Reports
Weekly Enterprise  Exploitation Trend Report
Manage view

Weekly Enterprise Exploitation Trend Report

11-03-2026 to 17-03-2026
The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.
Download PDF
Subscribe
259
259
Actively Exploited Vulnerabilities
115
115
Vendors Actively Exploited
Apache
Apache
Most Exploited Vendor
Microsoft Exchange
Microsoft Exchange
Most Exploited Product
Top 10 Actively Exploited Vendors
1
Apache
2
Ivanti
3
Atlassian
4
Cisco
5
Microsoft
6
Oracle
7
VMware
8
Citrix
9
Palo Alto Networks
10
Adobe
Top 10 CVEs of 2025 with the Highest EPSS Scores -17-03-2026
1
CVE-2024-27198
  • JetBrains TeamCity
  • Authentication Bypass
  • EPSS: 0.94579
  • Percentile: 1
2
CVE-2023-23752
  • Joomla
  • Improper Access Control
  • EPSS: 0.94527
  • Percentile: 1
3
CVE-2024-27199
  • JetBrains TeamCity
  • Path Traversal
  • EPSS: 0.94489
  • Percentile: 0.99999
4
CVE-2024-6670
  • WhatsUp Gold
  • SQL Injection
  • EPSS: 0.94468
  • Percentile: 0.99996
5
CVE-2023-35078
  • Ivanti EPMM
  • Authentication Bypass
  • EPSS: 0.94468
  • Percentile: 0.99996
6
CVE-2024-23897
  • Jenkins
  • Arbitrary File Read
  • EPSS: 0.94466
  • Percentile: 0.99995
7
CVE-2023-40044
  • WS_FTP Server
  • Code Injection
  • EPSS: 0.94449
  • Percentile: 0.99991
8
CVE-2023-32315
  • Openfire
  • Path Traversal
  • EPSS: 0.94441
  • Percentile: 0.9999
9
CVE-2024-7593
  • Ivanti vTM
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99986
10
CVE-2023-46747
  • F5 BIG-IP Configuration Utility
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99986
Top Exploited CVEs Against Enterprise Applications
CVE-2022-41082
Critical
Critical
Critical
Critical
Microsoft
  • Code/command Injection and Execution
  • Exchange
  • Used by Ransomware
    -
    United States
CVE-2021-42013
Critical
Critical
Critical
Critical
Apache
  • Code/command Injection and Execution
  • Apache HTTP Server
  • Used by Ransomware
    -
    China
CVE-2017-9841
Critical
Critical
Critical
Critical
PHPUnit - Sebastian Bergmann
  • Code/command Injection and Execution
  • PHPUnit
  • -
    China
CVE-2023-20198
Critical
Critical
Critical
Critical
Cisco
  • Code/command Injection and Execution
  • Cisco IOS XE
  • -
    United States
CVE-2025-55182
Critical
Critical
Critical
Critical
Meta
  • Code/command Injection and Execution
  • React Server Components
  • Used by Ransomware
    -
    France
CVE-2021-22986
Critical
Critical
Critical
Critical
F5
  • Code/command Injection and Execution
  • BIG-IP
  • Used by Ransomware
    -
    United States
CVE-2025-5777
Critical
Critical
Critical
Critical
Citrix
  • Out-of-Bounds Read 
  • Citrix NetScaler
  • Used by Ransomware
    -
    United States
CVE-2019-1653
High
High
High
High
Cisco
  • Sensitive Information Disclosure
  • Cisco RV320/RV325
  • -
    Netherlands
CVE-2023-35078
Critical
Critical
Critical
Critical
Ivanti
  • Authentication Bypass
  • Endpoint Manager Mobile (EPMM), formerly MobileIron Core
  • Used by Ransomware
    -
    United States
CVE-2020-3580
Medium
Medium
Medium
Medium
Cisco
  • Cross-Site Scripting
  • Cisco ASA and Cisco Firepower Threat Defense
  • Used by Ransomware
    -
    United States
Top 10 Targeted Countries
Top 10 Targeted Countries
China
:
43380
United States
:
32015
Pakistan
:
9393
India
:
8691
Singapore
:
8234
Vietnam
:
5990
UK
:
4353
South Korea
:
3949
Germany
:
3150
France
:
2811
Actively Exploited Enterprise Vendors
Apache | Ivanti | Atlassian | Cisco | D-Link | Microsoft | Oracle | VMware | Citrix | Palo Alto Networks | Adobe | F5 | Netgear | Fortinet | Draytek | Progress | Spring | QNAP | Zoho | SysAid | Geoserver | SAP | ZyXEL | Wordpress | Realtek | Hikvision | SolarWinds | Synacor | Sonatype | JetBrains | Gladinet | Aviatrix | SonicWall | IBM | Sitecore | Dassualt Systems | Zimbra | Tenda | Juniper | Grafana | CrushFTP | Dasan | PHPUnit - Sebastian Bergmann | Meta | Zyxel/Billion | Pulse Secure | ASUS | MobileIron | PHP Foundation | TP-Link | ForgeRock | Laravel | Webmin | SaltStack | PaperCut | MinIO | vBulletin | Linear | GLPI (teclib) | ownCloud | Drupal | PrimeFaces | Dahua | dotCMS | Mitel | Sophos | Telerik | nostromo | Paessler | Roundcube | WSO2 | XWiki | CONTEC | Lime Technology | Yealink | ConnectWise | Open Source Matters, Inc/Joomla community | Terramaster | Langflow | LG | Micro Focus | mongo-express | NextGen Healthcare | Sunhillo | Schneider Electric | Rejetto | FreePBX | Versa | Metabase | Qlik | Barco/AWIND | wftpserver.com | Check Point | Fortra | Commvault | NAKIVO | Jenkins | Kentico | RedHat | SmarterTools | Hitachi Vantara | Elastic | CyberPanel | Node.js | Cacti | HPE | Wazuh | GitLab | GeoVision | SugarCRM | Array Networks | Ignite Realtime | DigiEver | Cleo | ServiceNow
Most Active Ransomware Groups
#
Industry
Country
Ransomware
1
1
Business
Industry
England
Country
anubis
2
2
Business
Industry
United States
Country
everest
3
3
Government
Industry
United States
Country
medusa
4
4
Business
Industry
United States
Country
termite
5
5
Government
Industry
United States
Country
payoutsking
6
6
Business
Industry
United States
Country
qilin
7
7
Business
Industry
Georgia
Country
inc ransom
8
8
Business
Industry
France
Country
kairos
9
9
Automotive
Industry
Korea
Country
everest
10
10
Government
Industry
United States
Country
akira
Ransomware Posting Frequency by Group - Last 7 Days
Remotely Exploited CISA KEV CVEs Added
These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them  to mitigate risks.
CVE-2025-47813
CVE-2026-3910
CVE-2026-3909
CVE-2025-68613
CVE-2021-22054
CVE-2025-26399
CVE-2026-1603
CVE-2017-7921
CVE-2021-22681
CVE-2023-43000
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Threat Exposure Management
Agentic AI -Assisted Exposure Assessment & Adversarial Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2025 NetSentries Technologies Inc.  All Rights Reserved.
Privacy Policy