Reports
Weekly Enterprise  Exploitation Trend Report
Manage view

Weekly Enterprise Exploitation Trend Report

06-05-2026 to 13-05-2026
The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.
Download PDF
Subscribe
267
267
Actively Exploited Vulnerabilities
112
112
Vendors Actively Exploited
Apache
Apache
Most Exploited Vendor
Cisco IOS XE
Cisco IOS XE
Most Exploited Product
Top 10 Actively Exploited Vendors
1
Apache
2
Ivanti
3
Cisco
4
Atlassian
5
Citrix
6
VMware
7
Microsoft
8
Oracle
9
Palo Alto Networks
10
Adobe
Top 10 CVEs of 2025 with the Highest EPSS Scores -13-05-2026
1
CVE-2023-23752
  • Joomla
  • Improper Access Control
  • EPSS: 0.94527
  • Percentile: 1
2
CVE-2024-6670
  • WhatsUp Gold
  • SQL Injection
  • EPSS: 0.94468
  • Percentile: 0.99997
3
CVE-2024-23897
  • Jenkins
  • Arbitrary File Read
  • EPSS: 0.94466
  • Percentile: 0.99996
4
CVE-2023-32315
  • Openfire
  • Path Traversal
  • EPSS: 0.94441
  • Percentile: 0.99991
5
CVE-2023-35078
  • Ivanti EPMM
  • Authentication Bypass
  • EPSS: 0.94438
  • Percentile: 0.99989
6
CVE-2024-7593
  • Ivanti vTM
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99988
7
CVE-2023-46747
  • F5 BIG-IP Configuration Utility
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99987
8
CVE-2023-46604
  • Java OpenWire protocol
  • Code Injection
  • EPSS: 0.94436
  • Percentile: 0.99988
9
CVE-2023-40044
  • WS_FTP Server
  • Insecure Deserialization
  • EPSS: 0.94436
  • Percentile: 0.99987
10
CVE-2024-28995
  • SolarWinds Serv-U
  • Path Traversal
  • EPSS: 0.94431
  • Percentile: 0.99986
Top Exploited CVEs Against Enterprise Applications
CVE-2023-20198
Critical
Critical
Critical
Critical
Cisco
  • Privilege Escalation
  • Cisco IOS XE
  • -
    Netherlands
CVE-2026-41940
Critical
Critical
Critical
Critical
cPanel
  • Remote Code Execution
  • cPanel and WHM
  • Used by Ransomware
    -
    United States
CVE-2022-41082
Critical
Critical
Critical
Critical
Microsoft
  • Remote Code Execution
  • Exchange
  • Used by Ransomware
    -
    United States
CVE-2021-42013
Critical
Critical
Critical
Critical
Apache
  • Remote Code Execution
  • Apache HTTP Server
  • Used by Ransomware
    -
    China
CVE-2017-9841
Critical
Critical
Critical
Critical
PHPUnit - Sebastian Bergmann
  • Remote Code Execution
  • PHPUnitc
  • -
    United States
CVE-2025-5777
High
High
High
High
Citrix
  • Out-of-Bounds Read
  • Citrix NetScaler
  • Used by Ransomware
    -
    United States
CVE-2025-55182
Critical
Critical
Critical
Critical
Meta
  • Remote Code Execution
  • React Server Components
  • Used by Ransomware
    -
    India
CVE-2021-44228
Critical
Critical
Critical
Critical
Apache
  • Remote Code Execution
  • Log4j
  • Used by Ransomware
    -
    Netherlands
CVE-2019-1653
High
High
High
High
Cisco
  • Remote Code Execution
  • Cisco RV320/RV325
  • -
    United States
CVE-2019-19781
Critical
Critical
Critical
Critical
Citrix
  • Remote Code Execution
  • Application Delivery Controller
  • Used by Ransomware
    -
    France
Top 10 Targeted Countries
Top 10 Targeted Countries
United States
:
44558
China
:
38118
India
:
12410
Pakistan
:
9220
Brazil
:
7935
UK
:
6674
Germany
:
5380
Vietnam
:
4639
Mexico
:
4163
Russia
:
3768
Actively Exploited Enterprise Vendors
Apache | Ivanti | Cisco | Atlassian | D-Link | Citrix | VMware | Microsoft | Oracle | Palo Alto Networks | Adobe | Fortinet | Netgear | F5 | Draytek | Zoho | Spring | Progress | Geoserver | QNAP | SAP | SysAid | ZyXEL | JetBrains | Wordpress | Realtek | SolarWinds | Synacor | Hikvision | SonicWall | Tenda | Aviatrix | Sonatype | Zimbra | IBM | Juniper | Gladinet | Jenkins | PaperCut | Dassualt Systems | Grafana | CrushFTP | Dasan | cPanel | PHPUnit - Sebastian Bergmann | Meta | Check Point | ownCloud | Open Source Matters, Inc/Joomla community | Zyxel/Billion | Pulse Secure | ConnectWise | Barco/AWIND | Roundcube | Dahua | TP-Link | ASUS | Webmin | nostromo | Drupal | vBulletin | Linear | Lime Technology | Paessler | Schneider Electric | mongo-express | dotCMS | Sitecore | MobileIron | Sunhillo | Micro Focus | SaltStack | Laravel | PrimeFaces | Elastic | Terramaster | GLPI (teclib) | LG | Langflow | Qlik | MinIO | Fortra | ForgeRock | Metabase | PHP Foundation | CONTEC | NextGen Healthcare | XWiki | Node.js | WSO2 | wftpserver.com | Yealink | FreePBX | Sophos | Cacti | Versa | Mitel | Telerik | CyberPanel | NAKIVO | Rejetto | Hitachi Vantara | Wazuh | Commvault | Kentico | HPE | Cleo | RedHat | Grandstream | SmarterTools
Most Active Ransomware Groups
#
Industry
Country
Ransomware
1
1
Manufacturing
Industry
United States
Country
payoutsking
2
2
Technology
Industry
United States
Country
shinyhunters
3
3
Manufacturing
Industry
United States
Country
play
4
4
Engineering
Industry
Canada
Country
aurora
5
5
Telecommunications
Industry
Qatar
Country
the gentlemen
6
6
Manufacturing
Industry
United States
Country
akira
7
7
Healthcare
Industry
United States
Country
space bears
8
8
Legal
Industry
Mexico
Country
bravox
9
9
Technology
Industry
United States
Country
genesis
10
10
Real Estate
Industry
United States
Country
qilin
Ransomware Posting Frequency by Group - Last 7 Days
Remotely Exploited CISA KEV CVEs Added
These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them  to mitigate risks.
CVE-2026-42208
CVE-2026-6973
CVE-2026-0300
CVE-2026-31431
CVE-2026-41940
CVE-2024-1708
CVE-2026-32202
CVE-2025-29635
CVE-2024-7399
CVE-2024-57728
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Threat Exposure Management
Agentic AI -Assisted Exposure Assessment & Adversarial Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2025 NetSentries Technologies Inc.  All Rights Reserved.
Privacy Policy