Weekly Enterprise Exploitation Trend Report

10-06-2026 to 16-06-2026

The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.

276

Actively Exploited Vulnerabilities

115

Vendors Actively Exploited

Apache

Most Exploited Vendor

cPanel and WHM

Most Exploited Product

Top 10 Actively Exploited Vendors

Apache

Ivanti

Cisco

Atlassian

Citrix

VMware

Microsoft

Oracle

Palo Alto Networks

Adobe

Top 10 CVEs of 2025 with the Highest EPSS Scores -16-06-2026

CVE-2024-3400

PaloAlto PAN-OS
Command Injection
EPSS: 0.99999
Percentile: 1

CVE-2024-23897

Jenkins
Arbitrary File Read
EPSS: 0.99999
Percentile: 0.99995

CVE-2024-21893

Ivanti Connect Secure
Privilege Escalation
EPSS: 0.99999
Percentile: 0.99999

CVE-2024-21887

Ivanti Connect Secure
Command Injection
EPSS: 0.99999
Percentile: 1

CVE-2023-4966

Netscaler ADC and Gateway
Sensitive Information Disclosure
EPSS:0.99999
Percentile: 0.99993

CVE-2023-44487

HTTP/2
Denial of Service
EPSS: 0.99999
Percentile: 0.99996

CVE-2023-35082

Ivanti EPMM
Authentication Bypass
EPSS: 0.99999
Percentile: 0.99996

CVE-2023-35078

Ivanti EPMM
Authentication Bypass
EPSS: 0.99999
Percentile: 0.99995

CVE-2023-27350

PaperCut NG
Authentication Bypass
EPSS: 0.99999
Percentile: 0.99991

CVE-2023-22518

Confluence Data Center and Server
Command Injection
EPSS: 0.99999
Percentile: 0.99996

Top Exploited CVEs Against Enterprise Applications

CVE-2026-41940

Critical

cPanel

Authentication Bypass
cPanel and WHM
Used by Ransomware
-
United States

CVE-2022-41082

Critical

Microsoft

Command Injection
Exchange
Used by Ransomware
-
United States

CVE-2017-9841

Critical

PHPUnit - Sebastian Bergmann

Command Injection
PHPUnit
-
China

CVE-2021-42013

Critical

Apache

Path Traversal
Apache HTTP Server
Used by Ransomware
-
China

CVE-2023-20198

Critical

Cisco

Privilege Escalation
Cisco IOS XE
-
United States

CVE-2025-5777

High

Citrix

Sensitive Data Exposure
Citrix NetScaler
Used by Ransomware
-
United States

CVE-2019-1653

High

Cisco

Cisco RV320/RV325
FortiOS
-
Ireland

CVE-2021-44228

Critical

Apache

Command Injection
Log4j
Used by Ransomware
-
United States

CVE-2025-55182

Critical

Meta

Command Injection
React Server Components
Used by Ransomware
-
Ireland

CVE-2026-3055

Critical

Citrix

Sensitive Data Exposure
Citrix NetScaler ADC and NetScaler Gateway
-
United States

Top 10 Targeted Countries

Netherlands

252589

United States

40441

China

38672

Ireland

17825

Pakistan

11273

5841

South Korea

4804

India

4438

Germany

4367

Singapore

3664

Actively Exploited Enterprise Vendors

Most Active Ransomware Groups

Industry

Country

Ransomware

Government

Industry

France

Country

audit team

Energy

Industry

Belgium

Country

krybit

Government

Industry

Indonesia

Country

nova

Law Enforcement

Industry

United States

Country

nightspire

Logistics

Industry

United States

Country

dragonforce

Technology/Gaming

Industry

United States

Country

shadowbyt3$

Government

Industry

France

Country

kairos

Healthcare

Industry

United States

Country

anubis

Media

Industry

United States

Country

securotrop

Government

Industry

International

Country

shinyhunters

Ransomware Posting Frequency by Group - Last 7 Days

Remotely Exploited CISA KEV CVEs Added

These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them to mitigate risks.

CVE-2026-54420

CVE-2026-20262

CVE-2026-35273

CVE-2026-10520

CVE-2026-11645

CVE-2026-7473

CVE-2026-20245

CVE-2026-42271

CVE-2026-50751

CVE-2026-28318

Weekly Enterprise Exploitation Trend Report

Platform

Use Cases

Company

Resources

Weekly Enterprise Exploitation Trend Report

Platform

Use Cases

Company

Resources

Subscribe