Analysis
Statistics & Trends
Live aggregates from 41,300 security articles tracked since 19 January 2026. Recomputed on every visit — last loaded 31 May 2026.
Volume over time
New vulnerability and attack articles per week. The roughly monthly spikes line up with Patch Tuesday — a calendar pattern, not a trend. The last point is the current week, still in progress.
Severity distribution
All tracked articles by assigned severity. “Info” is mostly general news rather than rated findings.
Severity over time
Weekly counts of critical, high, medium and low-severity articles. “Info” is excluded — at ~22,000 items it would flatten the four lines. Roughly monthly spikes track Patch Tuesday, not a trend. The last point is the current week, still in progress.
Attack methods — MITRE ATT&CK tactics
Most frequent ATT&CK tactics across articles where tactics were detected.
Most-affected vendors
Vendors named most often across vulnerability and attack coverage.
CVSS score distribution
CVSS severity bands across the 1,776 articles carrying a score — a skewed subset. A CVSS score is extracted far more often for well-documented (severe) items, so the critical/high share here runs well above the real distribution of all vulnerabilities.
Known-exploited vulnerabilities (KEV) over time
Total CVEs on the CISA KEV catalog over time — a running count, so it only rises. The catalog launched in November 2021; CISA’s periodic bulk additions show as steeper segments. 1,607 of the 12,413 CVEs tracked here (13%) are on KEV — known to be exploited. Tracked CVEs skew toward notable and KEV-listed ones, so this share runs above the real-world exploitation rate.
Time from CVE publication to KEV listing
For the 624 KEV CVEs published over a year ago: days between the CVE publication date and the date CISA cataloged it as exploited. The cohort is limited to mature CVEs — recent ones cannot yet show a long gap, and including them would understate the lag. “Same day or earlier” covers zero-days listed on or before publication.