Weekly Enterprise Exploitation Trend Report

01-04-2026 to 07-04-2026

The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.

262

Actively Exploited Vulnerabilities

113

Vendors Actively Exploited

Apache

Most Exploited Vendor

Microsoft Exchange

Most Exploited Product

Top 10 Actively Exploited Vendors

Apache

Ivanti

Cisco

Atlassian

Citrix

Microsoft

Oracle

VMware

Palo Alto Networks

Adobe

Top 10 CVEs of 2025 with the Highest EPSS Scores -07-04-2026

CVE-2023-23752

Joomla
Improper Access Control
EPSS: 0.94527
Percentile: 1

CVE-2024-6670

WhatsUp Gold
SQL Injection
EPSS: 0.94468
Percentile: 0.99997

CVE-2023-35078

Ivanti EPMM
Authentication Bypass
EPSS: 0.94468
Percentile: 0.99997

CVE-2024-23897

Jenkins
Arbitrary File Read
EPSS: 0.94466
Percentile: 0.99996

CVE-2023-32315

Openfire
Path Traversal
EPSS: 0.94441
Percentile: 0.9999

CVE-2024-7593

Ivanti vTM
Authentication Bypass
EPSS: 0.94436
Percentile: 0.99987

CVE-2023-46747

F5 BIG-IP Configuration Utility
Authentication Bypass
EPSS: 0.94436
Percentile: 0.99986

CVE-2023-46604

Java OpenWire protocol
Code Injection
EPSS: 0.94436
Percentile: 0.99987

CVE-2023-40044

WS_FTP Server
Insecure Deserialization
EPSS: 0.94436
Percentile: 0.99986

CVE-2024-4040

CrushFTP
Authentication Bypass
EPSS: 0.94426
Percentile: 0.99983

Top Exploited CVEs Against Enterprise Applications

CVE-2022-41082

Critical

Microsoft

Code/command Injection and Execution
Exchange
Used by Ransomware
-
United States

CVE-2021-42013

Critical

Apache

Code/command Injection and Execution
Apache HTTP Server
Used by Ransomware
-
China

CVE-2023-20198

Critical

Cisco

Code/command Injection and Execution
Cisco IOS XE
-
United States

CVE-2017-9841

Critical

PHPUnit - Sebastian Bergmann

Code/command Injection and Execution
PHPUnit
-
United States

CVE-2025-5777

Critical

Citrix

Out-of-Bounds Read
Citrix NetScaler
Used by Ransomware
-
United States

CVE-2021-40438

Critical

Apache

Server-Side Request Forgerty
Apache HTTP Server
-
United States

CVE-2025-55182

Critical

Meta

Code/command Injection and Execution
React Server Components
Used by Ransomware
-
India

CVE-2019-1653

High

Cisco

Sensitive Information Disclosure
Cisco RV320/RV325
-
United States

CVE-2021-44228

Critical

Apache

Out-of-Bounds Read
Log4j
Used by Ransomware
-
United States

CVE-2019-19781

Medium

Citrix

Path Traversal
Application Delivery Controller
Used by Ransomware
-
United States

Top 10 Targeted Countries

China

62129

United States

43351

Pakistan

10336

India

5754

4294

Germany

3859

Vietnam

3844

Singapore

3568

South Korea

3144

France

2839

Actively Exploited Enterprise Vendors

Most Active Ransomware Groups

Industry

Country

Ransomware

Automotive

Industry

Philippines

Country

audit team

Healthcare

Industry

Bolivia

Country

the gentlemen

Pharmaceutical

Industry

South Korea

Country

gunra

Hospitality

Industry

Australia

Country

space bears

Manufacturing

Industry

Israel

Country

linkc

Healthcare

Industry

United States

Country

safepay

Real Estate

Industry

United States

Country

play

Insurance

Industry

Canada

Country

brain cipher

Engineering

Industry

United States

Country

akira

Logistics

Industry

Spain

Country

qilin

Ransomware Posting Frequency by Group - Last 7 Days

Remotely Exploited CISA KEV CVEs Added

These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them to mitigate risks.

CVE-2026-35616

CVE-2026-3502

CVE-2026-5281

CVE-2026-3055

CVE-2025-53521

CVE-2026-33634

CVE-2026-33017

CVE-2025-32432

CVE-2025-54068

CVE-2025-43510

Weekly Enterprise Exploitation Trend Report

Platform

Use Cases

Company

Resources

Weekly Enterprise Exploitation Trend Report

Platform

Use Cases

Company

Resources

Subscribe