Vulnerabilities
We've curated 342 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.
Explore Subcategories
Related Topics
Showing 101-120 of 342 results
82% of the more than 10,000 Model Context Protocol (MCP) servers interact with sensitive APIs, creating additional vulnerabilities in 2025.
40% of IP cameras in the dataset have at least one vulnerability.
There are over 1,400 unique vulnerabilities affecting IP cameras in the dataset.
63% of banking, financial services, and insurance organizations reported harboring critical security debt in 2025, which is 13 percentage points higher than the cross-industry average.
Open-source flaws account for over 82% of critical security debt at financial firms, despite third-party code representing only 17% of total security debt.
77% of financial services organizations reported accruing some level of security debt.
The average flaw half-life for financial services organizations is 276 days, indicating it takes nearly a month longer to fix security issues than in other industries.
In Q3 2025, Model Context Protocol vulnerabilities surged by 270% compared to Q2 2025.
In Q3 2025, authorization issues made up 28% of all API vulnerabilities.
In Q3 2025, vulnerabilities related to Agentic AI rose by 67%, indicating early signs of risk in autonomous orchestration.
In Q3 2025, AI-API vulnerabilities increased by 57%, driven by a 270% rise in Model Context Protocol vulnerabilities.
In Q3 2025, 16% of vulnerabilities added to CISA's Known Exploited Vulnerabilities catalog were API-related.
In Q3 2025, there were 1,602 disclosed API-related vulnerabilities, representing a 20% increase from Q2 2025.
Top-performing BFSI enterprises remediate over 9% of open flaws monthly, while lagging organizations have security debt in 85% or more of their applications.
In Q3 2025, Security Misconfiguration accounted for 38% of all API flaws, rising by 33% from Q2 2025.
75% of manufacturing companies have critical vulnerabilities with a CVSS score of 8 or higher.
65% of manufacturing companies have at least one vulnerability listed in the CISA Known Exploited Vulnerabilities (KEV) Catalog.
41% of organizations cited vulnerabilities as the most common API security problem.
Exposing vulnerabilities is a top security convergence goal for 40% of German organizations.
41% of Boomers are more likely to worry that "AI might introduce security vulnerabilities".