Reports
Weekly Enterprise  Exploitation Trend Report
Manage view

Weekly Enterprise Exploitation Trend Report

07-01-2026 to 13-01-2026
The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.
Download PDF
Subscribe
250
250
Actively Exploited Vulnerabilities
110
110
Vendors Actively Exploited
Apache
Apache
Most Exploited Vendor
Cisco IOS XE
Cisco IOS XE
Most Exploited Product
Top 10 Actively Exploited Vendors
1
Apache
2
Ivanti
3
Atlassian
4
Oracle
5
Cisco
6
Microsoft
7
Citrix
8
Palo Alto Networks
9
VMware
10
Progress
Top 10 CVEs of 2025 with the Highest EPSS Scores -13-01-2026
1
CVE-2024-27198
  • JetBrains TeamCity
  • Authentication Bypass
  • EPSS: 0.94579
  • Percentile: 1
2
CVE-2023-23752
  • Joomla
  • Improper Access Control
  • EPSS: 0.94502
  • Percentile: 1
3
CVE-2024-27199
  • JetBrains TeamCity
  • Path Traversal
  • EPSS: 0.94489
  • Percentile: 0.99999
4
CVE-2023-35078
  • Ivanti EPMM
  • Authentication Bypass
  • EPSS: 0.94482
  • Percentile: 0.99998
5
CVE-2024-6670
  • WhatsUp Gold
  • SQL Injection
  • EPSS: 0.94468
  • Percentile: 0.99996
6
CVE-2024-23897
  • Jenkins
  • Arbitrary File Read
  • EPSS: 0.94466
  • Percentile: 0.99995
7
CVE-2023-40044
  • WS_FTP Server
  • Code Injection
  • EPSS: 0.94449
  • Percentile: 0.99991
8
CVE-2023-32315
  • Openfire
  • Path Traversal
  • EPSS: 0.94441
  • Percentile: 0.99989
9
CVE-2023-38035
  • Ivanti MobileIron Sentry
  • Authentication Bypass
  • EPSS: 0.94438
  • Percentile: 0.99987
10
CVE-2024-7593
  • Ivanti vTM
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99985
Top Exploited CVEs Against Enterprise Applications
CVE-2023-20198
Critical
Critical
Critical
Critical
Cisco
  • Code/command Injection and Execution
  • Cisco IOS XE
  • -
    United States
CVE-2022-41082
Critical
Critical
Critical
Critical
Microsoft
  • Code/command Injection and Execution
  • Exchange
  • Used by Ransomware
    -
    United States
CVE-2025-55182
Critical
Critical
Critical
Critical
Meta
  • Code/command Injection and Execution
  • React Server Components
  • Used by Ransomware
    -
    Netherlands
CVE-2021-42013
Critical
Critical
Critical
Critical
Apache
  • Code/command Injection and Execution
  • Apache HTTP Server
  • Used by Ransomware
    -
    China
CVE-2017-9841
Critical
Critical
Critical
Critical
PHPUnit - Sebastian Bergmann
  • Code/command Injection and Execution
  • PHPUnit
  • -
    United States
CVE-2025-5777
Critical
Critical
Critical
Critical
Citrix
  • Out-of-Bounds Read 
  • Citrix NetScaler
  • Used by Ransomware
    -
    United States
CVE-2019-1653
High
High
High
High
Cisco
  • Sensitive Information Disclosure
  • Cisco RV320/RV325
  • -
    United States
CVE-2021-44228
Critical
Critical
Critical
Critical
Apache
  • Code/command Injection and Execution
  • Log4j
  • Used by Ransomware
    -
    United States
CVE-2023-38035
Critical
Critical
Critical
Critical
Ivanti
  • Authentication Bypass
  • Sentry
  • Used by Ransomware
    -
    United States
CVE-2022-37042
Critical
Critical
Critical
Critical
Synacor
  • Path Traversal
  • Zimbra Collaboration Suite
  • Used by Ransomware
    -
    Japan
Top 10 Targeted Countries
Top 10 Targeted Countries
China
:
58209
United States
:
45785
Singapore
:
19527
India
:
16582
Brazil
:
15250
Russia
:
7498
Philippines
:
6880
Argentina
:
6850
Pakistan
:
5357
UK
:
4662
Actively Exploited Enterprise Vendors
Apache | Ivanti | Atlassian | Oracle | Cisco | D-Link | Microsoft | Citrix | Palo Alto Networks | VMware | Progress | Adobe | Netgear | Fortinet | Spring | Draytek | F5 | Geoserver | Zoho | Zyxel | Wordpress | SAP | SysAid | Realtek | Synacor | SolarWinds | QNAP | SonicWall | Sonatype | Tenda | CrushFTP | JetBrains | Grafana | Aviatrix | Gladinet | Juniper | Dassualt Systems | Dasan | Meta | PHPUnit - Sebastian Bergmann | Zyxel/Billion | Pulse Secure | Check Point | ownCloud | Open Source Matters, Inc/Joomla community | ASUS | vBulletin | Linear | SaltStack | Laravel | Roundcube | Barco/AWIND | LG | Webmin | mongo-express | Paessler | Elastic | PrimeFaces | nostromo | Drupal | Hikvision | MobileIron | IBM | CONTEC | WSO2 | PHP Foundation | Telerik | MinIO | Metabase | Hitachi Vantara | TP-Link | Sunhillo | Micro Focus | Dahua | Sitecore | NextGen Healthcare | ConnectWise | GLPI (teclib) | dotCMS | Qlik | PaperCut | ForgeRock | Sophos | Node.js | Yealink | Lime Technology | Terramaster | XWiki | wftpserver.com | Jenkins | RedHat | Kentico | DigiEver | CyberPanel | Fortra | GeoVision | Mitel | Rejetto | FreePBX | Langflow | NAKIVO | Commvault | Ignite Realtime | Cleo | ServiceNow | Wazuh | Schneider Electric | Cacti | Array Networks | PTZOptics
Most Active Ransomware Groups
#
Industry
Country
Ransomware
1
1
Business
Industry
Canada
Country
beast
2
2
Business
Industry
United States
Country
inc ransom
3
3
Business
Industry
United States
Country
everest
4
4
Business
Industry
United States
Country
sinobi
5
5
Business
Industry
Argentina
Country
kazu
6
6
Business
Industry
India
Country
tridentlocker
7
7
Business
Industry
United States
Country
devman2
8
8
Business
Industry
United States
Country
qilin
9
9
Business
Industry
United States
Country
clop
10
10
Business
Industry
United States
Country
akira
Ransomware Posting Frequency by Group - Last 7 Days
Remotely Exploited CISA KEV CVEs Added
These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them  to mitigate risks.
CVE-2025-8110
CVE-2009-0556
CVE-2025-37164
CVE-2025-14847
CVE-2023-52163
CVE-2025-14733
CVE-2025-59374
CVE-2025-40602
CVE-2025-20393
CVE-2025-59718
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Threat Exposure Management
Agentic AI -Assisted Exposure Assessment & Adversarial Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2025 NetSentries Technologies Inc.  All Rights Reserved.
Privacy Policy