Skip to main content
HomeTopicsVulnerabilities

Vulnerabilities

We've curated 342 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.

Showing 101-120 of 342 results

82% of the more than 10,000 Model Context Protocol (MCP) servers interact with sensitive APIs, creating additional vulnerabilities in 2025.

Endor Labs11/9/2025
MCP EcosystemSoftware Development

40% of IP cameras in the dataset have at least one vulnerability.

Forescout11/9/2025
IP cameras

There are over 1,400 unique vulnerabilities affecting IP cameras in the dataset.

Forescout11/9/2025
IP cameras

63% of banking, financial services, and insurance organizations reported harboring critical security debt in 2025, which is 13 percentage points higher than the cross-industry average.

Veracode11/1/2025
Open-source Vulnerabilitiessecurity debt

Open-source flaws account for over 82% of critical security debt at financial firms, despite third-party code representing only 17% of total security debt.

Veracode11/1/2025
Open-source Vulnerabilitiesremediation

77% of financial services organizations reported accruing some level of security debt.

Veracode11/1/2025
Open-source Vulnerabilitiessecurity debt

The average flaw half-life for financial services organizations is 276 days, indicating it takes nearly a month longer to fix security issues than in other industries.

Veracode11/1/2025
Open-source Vulnerabilities

In Q3 2025, Model Context Protocol vulnerabilities surged by 270% compared to Q2 2025.

Wallarm11/1/2025
API

In Q3 2025, authorization issues made up 28% of all API vulnerabilities.

Wallarm11/1/2025
API

In Q3 2025, vulnerabilities related to Agentic AI rose by 67%, indicating early signs of risk in autonomous orchestration.

Wallarm11/1/2025
API

In Q3 2025, AI-API vulnerabilities increased by 57%, driven by a 270% rise in Model Context Protocol vulnerabilities.

Wallarm11/1/2025
API

In Q3 2025, 16% of vulnerabilities added to CISA's Known Exploited Vulnerabilities catalog were API-related.

Wallarm11/1/2025
API

In Q3 2025, there were 1,602 disclosed API-related vulnerabilities, representing a 20% increase from Q2 2025.

Wallarm11/1/2025
API

Top-performing BFSI enterprises remediate over 9% of open flaws monthly, while lagging organizations have security debt in 85% or more of their applications.

Veracode11/1/2025
Open-source Vulnerabilitiesremediation

In Q3 2025, Security Misconfiguration accounted for 38% of all API flaws, rising by 33% from Q2 2025.

Wallarm11/1/2025
API

75% of manufacturing companies have critical vulnerabilities with a CVSS score of 8 or higher.

Black Kite10/8/2025
ManufacturingRansomware

65% of manufacturing companies have at least one vulnerability listed in the CISA Known Exploited Vulnerabilities (KEV) Catalog.

Black Kite10/8/2025
ManufacturingRansomware

41% of organizations cited vulnerabilities as the most common API security problem.

Salt Security10/8/2025
API

Exposing vulnerabilities is a top security convergence goal for 40% of German organizations.

Dynatrace10/7/2025
ObservabilityAI

41% of Boomers are more likely to worry that "AI might introduce security vulnerabilities".

Legit Security10/1/2025
AIAI-created apps