{
  "index": "CYBERDUDEBIVASH SENTINEL APEX — Exploitation Velocity Index (EVI)",
  "description": "Reproducible aggregate statistics derived from the official CISA Known Exploited Vulnerabilities catalog.",
  "methodology": "https://blog.cyberdudebivash.in/research/exploitation-velocity-index.html#methodology",
  "primarySource": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
  "catalogVersion": "2026.07.01",
  "catalogDateReleased": "2026-07-01T19:00:06.9016Z",
  "generatedAt": "2026-07-05T08:21:49.165Z",
  "license": "CC BY 4.0 — attribution: CYBERDUDEBIVASH SENTINEL APEX, derived from CISA KEV (public domain).",
  "catalogSummary": {
    "totalKevEntries": 1631,
    "earliestEntry": "2021-11-03",
    "latestEntry": "2026-07-01",
    "ransomwareLinkedEntries": 328,
    "ransomwareLinkedSharePct": 20.1,
    "medianRemediationWindowDays": 21
  },
  "velocity": {
    "note": "KEV additions per calendar month — the rate at which CISA confirms new in-the-wild exploitation.",
    "trailing12MonthAdditions": 240,
    "prior12MonthAdditions": 251,
    "yoyChangePct": -4.4,
    "monthly": [
      {
        "month": "2025-02",
        "additions": 27
      },
      {
        "month": "2025-03",
        "additions": 32
      },
      {
        "month": "2025-04",
        "additions": 15
      },
      {
        "month": "2025-05",
        "additions": 24
      },
      {
        "month": "2025-06",
        "additions": 20
      },
      {
        "month": "2025-07",
        "additions": 20
      },
      {
        "month": "2025-08",
        "additions": 15
      },
      {
        "month": "2025-09",
        "additions": 16
      },
      {
        "month": "2025-10",
        "additions": 31
      },
      {
        "month": "2025-11",
        "additions": 11
      },
      {
        "month": "2025-12",
        "additions": 20
      },
      {
        "month": "2026-01",
        "additions": 17
      },
      {
        "month": "2026-02",
        "additions": 28
      },
      {
        "month": "2026-03",
        "additions": 26
      },
      {
        "month": "2026-04",
        "additions": 31
      },
      {
        "month": "2026-05",
        "additions": 21
      },
      {
        "month": "2026-06",
        "additions": 23
      },
      {
        "month": "2026-07",
        "additions": 1
      }
    ]
  },
  "topVendorsByRepresentation": [
    {
      "vendor": "Microsoft",
      "kevEntries": 378,
      "shareOfCatalogPct": 23.2,
      "ransomwareLinked": 104,
      "ransomwareSharePct": 27.5,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Cisco",
      "kevEntries": 93,
      "shareOfCatalogPct": 5.7,
      "ransomwareLinked": 6,
      "ransomwareSharePct": 6.5,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Apple",
      "kevEntries": 93,
      "shareOfCatalogPct": 5.7,
      "ransomwareLinked": 0,
      "ransomwareSharePct": 0,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Adobe",
      "kevEntries": 79,
      "shareOfCatalogPct": 4.8,
      "ransomwareLinked": 10,
      "ransomwareSharePct": 12.7,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Google",
      "kevEntries": 72,
      "shareOfCatalogPct": 4.4,
      "ransomwareLinked": 0,
      "ransomwareSharePct": 0,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Oracle",
      "kevEntries": 44,
      "shareOfCatalogPct": 2.7,
      "ransomwareLinked": 13,
      "ransomwareSharePct": 29.5,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Apache",
      "kevEntries": 39,
      "shareOfCatalogPct": 2.4,
      "ransomwareLinked": 7,
      "ransomwareSharePct": 17.9,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Ivanti",
      "kevEntries": 35,
      "shareOfCatalogPct": 2.1,
      "ransomwareLinked": 12,
      "ransomwareSharePct": 34.3,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Linux",
      "kevEntries": 26,
      "shareOfCatalogPct": 1.6,
      "ransomwareLinked": 2,
      "ransomwareSharePct": 7.7,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "D-Link",
      "kevEntries": 26,
      "shareOfCatalogPct": 1.6,
      "ransomwareLinked": 2,
      "ransomwareSharePct": 7.7,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Fortinet",
      "kevEntries": 26,
      "shareOfCatalogPct": 1.6,
      "ransomwareLinked": 13,
      "ransomwareSharePct": 50,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "VMware",
      "kevEntries": 26,
      "shareOfCatalogPct": 1.6,
      "ransomwareLinked": 9,
      "ransomwareSharePct": 34.6,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Citrix",
      "kevEntries": 22,
      "shareOfCatalogPct": 1.3,
      "ransomwareLinked": 7,
      "ransomwareSharePct": 31.8,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Synacor",
      "kevEntries": 18,
      "shareOfCatalogPct": 1.1,
      "ransomwareLinked": 5,
      "ransomwareSharePct": 27.8,
      "medianRemediationWindowDays": 21
    },
    {
      "vendor": "Android",
      "kevEntries": 17,
      "shareOfCatalogPct": 1,
      "ransomwareLinked": 0,
      "ransomwareSharePct": 0,
      "medianRemediationWindowDays": 21
    }
  ],
  "highestUrgencyVendors": {
    "note": "Vendors with >=5 KEV entries, ranked by shortest median CISA remediation window (days from catalog addition to federal remediation deadline). A shorter window is CISA signalling higher assessed urgency.",
    "vendors": [
      {
        "vendor": "Juniper",
        "kevEntries": 8,
        "medianRemediationWindowDays": 4
      },
      {
        "vendor": "SolarWinds",
        "kevEntries": 11,
        "medianRemediationWindowDays": 14
      },
      {
        "vendor": "Microsoft",
        "kevEntries": 378,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Cisco",
        "kevEntries": 93,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Oracle",
        "kevEntries": 44,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Ivanti",
        "kevEntries": 35,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Google",
        "kevEntries": 72,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Linux",
        "kevEntries": 26,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Android",
        "kevEntries": 17,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Palo Alto Networks",
        "kevEntries": 15,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Drupal",
        "kevEntries": 5,
        "medianRemediationWindowDays": 21
      },
      {
        "vendor": "Trend Micro",
        "kevEntries": 12,
        "medianRemediationWindowDays": 21
      }
    ]
  },
  "topWeaknessCategories": [
    {
      "cwe": "CWE-20",
      "count": 118,
      "sharePct": 7.2
    },
    {
      "cwe": "CWE-78",
      "count": 104,
      "sharePct": 6.4
    },
    {
      "cwe": "CWE-787",
      "count": 100,
      "sharePct": 6.1
    },
    {
      "cwe": "CWE-416",
      "count": 92,
      "sharePct": 5.6
    },
    {
      "cwe": "CWE-119",
      "count": 84,
      "sharePct": 5.2
    },
    {
      "cwe": "CWE-22",
      "count": 75,
      "sharePct": 4.6
    },
    {
      "cwe": "CWE-502",
      "count": 67,
      "sharePct": 4.1
    },
    {
      "cwe": "CWE-94",
      "count": 65,
      "sharePct": 4
    },
    {
      "cwe": "CWE-287",
      "count": 39,
      "sharePct": 2.4
    },
    {
      "cwe": "CWE-843",
      "count": 37,
      "sharePct": 2.3
    }
  ],
  "recentAdditions": [
    {
      "cveID": "CVE-2026-45659",
      "vendor": "Microsoft",
      "product": "SharePoint Server",
      "dateAdded": "2026-07-01",
      "dueDate": "2026-07-04",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-45659"
    },
    {
      "cveID": "CVE-2026-48558",
      "vendor": "SimpleHelp ",
      "product": "SimpleHelp",
      "dateAdded": "2026-06-29",
      "dueDate": "2026-07-02",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-48558"
    },
    {
      "cveID": "CVE-2026-12569",
      "vendor": "PTC",
      "product": "Windchill and FlexPLM",
      "dateAdded": "2026-06-25",
      "dueDate": "2026-06-28",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-12569"
    },
    {
      "cveID": "CVE-2026-20230",
      "vendor": "Cisco",
      "product": "Unified Communications Manager",
      "dateAdded": "2026-06-25",
      "dueDate": "2026-06-28",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-20230"
    },
    {
      "cveID": "CVE-2025-67038",
      "vendor": "Lantronix",
      "product": "EDS5000",
      "dateAdded": "2026-06-23",
      "dueDate": "2026-06-26",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2025-67038"
    },
    {
      "cveID": "CVE-2026-34910",
      "vendor": "Ubiquiti",
      "product": "UniFi OS",
      "dateAdded": "2026-06-23",
      "dueDate": "2026-06-26",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-34910"
    },
    {
      "cveID": "CVE-2026-34909",
      "vendor": "Ubiquiti",
      "product": "UniFi OS",
      "dateAdded": "2026-06-23",
      "dueDate": "2026-06-26",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-34909"
    },
    {
      "cveID": "CVE-2026-34908",
      "vendor": "Ubiquiti",
      "product": "UniFi OS",
      "dateAdded": "2026-06-23",
      "dueDate": "2026-06-26",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-34908"
    },
    {
      "cveID": "CVE-2026-20253",
      "vendor": "Splunk",
      "product": "Enterprise",
      "dateAdded": "2026-06-18",
      "dueDate": "2026-06-21",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-20253"
    },
    {
      "cveID": "CVE-2026-48907",
      "vendor": "Widget Factory",
      "product": "Joomla Content Editor ",
      "dateAdded": "2026-06-16",
      "dueDate": "2026-06-19",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-48907"
    },
    {
      "cveID": "CVE-2026-54420",
      "vendor": "LiteSpeed",
      "product": "cPanel Plugin",
      "dateAdded": "2026-06-15",
      "dueDate": "2026-06-18",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-54420"
    },
    {
      "cveID": "CVE-2026-20262",
      "vendor": "Cisco",
      "product": "Catalyst SD-WAN Manager",
      "dateAdded": "2026-06-15",
      "dueDate": "2026-06-29",
      "remediationWindowDays": 14,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-20262"
    },
    {
      "cveID": "CVE-2026-35273",
      "vendor": "Oracle",
      "product": " PeopleSoft Enterprise PeopleTools",
      "dateAdded": "2026-06-12",
      "dueDate": "2026-06-15",
      "remediationWindowDays": 3,
      "ransomware": true,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-35273"
    },
    {
      "cveID": "CVE-2026-10520",
      "vendor": "Ivanti",
      "product": "Sentry",
      "dateAdded": "2026-06-11",
      "dueDate": "2026-06-14",
      "remediationWindowDays": 3,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-10520"
    },
    {
      "cveID": "CVE-2026-11645",
      "vendor": "Google",
      "product": "Chromium V8",
      "dateAdded": "2026-06-09",
      "dueDate": "2026-06-23",
      "remediationWindowDays": 14,
      "ransomware": false,
      "nvd": "https://nvd.nist.gov/vuln/detail/CVE-2026-11645"
    }
  ]
}