Skip to main content
HomeTopicsVulnerabilities

Vulnerabilities

We've curated 342 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.

Showing 121-140 of 342 results

33% of consumers would be more cautious if they learned that AI-generated code caused a vulnerability in an app they used.

Legit Security10/1/2025
AIAI-created apps

28% of Millennials worry that "AI might introduce security vulnerabilities".

Legit Security10/1/2025
AIAI-created apps

Only 6% of organisations feel confident/very capable across all vulnerabilities surveyed, given the current geopolitical landscape.

pwc10/1/2025

Boomers are nearly 2x more likely to lose trust if they find out AI was used to develop their favorite app.

Legit Security10/1/2025
AIAI-created apps

23% of Gen Z would avoid AI apps entirely after an AI-related vulnerability.

Legit Security10/1/2025
AIAI-created apps

35% of Boomers would avoid AI apps entirely after an AI-related vulnerability.

Legit Security10/1/2025
AIAI-created apps

Roughly half of respondents say their organisation is at best only ‘somewhat capable’ of withstanding cyber attacks targeting specific vulnerabilities.

pwc10/1/2025
Cyber attackPreparadness

26% of consumers would try to avoid all apps with AI-generated code if they learned that AI-generated code caused a vulnerability in an app they used.

Legit Security10/1/2025
AIAI-created apps

Server security misconfigurations: 34.9% in the financial services industry (versus 27.9% average in other industries).

Cobalt9/30/2025
Financial servicesPen test

Server-side injection (Web/API): 4.2% in the financial services industry (versus 5.3% average in other industries).

Cobalt9/30/2025
Financial servicesPen test

Approximately one-third of serious issues are never resolved by the organizations in the financial services industry, contributing to backlog and systemic risk.

Cobalt9/30/2025
Financial servicesPen test

Components with known vulnerabilities: 6.1% in the financial services industry (versus 5.5% average in other industries).

Cobalt9/30/2025
Financial servicesPen test

76% of financial services leaders highlight third-party software vulnerabilities as a top concern.

Cobalt9/30/2025
Financial servicesPen test

Business logic flaws: 2.9% in the financial services industry (versus 2.3% average in other industries).

Cobalt9/30/2025
Financial servicesPen test

The half-life for serious findings is 147 days in the financial services industry. This metric, which accounts for unresolved vulnerabilities, places FS ninth overall out of the thirteen measured industries.

Cobalt9/30/2025
Financial servicesPen test

Sensitive data exposure: 10.5% in the financial services industry (versus 8.0% average in other industries).

Cobalt9/30/2025
Financial servicesPen test

Financial services firms demonstrate strengths in avoiding common, code-level flaws due to mature security programs and automated scanning (SAST/DAST). However, they struggle with vulnerabilities that require human-led testing.

Cobalt9/30/2025
Financial servicesPen test

The financial services industry resolves about two-thirds (66.7%) of serious findings. This ranks the industry 10 out of the 13 industries Cobalt researched.

Cobalt9/30/2025
Financial servicesPen test

78% of financial services firms report fixing critical vulnerabilities in business-critical assets within 14 days, indicating they narrowly meet strict internal SLA requirements.

Cobalt9/30/2025
Financial servicesPen test

Cross-site scripting (Web/API): 5.0% in the financial services industry (versus 9.7% average in other industries).

Cobalt9/30/2025
Financial servicesPen test