December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity
ID: 1efe5531-f03b-5d2a-9585-7332b9021776
STIX ID: report--1efe5531-f03b-5d2a-9585-7332b9021776
Feed Name: Recorded Future Blog
**Recorded Future — December 2025 summary:** Insikt Group reports a 120% month-over-month increase in high-impact vulnerabilities with 22 actively exploited CVEs in December, dominated by the React2Shell (CVE-2025-55182) unauthenticated deserialization RCE affecting React Server Components and Next.js; multiple nation-state and criminal actors rapidly weaponized public PoCs to deploy numerous malware families (RATs, backdoors, and ransomware). The report includes observed campaigns (e.g., UAT-9686 against Cisco SEG), known C2 infrastructure, recommended immediate patches and detection guidance, and Nuclei templates for safe detection.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.