Learn more.
Contact Us
Talk to an Expert
Request a demo

Q1 2021 CVE Review

Apr 7, 2021
Jerry Gamblin
Director of Security Research at Kenna Security

Share with Your Network

Since this week marks the start of the 2nd quarter, I figured it would be interesting to see where we are with the number of CVEs published this year.

Since January 1st, 2021, the NVD has published:

2792 CVEs 

31 Per Day

The five busiest publishing dates were: 

2021-01-20    201

2021-01-12    127

2021-01-13    126

2021-03-11    107

2021-02-04     92

CVEs published per day in Q1 2021

a line graph showing CVEs published per day in Q1 2021


How does this compare to CVEs published in Q1 2020  

From January 1st, 2020 to April 1st, 2020, there were:

2484 CVEs

27 Per Day

7.11 Average CVSS 3 Score

27.2 Average Kenna Risk Score. 

The five busiest publishing dates in the 1st quarter last year were: 

2020-03-12    284

2020-01-15    228

2020-02-11    163

2020-03-25    100

2020-02-13     79


CVEs published in 2020 presented in a calendar heat map. Dark reds represented highest days of published CVEs

Looking Ahead

In Q1 of 2020, 15% of CVEs were published (2484 of 15789). If that number were to hold for this year, we are looking at over 17800 CVEs this year (although I would bet the over).  Here is a Jupyter notebook you can use to get access to the full data set:

Listen to our podcast as we look into how 2021 is shaping up.

Share with Your Network

Read the Latest Content

Trending Vulns

March Vuln of the Month: CVE-2021-24094

It’s Exploit Wednesday, and that means we’re publishing the second entry in our new Vuln of the Month blog series. If you missed last month’s debut, this series spotlights a named CVE that may not already be on your radar screen, but probably should be. This month’s vuln: CVE-2021-24094 Kenna Security’s research team is closely…

Employee Spotlight

Employee Spotlight: Jet’s Pizza with Jerry Gamblin

In an unlikely story of true love, a young Jerry Gamblin came to know the love of his life, his raison d’être, his ride-or-die—computers and “hacker-y stuff”—during the early 1990s. Decades later, Jerry and his “hacker-y” obsession are still going strong.  Technically speaking, Jerry serves as Principal Security Engineer at Kenna Security. Un-technically speaking, he’s…

Threat Intelligence

CVE-2020-0601 FAQ

UPDATE 2020-01-17: Updated to clarify that Windows 7 is NOT affected. Breaking down CVE-2020-0601, Microsofts’ cryptoAPI vulnerability This week’s announcement of a major vulnerability in the Windows CryptoAPI (crypt32.dll) (CVE-2020-0601) component has generated a lot of buzz in security circles and has brought a variety of questions to our Research team. This post summarizes some…

Sign up to get the latest updates

© 2021 Kenna Security. All Rights Reserved. Privacy Policy.