Loading...
Loading...
Enterprise Linux + middleware (RHSA advisories)
Generated May 28, 2026Cohort: 3 vendors with ≥10 CVE advisoriesMethodology ↗
Total all-time: 16,354 CVEs with Red Hat advisories. Source: NVD CVE records joined with vendor advisory publish dates.
44.4% of Red Hat's 16,354 CVEs are CRITICAL or HIGH severity. Industry median: 40.3%. Source: NVD CVSS v3.1.
34 of 4,721 Red Hat CVEs in the last 3 years are on CISA's Known Exploited Vulnerabilities catalog (0.7%). Industry median: 0.7%.
Source: CISA Known Exploited Vulnerabilities catalog (current snapshot). KEV listing means CISA observed active in-the-wild exploitation.
Median time from CVE disclosure to Red Hat advisory: 6 days (p25 <1 day – p75 20 days). Industry median: 10 days.
Sample size: 155 CVE→advisory pairs over the last 3 years. Source: vendor advisory published_at minus CVE published.
Most-frequently mapped CWEs across Red Hat's last 3 years of CVE disclosures. Source: NVD — CWE mapping per MITRE taxonomy.
Snapshot generated May 28, 2026. Industry medians refresh every 6 hours; raw vendor counts are queried live on each request.
Spot a factual error in this report?
Email support@echelongraph.io with the specific number you're disputing and a link to the authoritative source. We review every report and publish corrections on the methodology page.