Reports
Weekly Enterprise  Exploitation Trend Report
Manage view

Weekly Enterprise Exploitation Trend Report

29-04-2026 to 05-05-2026
The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.
Download PDF
Subscribe
267
267
Actively Exploited Vulnerabilities
112
112
Vendors Actively Exploited
Apache
Apache
Most Exploited Vendor
Junos OS
Junos OS
Most Exploited Product
Top 10 Actively Exploited Vendors
1
Apache
2
Ivanti
3
Atlassian
4
Cisco
5
VMware
6
Citrix
7
Microsoft
8
Oracle
9
Palo Alto Networks
10
Adobe
Top 10 CVEs of 2025 with the Highest EPSS Scores -05-05-2026
1
CVE-2023-23752
  • Joomla
  • Improper Access Control
  • EPSS: 0.94527
  • Percentile: 1
2
CVE-2024-6670
  • WhatsUp Gold
  • SQL Injection
  • EPSS: 0.94468
  • Percentile: 0.99997
3
CVE-2024-23897
  • Jenkins
  • Arbitrary File Read
  • EPSS: 0.94466
  • Percentile: 0.99996
4
CVE-2023-32315
  • Openfire
  • Path Traversal
  • EPSS: 0.94441
  • Percentile: 0.99991
5
CVE-2023-35078
  • Ivanti EPMM
  • Authentication Bypass
  • EPSS: 0.94438
  • Percentile: 0.99989
6
CVE-2024-7593
  • Ivanti vTM
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99987
7
CVE-2023-46747
  • F5 BIG-IP Configuration Utility
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99986
8
CVE-2023-46604
  • Java OpenWire protocol
  • Code Injection
  • EPSS: 0.94436
  • Percentile: 0.99987
9
CVE-2023-40044
  • WS_FTP Server
  • Insecure Deserialization
  • EPSS: 0.94436
  • Percentile: 0.99987
10
CVE-2024-28995
  • SolarWinds Serv-U
  • Path Traversal
  • EPSS: 0.94431
  • Percentile: 0.99985
Top Exploited CVEs Against Enterprise Applications
CVE-2023-36845
Critical
Critical
Critical
Critical
Juniper
  • Code/command Injection and Execution
  • Junos OS (J-Web)
  • -
    United States
CVE-2020-8193
Medium
Medium
Medium
Medium
Citrix
  • Authorization Bypass
  • Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP
  • -
    United States
CVE-2026-41940
Critical
Critical
Critical
Critical
cPanel
  • Code/command Injection and Execution
  • cPanel and WHM
  • -
    Germany
CVE-2023-36844
Medium
Medium
Medium
Medium
Juniper
  • Code/command Injection and Execution
  • Junos OS (J-Web)
  • -
    United Kingdom
CVE-2021-42013
Critical
Critical
Critical
Critical
Apache
  • Code/command Injection and Execution
  • Apache HTTP Server
  • Used by Ransomware
    -
    China
CVE-2017-9841
Critical
Critical
Critical
Critical
PHPUnit - Sebastian Bergmann
  • Code/command Injection and Execution
  • PHPUnit
  • -
    China
CVE-2026-3055
Critical
Critical
Critical
Critical
Citrix
  • Memory Overread
  • Citrix NetScaler ADC and NetScaler Gateway
  • -
    United States
CVE-2023-41265
Critical
Critical
Critical
Critical
Qlik
  • HTTP Tunneling
  • Qlik Sense
  • Used by Ransomware
    -
    United States
CVE-2022-26138
Critical
Critical
Critical
Critical
Atlassian
  • Sensitive Data Exposure
  • Confluence
  • -
    United States
CVE-2023-35078
Critical
Critical
Critical
Critical
Ivanti
  • Authentication Bypass
  • Endpoint Manager Mobile (EPMM), formerly MobileIron Core
  • Used by Ransomware
    -
    United States
Top 10 Targeted Countries
Top 10 Targeted Countries
China
:
47004
United States
:
45391
India
:
13260
Pakistan
:
10813
Vietnam
:
9624
Brazil
:
8644
UK
:
7084
Germany
:
5099
France
:
4125
Singapore
:
4014
Actively Exploited Enterprise Vendors
Apache | Ivanti | Atlassian | Cisco | D-Link | VMware | Citrix | Microsoft | Oracle | Palo Alto Networks | Adobe | Fortinet | Netgear | F5 | Spring | Progress | Draytek | Zoho | JetBrains | Geoserver | QNAP | SysAid | Wordpress | ZyXEL | SAP | Juniper | Realtek | Synacor | SolarWinds | Hikvision | Grafana | Sonatype | Gladinet | Zimbra | IBM | Dassualt Systems | SonicWall | PaperCut | Tenda | Aviatrix | Jenkins | CrushFTP | cPanel | Dasan | PHPUnit - Sebastian Bergmann | Qlik | Meta | MobileIron | Check Point | Pulse Secure | Zyxel/Billion | ownCloud | Open Source Matters, Inc/Joomla community | ConnectWise | TP-Link | Laravel | Versa | LG | ASUS | SaltStack | MinIO | Webmin | PrimeFaces | NextGen Healthcare | Paessler | ForgeRock | Telerik | XWiki | Lime Technology | Yealink | Elastic | vBulletin | Terramaster | Langflow | Drupal | nostromo | PHP Foundation | Barco/AWIND | FreePBX | Schneider Electric | Linear | Metabase | GLPI (teclib) | mongo-express | Dahua | Roundcube | Mitel | wftpserver.com | Fortra | Micro Focus | CONTEC | Sunhillo | Node.js | dotCMS | Sitecore | WSO2 | Sophos | CyberPanel | NAKIVO | Rejetto | Hitachi Vantara | Commvault | Cleo | Wazuh | Kentico | Grandstream | HPE | RedHat | Cacti | DigiEver | GeoVision | SmarterTools
Most Active Ransomware Groups
#
Industry
Country
Ransomware
1
1
Energy
Industry
France
Country
space bears
2
2
Food & Beverage
Industry
Dominican Republic
Country
drakrybit
3
3
Construction
Industry
United States
Country
inc ransom
4
4
Construction
Industry
United States
Country
securotrop
5
5
Manufacturing
Industry
Japan
Country
safepay
6
6
Real Estate
Industry
United States
Country
qilin
7
7
Manufacturing
Industry
United States
Country
chaos
8
8
Travel & Leisure
Industry
United States
Country
pear
9
9
Automotive
Industry
United States
Country
interlock
10
10
Healthcare
Industry
United States
Country
cmd organization
Ransomware Posting Frequency by Group - Last 7 Days
Remotely Exploited CISA KEV CVEs Added
These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them  to mitigate risks.
CVE-2026-31431
CVE-2026-41940
CVE-2024-1708
CVE-2026-32202
CVE-2025-29635
CVE-2024-7399
CVE-2024-57728
CVE-2024-57726
CVE-2026-39987
CVE-2026-33825
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Threat Exposure Management
Agentic AI -Assisted Exposure Assessment & Adversarial Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2025 NetSentries Technologies Inc.  All Rights Reserved.
Privacy Policy