AI shrinks vulnerability exploitation window to hours

Synack’s 2026 State of Vulnerabilities Report shows published CVEs rose to 48,244 in 2025 with a 10% increase in high-severity issues and 37% of findings classified as critical/high; AI-enabled adversaries are shortening the window from disclosure to exploitation (notably React2Shell/CVE-2025-55182 permitting unauthenticated RCE), while mean time to remediation fell from 63 to 38 days as organizations adopt continuous validation and PTaaS to keep pace.