The second most impacted class had been network-edge units with 77 KEVs. This class contains community safety home equipment, routers, firewalls, and VPN gateways, which have been a rising goal over the previous couple of years, particularly for nation-state cyberespionage teams.
Server software program (61 KEVs), open-source software program (55), and working methods (38) full the highest 5 most focused classes, with {hardware} units — together with digicam methods, DVRs, NVRs, IP telephones, and different embedded units — coming in sixth. VulnCheck notes that lots of the flaws within the {hardware} machine class got here from assault information collected by Shadowserver, highlighting that exposing such units on to the web isn’t a good suggestion.
When it comes to distributors, Microsoft was essentially the most focused, with 32 KEVs, 26 of which had been for Home windows, adopted by Cisco (10), and Apple, Totolink, and VMware, every with six KEVs. It’s price noting although that not all new KEVs are new vulnerabilities. Whereas 1 in 3 had been zero-days or 1-days, many are older vulnerabilities that simply began to be exploited in 2025, placing them on the brand new KEV record.
