2024 CVEs in Review – Vulnerability Blog
This blog covers all things security, with a heavy focus on vulnerabilities, security assessment, open source intelligence (OSINT), and offensive security, with a strong emphasis on real world examples and scenarios. This blog will review security tooling, tactics, techniques, and technical deep dives into relevant security and technology topics. Join our discord for free to learn from the best in Cybersecurity!
Now that 2024 has come to its conclusion, I’ve decided to kick off a post outlining some observations, trends, and insights for the CVEs published. As always more information is available in our Discord along side industry leading cybersecurity experts; including the data and SQL queries used, check it out here! In short, 2024 was a weird year for CVEs and this post will hopefully share some of the insights into what makes it weird.
TL;DR — the trends in 2024 tell a much deeper story. The average CVSS 3.1 scores dropped from High (7.09) to Medium (6.9), fewer overall CVEs were reserved; including fewer Critical and High severity, some products saw historic volume increases for published CVEs , and more!
