One of the biggest challenges for cyber security teams is to have a good vulnerability management policy, since in real-life it is impossible to patch every vulnerability once it is discovered. In this report we point you to the CVEs that were popular among threat actors on the Dark and Deep Web during the past year. In order to identify these CVEs, we examined 15 different Deep and Dark Web forums in English, Russian, Turkish, Chinese and Spanish (more than half were Russian-speaking forums). The research was focused on the CVE- related posts that were published on these sources between January 01, 2020 and March 01, 2021. Of note, to avoid numerous duplicates, replies to posts were not collected and analyzed. While working on the findings’ analysis, we realized that the popularity of a CVE isn’t necessarily based on the number of posts published about it. Since a post can receive many replies and raise interest or not receive any replies at all, the distribution of each CVE in these forums should also be taken in consideration. A wide distribution of CVE-related posts among multiple forums in different languages can also be an indication for the CVE’s popularity. Introduction 2 Vulnerability Threat Intelligence Report