Inside the most-commonly exploited CVEs of 2022

Half of the 12 most commonly exploited cybersecurity vulnerabilities in 2022 were found in 2021, while flaws in Microsoft products accounted for a third, according to a Five Eyes advisory. Two-thirds of vulnerabilities were from Atlassian, Microsoft and VMware products. Patching issues and a lack of adherence to secure design principles are exacerbating cyber risks. The alliance reiterated the need for vendors to follow secure design practices and for organisations to manage patches timely and review their software providers’ commitment to security.