- What is the Patchstack CNA?
- Patchstack is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 14,729 CVE records since 2021.
- How many CVEs has Patchstack published?
- Patchstack has published 14,729 CVE records, including 11,973 in the last two years.
- What is Patchstack's CVE data quality grade?
- RadicalNotion.AI grades Patchstack's CVE data quality as A, with an overall completeness score of 96.7%. This reflects how consistently its CVE records include vendor (99.8%), product (100%), CVSS (87%), and CWE (100%) information.
- What products does Patchstack publish CVEs for?
- Patchstack most frequently publishes CVEs for ProfileGrid, Quiz And Survey Master, GiveWP, JetEngine, JS Help Desk.
- Which vendors does Patchstack cover?
- Patchstack publishes CVEs across 6,829 distinct vendors, most often ThemeREX, AncoraThemes, AxiomThemes, Mikado-Themes, Crocoblock.
- Is Patchstack actively publishing CVEs?
- Patchstack is currently active, based on 11,973 CVEs in the last two years.
- What is the average severity of Patchstack's CVEs?
- The average CVSS base score across Patchstack's scored CVEs is 6.4.
- How many critical CVEs has Patchstack published?
- Patchstack has published 1,491 critical-severity CVEs and 7,234 high-severity CVEs.
- Are any of Patchstack's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of Patchstack's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in Patchstack's CVEs?
- Patchstack's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-862 (Missing Authorization), CWE-352 (Cross-Site Request Forgery (CSRF)), CWE-98 (Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')).
- How does Patchstack rank among CNAs?
- By total CVE volume, Patchstack ranks #2 of 370 CNAs, and it reports more complete CVE records than 45% of all CNAs.