Feeds2.Feedburner
Surge in Open-Source Vulnerabilities in Commercial Codebases
First seen 26 Feb 2026, 15:13 UTC
•
•91% similarity
•47.3
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The 2026 Open Source Security and Risk Analysis report by Black Duck reveals a 107% increase in open-source vulnerabilities in commercial codebases from 2023 to 2024. The average number of vulnerabilities per codebase rose from 280 to 581, driven by a 74% increase in codebase size and a 30% rise in open-source components. Nearly all audited codebases now contain open-source components, heightening security exposure.
ThreatCluster AI
Timeline
2020-04-29
CVE-2020-11023 published
2020-04-29
CVE-2020-11022 published
2024-01-01
Average vulnerabilities per codebase increased from 280 to 581
2024-01-01
Average number of files per codebase increased by 74%
2024-01-01
Average number of open-source components increased by 30%
2026-02-26
Black Duck's 2026 OSSRA report published