37
47 Abb 75 15
1 CRITICAL 10 HIGH 4 MEDIUM
0 0 0.1% 0% +14
48 Zyxel 71 13
1 CRITICAL 5 HIGH 7 MEDIUM
0 2 0.4% 0% +6
49 Lenovo 64 23
12 HIGH 11 MEDIUM
0 0 0.0% 17% +16
50 Rockwell 63 8
1 CRITICAL 7 HIGH
0 0 0.1% 0% -8
51 Synology 63 18
1 CRITICAL 9 HIGH 8 MEDIUM
0 0 0.1% 17% +7
52 Hikvision 60 7
1 CRITICAL 6 HIGH
0 0 0.6% 0% +7
53 Paloalto 57 37
8 HIGH 18 MEDIUM 7 LOW
0 0 0.2% 0% +10
54 Siemens 57 21
8 HIGH 13 MEDIUM
0 0 0.1% 0% +8
55 Ericsson 57 11
8 HIGH 2 MEDIUM 1 LOW
0 0 0.1% 0% +11
56 Aruba 53 8
7 HIGH 1 MEDIUM
0 0 0.1% 0% -3
57 Sonicwall 35 9
1 CRITICAL 2 MEDIUM 2 LOW
0 0 0.1% 0% +5
58 Zte 33 5
2 HIGH 2 MEDIUM 1 LOW
0 0 0.0% 0% +5
59 Mikrotik 20 3
3 HIGH
0 1 0.2% 0% +2
60 Qualcomm 16 9
2 HIGH 5 MEDIUM
0 1 0.1% 67% +9
61 Mediatek 12 16
3 HIGH 9 MEDIUM
0 0 0.0% 100% +13
62 Nokia 8 3
2 HIGH 1 MEDIUM
0 0 0.1% 0% +2

How to read this table

Risk Score – composite metric: KEV ×50, Critical ×10, High ×4, PoC ×8, EPSS weight, patch rate penalty. Higher = riskier vendor.
Severity – bar + counts: C=Critical, H=High, M=Medium, L=Low.
KEV – CISA Known Exploited Vulnerabilities – confirmed actively exploited in the wild.
PoC – CVEs with public Proof of Concept exploit code available.
Avg EPSS – average Exploit Prediction Scoring System probability across vendor CVEs.
Patch Rate – % of CVEs where vendor has released a patch. Green ≥80%, Yellow ≥50%, Red <50%.
Trend – CVE count change vs previous period of same length. +N = more new CVEs, −N = fewer.

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy