What is the Xiaomi CNA?
Xiaomi is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 56 CVE records since 2020.
How many CVEs has Xiaomi published?
Xiaomi has published 56 CVE records, including 15 in the last two years.
What is Xiaomi's CVE data quality grade?
RadicalNotion.AI grades Xiaomi's CVE data quality as F, with an overall completeness score of 51.8%. This reflects how consistently its CVE records include vendor (37.5%), product (100%), CVSS (33.9%), and CWE (35.7%) information.
What products does Xiaomi publish CVEs for?
Xiaomi most frequently publishes CVEs for MIUI, ax3600, ax3600 firmware, Xiaomi Router AX3600, ax1800 firmware.
Which vendors does Xiaomi cover?
Xiaomi publishes CVEs across 1 distinct vendors, most often mi, Xiaomi.
Is Xiaomi actively publishing CVEs?
Xiaomi is currently active, based on 15 CVEs in the last two years.
What is the average severity of Xiaomi's CVEs?
The average CVSS base score across Xiaomi's scored CVEs is 7.1.
How many critical CVEs has Xiaomi published?
Xiaomi has published 1 critical-severity CVEs and 10 high-severity CVEs.
Are any of Xiaomi's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of Xiaomi's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in Xiaomi's CVEs?
Xiaomi's CVEs most often map to these CWE weakness types: CWE-346 (Origin Validation Error), CWE-306 (Missing Authentication for Critical Function), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')).
How does Xiaomi rank among CNAs?
By total CVE volume, Xiaomi ranks #159 of 370 CNAs, and it reports more complete CVE records than 8% of all CNAs.
