Quantifying 2026 Routinely Targeted Vulnerabilities (So Far)

VulnCheck identified 25 CVEs disclosed in 2026 that have been routinely targeted by adversaries and researchers so far this year, drawing from a global body of exploit code and exploitation data.

9 Year-Old PHP Vulnerability Keeps Swinging As One of the Most Targeted Vulnerabilities

CVE-2017-9841 is still a primary exploit path for several botnets. What is old is still new in the eyes of cybercrime.

The First CVE Wave: Signs That AI-Assisted Vulnerability Discovery Is Reshaping Disclosure Volumes

Public CVE disclosure volumes are surging across major software suppliers and open source projects, and the evidence increasingly points to AI-assisted vulnerability discovery as the driving force.