A joint security advisory issued by several cybersecurity agencies from the US, UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years. Most of the top targeted bugs last year were disclosed since the start of 2020, with this trend stemming from the recent move to remote work since the beginning of the pandemic. Four of the most routinely targeted vulnerabilities during 2020 impact work-from-home (WFH), VPNs, or cloud-based technologies, as revealed in the table below. Among those highly exploited in 2021 are vulnerabilities in Microsoft, Pulse, Accellion, VMware, and Fortinet.
Source: https://www.bleepingcomputer.com/news/security/fbi-reveals-top-targeted-vulnerabilities-of-the-last-two-years/