Skip to main content
HomeTopicsVulnerabilities

Vulnerabilities

We've curated 342 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.

Showing 61-80 of 342 results

Third-party libraries and open-source dependencies account for 66% of the most dangerous, longest-lived vulnerabilities.

Veracode5/27/2026
Open Source RiskThird-Party Risk

Mean vulnerabilities per codebase increased by 107% year-over-year.

Black Duck5/27/2026
Open Source Security

87% of organizations have at least one known exploitable vulnerability in deployed services

DataDog5/27/2026
DevSecOpsExploitable Vulnerabilities

82% of organizations now harbor security debt, an 11% increase from the prior year.

Veracode5/27/2026
Security Debt

Among the open-source users whose organizations reported a cybersecurity incident, 61.4% indicated that the incident occurred when a patch was available but had not been applied – a slight increase from 60.4% last year.

TuxCare5/27/2026
Open SourceCybersecurity Incident

92.6% of open-source users reported that their organization was aware it was vulnerable before the cybersecurity incident occurred.

TuxCare5/27/2026
Open SourceCybersecurity Incident

42% of vulnerabilities were exploited before public disclosure.

CrowdStrike5/27/2026
Zero-Day

44.4% of SMBs say poor coordination is the key hurdle to resolving security vulnerabilities and incidents.

N-able5/27/2026
SMBsCoordination

Registered software vulnerabilities rose 20% in 2025.

Darktrace5/27/2026
Software Vulnerabilities

Critical security debt, defined as risky vulnerabilities older than a year, increased 20% year-over-year.

Veracode5/27/2026
Security DebtRisk Management

41.7% of SMBs say containment is the key hurdle to resolving security vulnerabilities and incidents.

N-able5/27/2026
SMBsContainment

Services using end-of-life language versions face exploitable vulnerabilities in 50% of cases

DataDog5/27/2026
DevSecOpsExploitable Vulnerabilities

40% of exploited vulnerabilities by China-nexus actors targeted internet-facing edge devices.

CrowdStrike5/27/2026
Edge DevicesChina

Services using supported language versions face exploitable vulnerabilities in 31% of cases

DataDog5/27/2026
DevSecOpsExploitable Vulnerabilities

67% of exploited vulnerabilities used by China-nexus actors delivered immediate system access.

CrowdStrike5/27/2026
Nation-State ActivityChina

97% of API vulnerabilities can be exploited with a single request.

Wallarm2/22/2026
API SecurityExploitability

58% of large AppSec teams (50 members or more) that use SCA cite the inability to verify if vulnerabilities are exploitable in production as a major pain point.

Rein Security2/22/2026
Application SecuritySCA

In 2025, 17% of 67,058 published vulnerabilities (11,053 vulnerabilities) were API-related.

Wallarm2/22/2026
API SecurityAPI Vulnerabilities

99% of API vulnerabilities are remotely exploitable.

Wallarm2/22/2026
API SecurityRemote Exploitation

11% of detected vulnerabilities have a known exploit.

Barracuda2/22/2026
Known ExploitExploit Risk