Vulnerability Trends Summary
As part of our monthly vulnerability trends, this report shows the monthly top 10 trends on security vulnerabilities and how hackers, malware, and exploit kits are exploiting those vulnerabilities. To demonstrate, we assign vulnerability trends value as a percentage of how each vulnerability is significantly gaining the attention of cybersecurity communities, attackers, together with malware. In either case, companies can benefit from the report to have more cyber threat insights and relatively anticipate attacks wave that might target their public assets in the following months.
Subscribe to the monthly vulnerability digest report by clicking here.
Download the full vulnerability digest report by clicking here.
The following chart shows the trends.

March 2021 was the month of Microsoft Exchange where most of the trends and attacks were related to the critical RCE and SSRF in Microsoft Exchange. Those vulnerabilities got realized after discovering attacks weaponizing them to target official and government organizations.
Other critical and important vulnerabilities were discovered in F5 BIG-IP, OpenSSL, and VMware.
The following table shows the details of the trends.
CVE | Vulnerability | Publish Date | Exploited | Trends* |
CVE-2021-226855 | SSRF in Microsoft Exchange | 02/03/2021 | Yes | 32% |
CVE-2021-22986 | Remote Code Execution in F5 BIG-IP API | 10/03/2021 | Yes | 26% |
CVE-2021-27065 | Arbitrary Files Write in Microsoft Exchange | 02/03/2021 | Yes | 10% |
CVE-2021-22987 | Remote Code Execution in F5 BIG-IP | 10/03/2021 | No | 7% |
CVE-2021-26857 | Remote Code Execution in Microsoft Exchange | 02/03/2021 | Yes | 6% |
CVE-2021-3450 | Certificate Validation Bypass in OpenSSL | 23/03/2021 | No | 4% |
CVE-2021-21978 | Remote Code Execution in VMware Planner | 03/03/2021 | Yes | 4% |
CVE-2021-2449 | Denial of Service in OpenSSL | 23/03/2021 | Yes | 4% |
CVE-2021-21193 | Code Execution in Google Chrome | 12/03/2021 | Yes | 4% |
CVE-2021-21975 | SSRF in VMware vRealize | 30/03/2021 | Yes | 3% |
Subscribe to the monthly vulnerability digest report by clicking here.
Download the full vulnerability digest report by clicking here.
1. CVE-2021-26855 SSRF in Microsoft Exchange
Remote code execution on Microsoft Exchange Server through server-side-request-forgery (SSRF) vulnerability which allows an unauthenticated attacker to exploit this vulnerability and execute arbitrary codes.
2. CVE-2021-22986 Remote Code Execution in F5 BIG-IP API
F5 iControl REST interface has remote code execution vulnerability through the BIG-IP management interface and self IP addresses, which allow an attacker to execute arbitrary system commands, create or delete files, and disable services.
CVSS Rate | 9.8 Critical |
Exploited | Yes |
Links | https://support.f5.com/csp/article/K03009991 https://packetstormsecurity.com/files/162066/F5-BIG-IP-16.0.x-Remote-Code-Execution.html |
3. CVE-2021-27065 Arbitrary File Write in Microsoft Exchange
Arbitrary files write on any path on Exchange server. This vulnerability is used as a post-authentication exploit mainly after exploiting CVE-2021-26855.
4. CVE-2021-22987 Remote Code Execution in F5 BIG-IP
F5 BIG-IP when running in Appliance mode, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages.
CVSS Rate | 9.8 Critical |
Exploited | No |
Links | https://support.f5.com/csp/article/K18132488 |
5. CVE-2021-26857 Remote Code Execution in Microsoft Exchange
Deserialization vulnerability exists in Exchange Server’s Unified Messaging (voicemail) service. This vulnerability is used as a post-authentication exploit mainly after exploiting CVE-2021-26855.
CVSS Rate | 7.8 High |
Exploited | Yes |
Links | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26857 |
6. CVE-2021-3450 Certificate Bypass in OpenSSL
OpenSSL has a vulnerability that prevents applications from detecting and rejecting TLS certificates that aren’t digitally signed by a browser-trusted certificate authority.
CVSS Rate | 7.4 High |
Exploited | No |
Links |
7. CVE-2021-21978 Remote Code Execution in VMware Planner
VMware View Planner contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application by any unauthenticated user with network access.
CVSS Rate | 9.8 Critical |
Exploited | Yes |
Links | https://www.vmware.com/security/advisories/VMSA-2021-0003.html https://packetstormsecurity.com/files/161879/VMware-View-Planner-4.6-Remote-Code-Execution.html |
8. CVE-2021-3449 Denial of Service in OpenSSL
OpenSSL has a denial of service vulnerability that can be exploited by any client if sent a maliciously crafted renegotiation ClientHello message.
CVSS Rate | 5.9 Medium |
Exploited | Yes |
Links |
9. CVE-2021-21193 Code Execution in Google Chrome
Use after free in Blink in Google Chrome allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Rate | 8.8 High |
Exploited | Yes |
Links | https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html |
10. CVE-2021-21975 SSRF in VMware vRealize
Server Side Request Forgery in vRealize Operations Manager API may allow a malicious actor with network access to exploit this vulnerability and compromise administrative credentials.
CVSS Rate | 9.8 Critical |
Exploited | Yes |
Links | https://www.vmware.com/security/advisories/VMSA-2021-0004.html |