Vendor Security Activity Reports
Per-vendor CVE disclosure volume, severity composition, CISA KEV listings, and patch velocity. Every number sourced from NVD, CISA, MITRE cvelistV5, or a vendor advisory timestamp. No synthesized scores.
Generated Jul 18, 2026Cohort: 9 vendors with ≥10 CVE advisoriesMethodology ↗
| Vendor | CVEs | Crit+High | KEV rate |
|---|---|---|---|
| Ubuntu | 25,989 | 33.7%(3,074) | 0.5%(43) |
| Red Hat | 25,318 | 43.4%(3,211) | 0.5%(38) |
| Microsoft | 22,538 | 52.1%(6,817) | 1.0%(129) |
| GitLab | 485 | 27.7%(127) | 0.4%(2) |
| Cisco | 124 | 41.9%(52) | 6.5%(8) |
| AWS | 103 | 63.1%(65) | 1.9%(2) |
| Google Cloud | 63 | 60.3%(38) | 1.6%(1) |
| Palo Alto Networks | 46 | 65.2%(30) | 4.3%(2) |
| HashiCorp | 26 | 57.7%(15) | 0.0%(0) |