December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity
Summary
December 2025 experienced a 120% increase in critical CVEs, with 22 vulnerabilities exploited. React2Shell (CVE-2025-55182) was the most prominent threat, targeting Meta's React framework.
IFF Assessment
FOE
The increase in critical vulnerabilities and active exploitation represent a significant threat to defenders.
Severity
9.8
Critical
(AI Estimated)
Defender Context
The surge in critical vulnerabilities, especially those under active exploitation like React2Shell, requires immediate attention. Defenders should prioritize patching, monitoring for exploitation attempts, and understanding the specific attack vectors associated with the React2Shell vulnerability. This reflects a trend of attackers rapidly weaponizing vulnerabilities in popular frameworks.