Cyberstats

Security Intelligence

VendorsVulnCheck

VulnCheck

Cybersecurity reports and statistics published by VulnCheck

4 categories1 reports

Research Reports

Reports and publications from VulnCheck

State of Exploitation - A look Into The 1H-2025 Vulnerability Exploitation & Threat Activity

7/30/2025

Recent Statistics & Reports

26.9% of KEVs first seen in 1H-2025 were still awaiting analysis by NIST.

7/30/2025
VulnerabilitiesKEVs

The top five categories for KEVs in 1H-2025 are: Content Management Systems (CMS): 86 KEVs, with a significant volume attributed to WordPress Plug-ins; Network Edge Devices: 77 KEVs; Server Software: 61 KEVs; Open Source Software: 55 KEVs; and Operating Systems: 38 KEVs.

7/30/2025
VulnerabilitiesKEVs

Vendors with Highest Number of KEVs in 1H-2025: Microsoft: 32 KEVs, with 26 of these being for Windows; Cisco: 10 KEVs; Apple OS: 6 KEVs; Totolink Networking Devices: 6 KEVs; and VMware: 6 KEVs.

7/30/2025
VulnerabilitiesKEVs

In 2H-2024, 44 KEVs were attributed to the North Korean cyber group Silent Chollima.

7/30/2025
VulnerabilitiesKEVs

Reports of KEVs associated with China and North Korea decreased in 1H-2025, while reports associated with Russia and Iran increased.

7/30/2025
VulnerabilitiesKEVs

In 2H-2024, 66 KEVs were attributed to the Chinese threat actor Flax Typhoon (AKA Ethereal Panda).

7/30/2025
VulnerabilitiesKEVs

In 1H-2025, 29 KEVs were attributed to Iranian threat actors.

7/30/2025
VulnerabilitiesKEVs

The countries with the largest number of active threat actor groups are: China: 20 groups, Russia: 11 groups, North Korea: 9 groups, and Iran: 6 groups.

7/30/2025
Threat actor groups

4.4% of KEVs are in a deferred status by NIST, meaning they are no longer maintained or updated

7/30/2025
VulnerabilitiesKEVs

32.1% of vulnerabilities (Known Exploited Vulnerabilities - KEVs) had exploitation evidence on or before the day of their CVE disclosure, often indicating zero-day exploitation. This marks an 8.5% increase in the percentage of KEVs exploited on or before disclosure compared to 23.6% in 2024.

7/30/2025
VulnerabilitiesCVEsKEVs

Top Categories

Vulnerabilities
9
KEVs
9
Threat actor groups
1
CVEs
1

Related Vendors

ReliaQuest
6 stats
Endor Labs
6 stats
Forescout
9 stats
Wallarm
7 stats
Veracode
5 stats