Skip to main content

CYBERSTATS

Security Intelligence

HomeTopicsVulnerabilities

Vulnerabilities

We've curated 267 cybersecurity statistics about Vulnerabilities to help you understand how software weaknesses and system flaws are being exploited by cybercriminals in 2025. This insight can guide you in fortifying your defenses effectively.

Explore Subcategories

Patching1Zero-Day Vulnerabilities1Critical Vulnerabilities1Vulnerability Management1Software Vulnerabilities1CVE1

Related Topics

API Security5Exploitability5API Vulnerabilities4Application Security3SCA3AI-related Vulnerabilities2

Top Vendors

CyCognito60Cobalt29Wallarm19Action112Black Kite11Seemplicity10

Showing 161-180 of 267 results

62% of organizations have at least one vulnerable AI package.

Orca Security6/5/2025
CloudAI

Each neglected cloud asset contains on average 115 vulnerabilities.

Orca Security6/5/2025
Cloud

36% of organizations have at least one cloud asset supporting more than 100 attack paths.

Orca Security6/5/2025
CloudAttack path

Organisations detect an average of 17 vulnerabilities in their cloud environments per week.

Prowler6/4/2025
CloudVulnerability assessment

67% of organisations conduct cloud vulnerability assessments monthly or more frequently.

Prowler6/4/2025
CloudVulnerability assessment

46% of organisations still struggle with cloud vulnerability management.

Prowler6/4/2025
CloudVulnerability assessment

96% of organisations conduct regular cloud vulnerability assessments.

Prowler6/4/2025
CloudVulnerability assessment

Top challenges in managing cloud vulnerabilities include Budget constraints (35%), Integrating vulnerability management with existing workflows (34%), and Lack of skilled personnel (32%).

Prowler6/4/2025
CloudVulnerability assessment

Recent research from Wiz highlights 6 known vulnerabilities with the underlying AI providers themselves.

FireTail6/1/2025
AI

A vulnerability in the Irish Government COVID-19 Vaccination Portal, present since December 2021, was disclosed in March 2024 and exposed the vaccination records of approximately one million residents.

FireTail6/1/2025
AIIreland

27% of assets hosted by Azure were vulnerable to at least one security issue or misconfiguration.

CyCognito5/21/2025
CloudAzure

Assets hosted by Azure showed 0.07% with critical vulnerabilities.

CyCognito5/21/2025
CloudAzure

25% of developers report being overwhelmed by the volume of vulnerabilities.

Pynt5/21/2025
Shift Left

Assets with both critical and easily exploitable issues were found across all cloud providers.

CyCognito5/21/2025
Cloud

AWS showed the lowest rate for assets with both critical and easily exploitable issues at 0.02%.

CyCognito5/21/2025
CloudAWS

Assets hosted by cloud providers other than AWS, Google, and Azure showed approximately 10 times higher rates of critical vulnerabilities compared to AWS, Google Cloud, and Azure.

CyCognito5/21/2025
Cloud

Alternative cloud and hosting providers showed rates ten times higher than AWS for assets with both critical and easily exploitable issues

CyCognito5/21/2025
Cloud

Assets hosted by AWS and Google Cloud showed 0.04% with critical vulnerabilities.

CyCognito5/21/2025
CloudAWS

38% of assets hosted by Google Cloud were vulnerable to at least one security issue or misconfiguration. This rate for Google Cloud was over 2.5x more than assets hosted by AWS.

CyCognito5/21/2025
CloudGoogle Cloud

Critical vulnerabilities (CVSS 9.0 or higher) were detected on assets hosted by all cloud providers, though uncommon.

CyCognito5/21/2025
Cloud