Breakdown of CVE by categories (1999-2026)

Below you'll find a graph showing the number of CVEs (Common Vulnerabilities and Exposures) classified by category (overflow, cross-site scripting, etc.). This graph allows you to visualize the distribution of the different types of vulnerabilities discovered and disclosed. By analyzing this data, you can better understand current trends in IT security and identify the most frequent categories of vulnerability.

Evolution of CVE classified by category

Below, you will find a graph displaying the number of CVEs (Common Vulnerabilities and Exposures) categorized by type (overflow, cross-site scripting, etc.) since the year 2000. This graph allows you to visualize the evolution and distribution of different types of vulnerabilities discovered and disclosed over the years. By analyzing this data, you can better understand historical trends in cybersecurity and identify the most common categories of vulnerabilities.

Categories	Nb CVE
Cross-site Scripting	42795
Overflow	38261
Authorization problems	19238
SQL Injection	18385
Memory Corruption	11605
Cross-Site Request Forgery - CSRF	8843
Directory Traversal	8461
Code Injection	5948
OS Command Injection	5418
File Inclusion	3921
Improper Privilege Management	3723
Command Injection	3133
Server-Side Request Forgery - SSRF	2219
Input Validation	547

Categories	2000 Nb CVE	2001 Nb CVE	2002 Nb CVE	2003 Nb CVE	2004 Nb CVE	2005 Nb CVE	2006 Nb CVE	2007 Nb CVE	2008 Nb CVE	2009 Nb CVE	2010 Nb CVE	2011 Nb CVE	2012 Nb CVE	2013 Nb CVE	2014 Nb CVE	2015 Nb CVE	2016 Nb CVE	2017 Nb CVE	2018 Nb CVE	2019 Nb CVE	2020 Nb CVE	2021 Nb CVE	2022 Nb CVE	2023 Nb CVE	2024 Nb CVE	2025 Nb CVE	2026 Nb CVE
Overflow	11	23	37	86	154	221	397	849	1,412	1,978	2,523	3,172	3,912	4,670	5,442	6,429	7,721	10,845	13,527	16,273	18,822	21,798	25,495	29,165	32,626	36,565	38,261
Code Injection	4	6	7	20	35	65	247	549	852	1,176	1,430	1,531	1,666	1,804	1,995	2,045	2,069	2,158	2,323	2,461	2,562	2,719	2,903	3,193	3,937	5,412	5,948
Authorization problems	3	5	9	15	24	45	63	131	274	498	578	638	753	864	1,017	1,055	1,115	1,669	2,360	3,322	4,620	5,868	7,545	9,459	12,511	16,605	19,238
Cross-site Scripting	1	1	2	40	76	130	255	607	1,390	2,196	2,805	3,262	4,002	4,612	5,638	6,367	6,838	8,321	10,331	12,659	14,788	17,501	20,669	25,294	31,562	39,978	42,795
Directory Traversal		5	5	19	44	62	89	250	596	917	1,193	1,300	1,422	1,523	1,720	1,861	1,939	2,216	2,779	3,259	3,687	4,227	4,952	5,717	6,721	7,790	8,461
File Inclusion		3	3	4	4	9	13	14	14	14	14	14	14	14	14	16	26	118	296	505	734	1,034	1,509	2,027	2,748	3,570	3,921
Memory Corruption			2	3	10	13	18	22	29	44	87	156	241	286	329	379	611	1,257	2,027	2,832	3,393	4,319	5,435	6,350	8,284	10,589	11,605
Improper Privilege Management			2	2	3	3	4	5	7	9	11	14	18	19	35	42	53	149	283	453	750	1,117	1,406	1,715	2,367	3,351	3,723
OS Command Injection			2	5	5	7	9	15	21	38	52	66	81	114	162	196	227	384	717	1,107	1,644	2,136	2,715	3,281	4,079	4,909	5,418
SQL Injection			1	10	23	77	179	433	1,503	2,462	2,977	3,274	3,514	3,657	3,954	4,166	4,262	4,766	5,268	5,811	6,268	7,011	8,738	10,737	13,286	17,122	18,385
Server-Side Request Forgery - SSRF				1	2	2	2	2	2	2	3	3	3	3	3	3	10	55	130	220	338	527	732	970	1,310	1,851	2,219
Cross-Site Request Forgery - CSRF				1	3	9	12	49	126	238	312	370	524	641	875	1,125	1,212	1,527	1,980	2,518	2,917	3,383	4,071	5,236	6,455	8,363	8,843
Command Injection						1	1	1	1	1	3	3	3	4	16	57	82	190	262	391	535	841	1,071	1,570	2,065	2,801	3,133
Input Validation									2	2	2	2	2	2	2	2	2	2	2	2	5	26	114	144	257	454	547

Distribution of CVE Categories

Breakdown of CVE by categories (1999-2026)

Evolution of CVE classified by category