Reports
Weekly Enterprise  Exploitation Trend Report
Manage view

Weekly Enterprise Exploitation Trend Report

25-03-2026 to 31-03-2026
The report focuses solely on the exploitation statistics specific to enterprise vendors and their products over the past week, providing valuable insights to prioritize security measures and address emerging threats effectively.
Download PDF
Subscribe
259
259
Actively Exploited Vulnerabilities
113
113
Vendors Actively Exploited
Apache
Apache
Most Exploited Vendor
Apache HTTP Server
Apache HTTP Server
Most Exploited Product
Top 10 Actively Exploited Vendors
1
Apache
2
Ivanti
3
Atlassian
4
Cisco
5
Microsoft
6
Citrix
7
Oracle
8
VMware
9
Palo Alto Networks
10
Adobe
Top 10 CVEs of 2025 with the Highest EPSS Scores -31-03-2026
1
CVE-2023-23752
  • Joomla
  • Improper Access Control
  • EPSS: 0.94527
  • Percentile: 1
2
CVE-2024-6670
  • WhatsUp Gold
  • SQL Injection
  • EPSS: 0.94468
  • Percentile: 0.99997
3
CVE-2023-35078
  • Ivanti EPMM
  • Authentication Bypass
  • EPSS: 0.94468
  • Percentile: 0.99997
4
CVE-2024-23897
  • Jenkins
  • Arbitrary File Read
  • EPSS: 0.94466
  • Percentile: 0.99996
5
CVE-2023-44487
  • HTTP/2 protocol
  • DoS
  • EPSS: 0.9445
  • Percentile: 0.99992
6
CVE-2024-21887
  • Ivanti Connect Secure
  • Code Injection
  • EPSS: 0.94443
  • Percentile: 0.99991
7
CVE-2023-32315
  • Openfire
  • Path Traversal
  • EPSS: 0.94441
  • Percentile: 0.9999
8
CVE-2024-7593
  • Ivanti vTM
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99986
9
CVE-2023-46747
  • F5 BIG-IP Configuration Utility
  • Authentication Bypass
  • EPSS: 0.94436
  • Percentile: 0.99985
10
CVE-2023-46604
  • Java OpenWire protocol
  • Code Injection
  • EPSS: 0.94436
  • Percentile: 0.99986
Top Exploited CVEs Against Enterprise Applications
CVE-2021-42013
Critical
Critical
Critical
Critical
Apache
  • Code/command Injection and Execution
  • Apache HTTP Server
  • Used by Ransomware
    -
    China
CVE-2023-20198
Critical
Critical
Critical
Critical
Cisco
  • Code/command Injection and Execution
  • Cisco IOS XE
  • -
    United States
CVE-2022-41082
Critical
Critical
Critical
Critical
Microsoft
  • Code/command Injection and Execution
  • Exchange
  • Used by Ransomware
    -
    United States
CVE-2017-9841
Critical
Critical
Critical
Critical
PHPUnit - Sebastian Bergmann
  • Code/command Injection and Execution
  • PHPUnit
  • -
    United States
CVE-2025-5777
Critical
Critical
Critical
Critical
Citrix
  • Out-of-Bounds Read 
  • Citrix NetScaler
  • Used by Ransomware
    -
    United States
CVE-2025-55182
Critical
Critical
Critical
Critical
Meta
  • Code/command Injection and Execution
  • React Server Components
  • Used by Ransomware
    -
    India
CVE-2019-1653
High
High
High
High
Cisco
  • Sensitive Information Disclosure
  • Cisco RV320/RV325
  • -
    United States
CVE-2021-44228
Critical
Critical
Critical
Critical
Apache
  • Out-of-Bounds Read 
  • Log4j
  • Used by Ransomware
    -
    United States
CVE-2024-8963
Critical
Critical
Critical
Critical
Ivanti
  • Path Traversal
  • Ivanti CSA
  • -
    United States
CVE-2022-37042
Medium
Medium
Medium
Medium
Synacor
  • Authentication Bypass
  • Zimbra Collaboration Suite
  • Used by Ransomware
    -
    United States
Top 10 Targeted Countries
Top 10 Targeted Countries
China
:
56758
United States
:
37819
Pakistan
:
10502
Vietnam
:
9011
India
:
8157
UK
:
4095
South Korea
:
3706
Singapore
:
3536
Germany
:
3109
Brazil
:
2929
Actively Exploited Enterprise Vendors
Apache | Ivanti | Atlassian | Cisco | D-Link | Microsoft | Citrix | Oracle | VMware | Palo Alto Networks | Adobe | Netgear | F5 | Fortinet | Spring | Zoho | Progress | Draytek | Geoserver | QNAP | SAP | ZyXEL | SysAid | Wordpress | Realtek | Synacor | SolarWinds | Juniper | Hikvision | Sonatype | SonicWall | JetBrains | Dassualt Systems | Aviatrix | IBM | Gladinet | Tenda | Zimbra | Grafana | CrushFTP | Dasan | PHPUnit - Sebastian Bergmann | Meta | Check Point | Pulse Secure | Zyxel/Billion | mongo-express | vBulletin | Barco/AWIND | ASUS | PrimeFaces | Drupal | ConnectWise | Elastic | Laravel | nostromo | Terramaster | LG | Linear | Paessler | ownCloud | Schneider Electric | Open Source Matters, Inc/Joomla community | Webmin | TP-Link | PHP Foundation | Telerik | Langflow | SaltStack | CyberPanel | ForgeRock | NextGen Healthcare | XWiki | Yealink | PaperCut | GLPI (teclib) | Mitel | Sophos | dotCMS | FreePBX | Dahua | WSO2 | CONTEC | MobileIron | wftpserver.com | MinIO | Qlik | Sunhillo | Fortra | Micro Focus | Sitecore | Rejetto | Commvault | Metabase | Jenkins | Lime Technology | Roundcube | Versa | NAKIVO | Hitachi Vantara | Wazuh | Kentico | RedHat | Node.js | Cacti | SmarterTools | HPE | GitLab | SugarCRM | Array Networks | DigiEver | GeoVision | Cleo
Most Active Ransomware Groups
#
Industry
Country
Ransomware
1
1
Telecommunications
Industry
United States
Country
qilin
2
2
Government
Industry
United States
Country
payoutsking
3
3
Education
Industry
United States
Country
worldleaks
4
4
Financial Services
Industry
Spain
Country
nightspire
5
5
Energy
Industry
Panama
Country
everest
6
6
Financial Services
Industry
United States
Country
leaknet
7
7
Legal
Industry
United States
Country
inc ransom
8
8
Retail
Industry
United States
Country
shinyhunters
9
9
Legal
Industry
United States
Country
securotrop
10
10
Technology
Industry
France
Country
coinbase cartel
Ransomware Posting Frequency by Group - Last 7 Days
Remotely Exploited CISA KEV CVEs Added
These vulnerabilities have been newly added to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations should prioritize addressing them  to mitigate risks.
CVE-2025-53521
CVE-2025-54068
CVE-2026-33634
CVE-2026-33017
CVE-2025-32432
CVE-2025-54068
CVE-2025-43510
CVE-2025-43520
CVE-2025-31277
CVE-2026-20131
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Threat Exposure Management
Agentic AI -Assisted Exposure Assessment & Adversarial Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2025 NetSentries Technologies Inc.  All Rights Reserved.
Privacy Policy