Vulnerabilities
We've curated 342 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.
Explore Subcategories
Related Topics
Showing 21-40 of 342 results
More than 48,000 CVEs were published in 2025, an 18% increase year-over-year.
Exploited vulnerabilities rose 43% in the first three months of 2026.
66% of analyzed CVEs had minimal real-world applicability.
Injection (CWE-74) occurrences grew 3,110%.
2,130 AI-related vulnerabilities were reported in 2025, a more than 200% increase since 2023.
Vulnerabilities added to CISA's Known Exploited Vulnerabilities catalog increased 43% in Q1 2026 compared with Q4 2025.
Beazley Security Labs recorded a 15% increase in critical zero-day advisories issued to clients in Q1 2026.
More than 15,200 new software vulnerabilities were disclosed in Q1 2026, including nearly 3,900 classified as high risk.
56% of organizations remain concerned they are still exposed to known vulnerabilities that have not yet been remediated in their environments.
56% of leaders lack a full view of risks and vulnerabilities within business systems.
24% of healthcare organizations report cyberattacks or exploited vulnerabilities involving medical devices.
32% of AI/LLM findings are rated as high risk, nearly 2.7x the overall high-risk rate of 12%.
Software vulnerability exploits account for approximately 13% of incurred losses in Resilience's manufacturing portfolio.
In 2025, the Linux Kernel recorded 2,257 reported vulnerabilities, the highest number among projects.
In 2025, nearly 50,000 new vulnerabilities were disclosed with an average CVSS score of 6.6.
44% of healthcare organizations use medical devices with known, unpatched vulnerabilities.
29.15% of organizations are vulnerable to the React2Shell RCE vulnerability.
More than 81% of organizations deploy vulnerable dependencies.
46.20% of organizations remain exposed to Log4Shell years after disclosure.
Routers and switches average nearly 32 vulnerabilities per device.