Vulnerabilities
We've curated 342 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.
Explore Subcategories
Related Topics
Showing 121-140 of 342 results
33% of consumers would be more cautious if they learned that AI-generated code caused a vulnerability in an app they used.
28% of Millennials worry that "AI might introduce security vulnerabilities".
Only 6% of organisations feel confident/very capable across all vulnerabilities surveyed, given the current geopolitical landscape.
Boomers are nearly 2x more likely to lose trust if they find out AI was used to develop their favorite app.
23% of Gen Z would avoid AI apps entirely after an AI-related vulnerability.
35% of Boomers would avoid AI apps entirely after an AI-related vulnerability.
Roughly half of respondents say their organisation is at best only ‘somewhat capable’ of withstanding cyber attacks targeting specific vulnerabilities.
26% of consumers would try to avoid all apps with AI-generated code if they learned that AI-generated code caused a vulnerability in an app they used.
Server security misconfigurations: 34.9% in the financial services industry (versus 27.9% average in other industries).
Server-side injection (Web/API): 4.2% in the financial services industry (versus 5.3% average in other industries).
Approximately one-third of serious issues are never resolved by the organizations in the financial services industry, contributing to backlog and systemic risk.
Components with known vulnerabilities: 6.1% in the financial services industry (versus 5.5% average in other industries).
76% of financial services leaders highlight third-party software vulnerabilities as a top concern.
Business logic flaws: 2.9% in the financial services industry (versus 2.3% average in other industries).
The half-life for serious findings is 147 days in the financial services industry. This metric, which accounts for unresolved vulnerabilities, places FS ninth overall out of the thirteen measured industries.
Sensitive data exposure: 10.5% in the financial services industry (versus 8.0% average in other industries).
Financial services firms demonstrate strengths in avoiding common, code-level flaws due to mature security programs and automated scanning (SAST/DAST). However, they struggle with vulnerabilities that require human-led testing.
The financial services industry resolves about two-thirds (66.7%) of serious findings. This ranks the industry 10 out of the 13 industries Cobalt researched.
78% of financial services firms report fixing critical vulnerabilities in business-critical assets within 14 days, indicating they narrowly meet strict internal SLA requirements.
Cross-site scripting (Web/API): 5.0% in the financial services industry (versus 9.7% average in other industries).