CVE/NVD Failed to Report and Detail 27.3% of Vulnerabilities in 2022 H1

Today, Flashpoint releases the State of Vulnerability Intelligence: 2022 Midyear Edition, a report designed to help organizations understand and properly contextualize the vulnerability landscape. The report also determines best practices for mitigating risk while making vulnerability workloads more manageable.

Powered by VulnDB®, the most comprehensive and timely source of vulnerability intelligence available, the report details the following:

• Flashpoint collected 11,860 vulnerabilities in the first six months of the year, while CVE/NVD failed to report and detail 27.3% of them.
  
• Flashpoint found that 52% of all 10.0 vulnerabilities reported in 2022 H1 are likely scored incorrectly. Vulnerability Management Programs using CVSSv2 scores as a basis for prioritization may spend resources triaging issues that could be much less severe.
  
• Flashpoint has observed a discrepancy of 85 percent concerning “discovered-in-the-wild” vulnerabilities reported in 2022 H1, when compared to resources such as Google’s Project Zero— suggesting that exploitation more often occurs outside of Advanced Persistent Threat (APT) attacks.
  
• Security teams can maximize resources and reduce their immediate workload by 82% by first focusing on actionable, high severity vulnerabilities; more details can be found in the report.
  

Download the free report

Click here to download your free copy.