Vendor Share of 2025 CISA KEV Entries

Stay ahead of attackers by understanding the 2025 vulnerability landscape. Cyzo’s report on CISA KEV entries reveals that while thousands of CVEs exist, hackers overwhelmingly focus on a few key enterprise vendors. See the full breakdown of vendor risk shares.

1 min read

What are vulnerabilities?

Security holes in software that hackers can break into.

What are patches?

Updates that fix security problems in apps and devices.

What is an exploit?

A method hackers use to break through a security hole.

What is CISA KEV?

A trusted list of security problems that are already being used by hackers.

Total Known Exploited Vulnerabilities (CISA KEV) in 2025

1,484 total vulnerabilities listed in CISA’s KEV Catalog by end of 2025. This list is cumulative. 245 new ones were added in 2025.

Vendor Breakdown (Top Vendors)

Microsoft: 24%
Apple: 6%
Cisco: 6%
Adobe: 5%
Google: 5%
Other vendors: 54%

Takeaway

While the CISA KEV catalog tracks actively exploited vulnerabilities, the distribution of those flaws is heavily concentrated in a small group of major vendors. Microsoft alone accounts for nearly a quarter of all known exploited vulnerabilities listed in 2025 — indicating that attackers are disproportionately targeting widely deployed platforms.”

Thousands of vulnerabilities are published every year, but only a small percentage are actually exploited by attackers. Some flaws stay theoretical, while others are actively weaponized. This is why prioritization matters — focusing on what attackers are really using reduces risk faster.