Action1 2026 Software Vulnerability Ratings Report
2025 changed the math on software risk. Vulnerability disclosures nearly doubled — and severity climbed with them. Exploitation windows got shorter. Attackers got faster. The “patch it next week” approach stopped being a minor inefficiency and became a genuine liability.
Now in its third year, the Action1 Software Vulnerability Ratings Report maps where risk grew fastest in 2025 — across network infrastructure, enterprise applications, browsers, operating systems, office tools, mobile platforms, and more — giving IT and security teams a clearer picture of where attacker focus is shifting and where patching cadence needs to change.
Key Insights:
- Total vulnerabilities increased 92% compared to 2024, while critical and high-severity issues more than doubled.
- macOS vulnerabilities grew by more than 1,000%, complicating the assumption that Mac fleets carry lower default risk.
- Enterprise application exploitation surged 800%, putting business-critical platforms squarely in attackers’ sights.
- Network infrastructure was the fastest-growing risk area, with vulnerabilities up 162% and critical issues up 235%.
- Office productivity tools saw exploitation decline, but critical vulnerabilities still rose 229%.
Why Download
Find out which software categories became riskier in 2025, where attacker focus is moving next, and what the data says about the cost of slow patching.
Download the report to get ahead of the vulnerability trends shaping 2026.