Lots of analysis, the sections breaking down vulnerabilities by vendors and severity. Some of the total counts with the vendors were unexpected to me, the counts made sense when you finally see them. It’s just that I did not expect some of the orders.
The later charts only including the high severity counts were more of what I expected.
You can read the report here, it’s not huge.