Breakdown of CVE by categories (1999-2025)

Below you'll find a graph showing the number of CVEs (Common Vulnerabilities and Exposures) classified by category (overflow, cross-site scripting, etc.). This graph allows you to visualize the distribution of the different types of vulnerabilities discovered and disclosed. By analyzing this data, you can better understand current trends in IT security and identify the most frequent categories of vulnerability.

Evolution of CVE classified by category

Below, you will find a graph displaying the number of CVEs (Common Vulnerabilities and Exposures) categorized by type (overflow, cross-site scripting, etc.) since the year 2000. This graph allows you to visualize the evolution and distribution of different types of vulnerabilities discovered and disclosed over the years. By analyzing this data, you can better understand historical trends in cybersecurity and identify the most common categories of vulnerabilities.

Categories	Nb CVE
Cross-site Scripting	39,787
Overflow	36,416
SQL Injection	16,964
Authorization problems	16,438
Memory Corruption	10,335
Cross-Site Request Forgery - CSRF	8,325
Directory Traversal	7,759
Code Injection	5,383
OS Command Injection	4,879
File Inclusion	3,530
Improper Privilege Management	3,332
Command Injection	2,779
Server-Side Request Forgery - SSRF	1,834
Input Validation	444

Categories	2000 Nb CVE	2001 Nb CVE	2002 Nb CVE	2003 Nb CVE	2004 Nb CVE	2005 Nb CVE	2006 Nb CVE	2007 Nb CVE	2008 Nb CVE	2009 Nb CVE	2010 Nb CVE	2011 Nb CVE	2012 Nb CVE	2013 Nb CVE	2014 Nb CVE	2015 Nb CVE	2016 Nb CVE	2017 Nb CVE	2018 Nb CVE	2019 Nb CVE	2020 Nb CVE	2021 Nb CVE	2022 Nb CVE	2023 Nb CVE	2024 Nb CVE	2025 Nb CVE
Overflow	11	23	37	86	154	221	397	849	1,412	1,978	2,523	3,172	3,912	4,670	5,442	6,429	7,721	10,845	13,527	16,273	18,822	21,798	25,495	29,165	32,626	36,416
Code Injection	4	6	7	20	35	65	247	549	852	1,176	1,430	1,531	1,666	1,804	1,995	2,045	2,069	2,158	2,323	2,461	2,562	2,719	2,903	3,193	3,937	5,383
Authorization problems	3	5	9	15	24	45	63	131	274	498	578	638	753	864	1,017	1,055	1,115	1,669	2,360	3,322	4,620	5,868	7,545	9,459	12,511	16,438
Cross-site Scripting	1	1	2	40	76	130	255	607	1,390	2,196	2,805	3,262	4,002	4,612	5,638	6,367	6,838	8,321	10,331	12,659	14,788	17,501	20,669	25,294	31,562	39,787
Directory Traversal	0	5	5	19	44	62	89	250	596	917	1,193	1,300	1,422	1,523	1,720	1,861	1,939	2,216	2,779	3,259	3,687	4,227	4,952	5,717	6,721	7,759
File Inclusion	0	3	3	4	4	9	13	14	14	14	14	14	14	14	14	16	26	118	296	505	734	1,034	1,509	2,027	2,748	3,530
Memory Corruption	0	0	2	3	10	13	18	22	29	44	87	156	241	286	329	379	611	1,257	2,027	2,832	3,393	4,319	5,435	6,350	8,284	10,335
Improper Privilege Management	0	0	2	2	3	3	4	5	7	9	11	14	18	19	35	42	53	149	283	453	750	1,117	1,406	1,715	2,367	3,332
OS Command Injection	0	0	2	5	5	7	9	15	21	38	52	66	81	114	162	196	227	384	717	1,107	1,644	2,136	2,715	3,281	4,079	4,879
SQL Injection	0	0	1	10	23	77	179	433	1,503	2,462	2,977	3,274	3,514	3,657	3,954	4,166	4,262	4,766	5,268	5,811	6,268	7,011	8,738	10,737	13,286	16,964
Server-Side Request Forgery - SSRF	0	0	0	1	2	2	2	2	2	2	3	3	3	3	3	3	10	55	130	220	338	527	732	970	1,310	1,834
Cross-Site Request Forgery - CSRF	0	0	0	1	3	9	12	49	126	238	312	370	524	641	875	1,125	1,212	1,527	1,980	2,518	2,917	3,383	4,071	5,236	6,455	8,325
Command Injection	0	0	0	0	0	1	1	1	1	1	3	3	3	4	16	57	82	190	262	391	535	841	1,071	1,570	2,065	2,779
Input Validation	0	0	0	0	0	0	0	0	2	2	2	2	2	2	2	2	2	2	2	2	5	26	114	144	257	444

Distribution of CVE Categories

Breakdown of CVE by categories (1999-2025)

Evolution of CVE classified by category